Intel/McAfee: What's the future of security?

McAfee co-President Mike DeCesare on what the merger of Intel's chip-making capabilities and McAfee's security expertise is expected to bring down the road

Intel completed its multi-billion-dollar acquisition of McAfee almost a year and a half ago, and this week McAfee co-President Mike DeCesare spoke with Network World senior editor, Ellen Messmer, about what the merger of Intel's chip-making capabilities and McAfee's security expertise is expected to bring down the road.

What can we expect going forward from the Intel buy of McAfee? What do we get from this that represents the strengths of both combined?

A lot of customers ask me that! Intel's a very technically oriented company -- most of what Intel sells are things Intel built. With McAfee, Intel has been very hands-off, and McAfee is being run very autonomously. But Intel has made a massive infusion of R&D resources, money to bring additional engineers on board. The focus is hardware-assisted security. That's a lot of where we see the market going.

BACKGROUND: Intel, McAfee developing cloud security strategy

So what does hardware-assisted security mean here?

A lot of the advanced persistent threats [APTs] test the ability to detect them. When you sit above the operating system, the visibility is limited. But in Intel's chipset, you can detect malware and APTs in a different way. The first product we'll be coming out with is rootkit detection, at the end of the calendar year. This will come in multiple phases, leveraging first-generation i3, i5 and i7 chipsets with vPro-enabled. The functionality of those chipsets is out there today. By leveraging McAfee endpoint protection, our endpoint engine can see a level of rootkit you didn't before.

So is this by itself going to remove it?

It's a higher level of functionality to detect the rootkit, but this [alone] doesn't remove it. You can see a pattern of activity on the Windows machine. APTs by definition are in there for a long time. Rootkits are just one form of how APTs get on the machines. What we have going on with engineering is many other projects. The vPro chipset has functionality built into it we can use, such as "power control" to wake up a sleeping machine, patch it with current security, and put it back to sleep. McAfee Deep Command and Deep Defender are for this.

So what are Intel/McAfee projects going forward? What are the topics of focus right now?

The "secure browser" is very hot in the market right now -- there's a high desire to fence that browser so if someone breaks into your [Internet Explorer browser], they can't go further. Intel can build things into their chipset to enable that, and part needs to be built.

Is this like "whitelisting"?

It's not whitelisting. Intel's chipset needs to offer up the concept of a secure browser, the ability to open a browser and make sure it's in a contained environment.

Is what Intel and McAfee are designing going to be something open for other vendors to take advantage of as well in the chipsets of the future?

It has to be open. We deal with companies that don't have Intel chipsets. But we're optimizing with Intel.

We recently heard McAfee and Intel discussing a cloud-security strategy that would involve using McAfee's ePolicy Orchestrator management and Intel's Trusted Execution Technology to assist in securely moving virtualized server workloads. But they made it clear it's the first chapter with more to come. What's the Intel/McAfee cloud-security strategy about?

I think two, three or five years out, companies that buy endpoint protection will demand versions that integrate with the chipset in the machine. Cloud does the same thing. For instance, we use Oracle's on-demand CRM and the servers don't sit on our own premises. We need to offer security as on-premises or a cloud-based environment. Look, LinkedIn just had a major security breach.

If you're going to trust cloud-based applications, you will need to see your data is secure. McAfee is going out to all the "Tier 1: application vendors, such as SAP. We want to make it more attractive to do business in the cloud.

We want them to design security in from the ground up. Our whole pitch from Intel and McAfee is you should design it from the ground up. We have Sentrigo database security, for instance.

Have we sold it to SAP and Oracle? Not yet. But we have hundreds of companies that use our security embedded, such as automotive manufacturers. Oracle's general attitude is to build it in-house. But they do use a lot of products from us. Have we been successful in that yet? No. Nobody has made that decision yet. But we see interesting parallels with ERP providers and security. There's massive consolidation.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

More about etworkIntelMcAfee AustraliaOracleSAP AustraliaTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts