Don't give up on the security fight just yet

Many companies are coming to see security as a form of damage control rather than prevention – an implicit admission that cybercriminals have outflanked and outclassed them – but one security innovator is still working hard to convince customers not to give up on the idea that attacks can still be prevented.

“There are many organisations out there that think we've lost, and that we should remediate any damage as quickly as possible,” Nir Zuk, founder and chief technology officer with security firm Palo Alto Networks, explains.

“But I just cannot accept this. It does't make sense, and we work to give customers some hope. They have to do something about these attacks, but their goal from the get-go should be to prevent the attacks. I'm going to keep fighting and telling them that we can prevent attacks – and that should be our goal.”

It's not the first time Zuk has dug in while fighting conventional wisdom about security attacks: his long history at security innovators Check Point Software Technologies, OneSecure and NetScreen Technologies saw him exploring a range of new approaches to long-established security problems.

As a co-founder of Palo Alto Networks, his entire mission statement was about taking a new approach to security – based on observing changes in network behaviour patterns rather than malware signatures – and the market has responded as forward-looking customers reach out for new security options.

The company is now growing at around 50 percent year on year, outpacing the overall security industry by a ratio of 5:1. Growth is particularly strong in Australia, where a strong governance-fed appetite for data security has driven growth that Zuk says is “three-digit percentage” year on year.

Most of that business comes from customers who have given up on their previous security solutions, implementing Palo Alto Networks solutions as a replacement rather than an augmentation to their existing environment.

This buoyant growth has been supported by the company's 2014 acquisitions of endpoint security vendor Cyvera and advanced threat detection specialist Morta Security, which have each contributed new technologies to bolster the range of new technologies that Palo Alto Networks can bring to bear on the malware defence.

Tightening the net

By filling out its security offering, Palo Alto Networks is working to be able to provide customers a single, unified security platform that extends from on-premises to cloud-based applications with a single security interface.

This type of seamless security framework has become a common goal for today's customers, says Zuk. “Cloud is an extension of the enterprise,” he explains. “And what customers really want to do is to run applications on premise, or through a cloud provider, or use a SaaS provider – and they want it to be seamless.”

That seamless capability, in particular, results from having a single security platform that can apply the same level of scrutiny to different types of traffic being carried across different types of channels, from a variety of sources to a variety of destinations.

“We're finding security has to be like that,” Zuk continues. “They expect security in the cloud to be the same as security on premise, and part of the same platform, because you have a better chance of stopping attacks as they happen.”

“Security is only as good as your weakest link, because attackers will always find the weakest link and attack it. So, it doesn't make sense to secure different parts of your enterprise differently. If you do, then by definition one of them will be weaker than the other.”

Tightening the links between various security elements will not only give organisations better visibility into their security profile, but it will also offer a measure of additional control that will help those organisations increase their resistance to existing and new threats.

This, in turn, will force attackers to get ever more-resourceful in their attempts to compromise security – increasing the amount of time and money they need to spend in order to successfully penetrate any given target.

This approach is the best hope for organisations wanting to improve their resistance to outside attack, Zuk believes, arguing that even small improvements in organisational defences can have a dramatic effect on the cost of attacks.

“It may be that you're not going to stop 100 percent of attacks, but this is all about making it more expensive for hackers to attack organisations,” he explains. “By being 10 percent better at defences, you can make it 10 times more expensive for the attacker to attack.”

“Our goal at Palo Alto Networks is to get to a point where we can prevent such a high percentage of attacks that it's going to make sense for our customers to take this approach.”

One critical requirement to making this approach work is positive thinking – believing that there are still ways to block hackers when others say all options have already failed – and another is having the patience to start small and grow bigger over time.

“Once we convince customers that we are right and they give it a try on a small scale, they become a bigger customer,” Zuk says, noting that success at small scale often breeds greater interest amongst increasingly security-conscious business executives.

Read more: Synology cloud sync bug exposes Macs to full takeover

“That's how we grow,” he adds. “Some people are scared of change and some aren't – but one thing we're seeing is that you cannot go to the board and say 'I'm using the best there is and it doesn't work'.”

“You either get hacked or don't get hacked. Security is becoming a board-level issue, and you either secure the enterprise or find a new job.”

Join the CSO newsletter!

Error: Please check your email address.

Tags Nir ZukMorta SecurityPalo Alto Networks (PAN)CloudonesecureNetScreennew security optionscybercriminals

More about Check PointCheck Point Software TechnologiesNetScreenNetScreen TechnologiesOneSecurePalo Alto NetworksPoint Software TechnologiesSoftware Technologies

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place