Stuart Fisher, the regional director APAC for Deep Instinct, a company that uses advanced artificial intelligence to detection of malware, told iTWire in an interview that what the market needed was next-generation endpoint security software is designed to prevent, detect and respond to previously unseen exploits and zero-day malware.
A 23-year veteran in the management and sales ranks, 15 of them in Asia – Fisher boasts capability in building rapid growth technology companies, including public firms.
Fisher was previously APAC managing director for anti-virus software firm Sophos and held several regional positions at Sophos over a 10 year period. He was interviewed by email.
Stuart Fisher: Traditional security providers generally detect known threats as they require previous knowledge of the threats to recognise them - which is great if you are only going to be attacked by threats that are already understood. Unfortunately, attackers today continue to utilise new and creative tactics so the value that traditional signature based or reactive solutions provide is in decline.
Examples of these tactics are the use of “fileless” malware and the use of “Dual Use” tools already present in a target's environment.
NGEP or next-generation endpoint security software is designed to prevent, detect and respond to previously unseen exploits and zero-day malware. The market for NGES tools continues to grow as organisations recognise the need for better threat prevention and detection technologies.
In fact there are more then 350,000 new machine-generated threats every day and their sophistication and complexity is accelerating. It means most of the existing solutions in the market can’t keep up; most of them are just reactive which is too little too late.
Are they (the new solutions) innovative enough to effectively guard Australian government and businesses against threats? The term innovative is flung around by all and sundry and has become a marketing term more than anything else – so what do you mean by innovative?
An approach is considered innovative when a technology is successfully applied in a new way to solve a problem, and results in a step change in performance over previous attempts. Applying new technologies to a well understood problem presents a valid alternative in both the government and commercial sectors.
As cyber criminals continue to adapt and incorporate new technologies, so must solutions that are deployed to protect their targets. The use of ‘Fileless’ malware and ‘Dual Use’ tools is already extremely prevalent. Recent campaigns that leverage AI are now also adding to this challenge.
Deep learning is one such innovative AI tool and is a revolutionary step forward for cyber security. It learns to detect any type of cyber threat and its prediction capabilities become distinctive whether a file is malicious or legitimate without any human intervention at all. It can recognise even the most sophisticated zero-day and advanced persistent threat (APT) malware and block it before it even has a chance to run.
Why do so many Australian businesses currently have a false sense of security when they aren’t actually protected against new threats like they might believe, because they are investing in the wrong security technology?
Awareness of this varies across different sectors and size of the organisation. Enterprise and government are already well aware of the limitations in legacy solutions.
Funding, inertia and priorities compete but the process of evaluating and deploying new solutions is well underway. Organisations that haven’t set a review of their current posture as a priority will come around as we continue to have greater visibility into and accountability for breaches that happen in our own backyard.
It’s clear from most security professionals I speak to that greater adoption of automation and AI to keep up with the volume and scope of threats is happening consistently across all sectors now.
What are the realities of cyber security and cyber terrorism – first, define the latter term.
The reality of cyber crime and cyber terrorism is that they both pose a real and increasingly dangerous risk to individuals, organisations and the whole country. Initiatives that co-ordinate resources and set standards are vital in working towards a state of preparedness that benefits all at risk,.
Cyber attacks become acts of cyber terrorism when the acts are politically motivated and the impact is used to benefit the terrorists agenda, usually by creating panic and fear.
What is the outlook for cyber security over the next few years in APAC (and in Australia specifically) and how should the government and private sectors prepare?
The cost of preparing for attacks and penalties for negligence will continue to increase, as will the volume and variety of attacks. Government and private sectors challenges are common and collaboration between the two will continue to advance.
The balance between government requirements and individual privacy will continue to be challenged strongly as governments implement policy and act to secure their interests. The recent breach of parliament house and political parties in Australia clearly illustrate the nature of the adversary and the scale of their objectives. This event is keenly observed at home and by our neighbours.
Anything to say on how the encryption bill will affect cyber security in Australia?
The impact of this move remains to be seen. Historically commercial organisations that have allowed backdoors to their products in this way have not fared well. The imperative to comply and the cost to do so is not properly understood yet.
Another difficulty for providers of technology is how to remain compliant in different geographies when legal requirements are opposed. It could be that when assessing the cost to comply versus the market opportunity, many solutions will just disappear in Australia.