‘There’s No Silver Bullet When It Comes To Cybersecurity’
Today, cybersecurity has become a day-to-day exercise of caution and proactive learning for people and organisations alike all over the world. As the threat landscape continues to expand, jolted by digital transformation and prolific growth in the number of devices, the challenges for the cybersecurity sleuths continue to mount too.
With the backdrop of Cybersecurity Awareness Month, Tenable CTO Glen Pendley spoke to BW Businessworld’s Rohit Chintapali on what an organisation’s approach to security in the digital realm should be like and the advantage bad actors have over cyber defenders today.
Excerpts:
Threat actors always seem to be one step ahead of the cybersecurity sleuths. Is this always true?
Yes, it does seem like this is always true. To be fair, there are a lot of instances where attackers are stopped. Those never make the news. But mostly the attackers definitely have an advantage here. A reason for that is cybersecurity vendors use various tools/products that look at specific parts of the attack surface such as laptops, servers or cloud. While they do an amazing job in securing or stopping attackers by enabling the defenders guard and monitor these specific areas, the attackers don’t limit themselves. Attackers actually go with the path of least resistance across the threat landscape. So, they actually have an advantage.
Is there any approach that the modern-day technology enables us with to stay one step ahead of the culprits online?
I like to view cybersecurity as two different halves. There is Activity-driven Security, which is security vendors and security that actively tries to stop bad guys. Things like XDR and MDR have done a pretty good job of correlating and taking a lot of data from different sources to try to pull it all together to help defenders actually stop the attacks. The other half, which is Preventative Security – there is room for growth here. This is where we have to try assess the security posture and enable people to do a better job of fixing issues before an attack actually happens. If organisations can get this part right, they can go a long way to actually reducing risk before attacks actually happen. This is where Tenable resides.
We are in an era of breakneck pace of technology progress. With the 5G launch happening globally, the tech-led growth is expected to accelerate further. What should be the approach in the present day for organisations and the consumers in such a fast and environment?
I think it's to do with acknowledging the fact that the attack surface has expanded. The amount of people I've spoken to who haven't even considered what 5G will mean for the threat landscape is astounding. The sheer number of organisations who are unaware about the threats posed to public clouds, despite it being around for a while is also huge.
But technology is evolving very fast. And what we have seen is that people have had a difficult time just trying to secure things like laptops, servers, data centres etc. So, I think it's important to at least acknowledge and put together a plan to try to get visibility into different parts of the attack surface. There is a huge visibility gap, not just from a technology perspective, but also from the acknowledgement perspective that the attack surfaces are genuinely changing. I would start there.
A lot of chasing has to be done no matter what technology comes up in cyber security …
There’s never going to be a silver bullet that does everything for you. I've given XDR some praise here, but there are tons of ways that you can evade those. But they do a much better job compared to old school AV (Anti-virus) engines.
Cybersecurity is an extremely difficult problem. Goal is to cover as much of your base as possible to reduce as much of the attack surface as you can and make it as difficult as possible for the attackers. Because attackers will stop doing what they are working on, if you make it too difficult. It's not worth their time and effort, unless it's like a nation-state type of attack. That's a whole different ball game. But 99 per cent of the time – just make it difficult and they'll go somewhere else. That's really what the goal should be.
What do you think about India and its contribution to the world of cybersecurity?
India has done an amazing job of not only producing high-quality engineers but also in generating the number of security operations focused talent. There's a company that I sold years ago to McAfee and the product I had taken over at McAfee – it had its entire Security Operations Center (SOC) based in India. That was 15 years ago. So, I think India has always been pretty good when it comes to raising talent from overall engineering and cybersecurity.
Also Read: We Believe In The India Growth Story: Cloudflare India Head
