Palo Alto CEO: Beware the Internet of Things – and watch your car

Corporate IT security pros need to consider the Internet of Things as a new and dangerous attack vector – oh, and we all should be particularly worried about the safety of our cars, says the top executive at Palo Alto Networks.

Corporate IT security pros need to consider the Internet of Things as a new and dangerous attack vector oh, and we all should be particularly worried about the safety of our cars, says the top executive at Palo Alto Networks.

"You need to be completely rethinking endpoint security and you need to be seeking out technology that will actually prevent things at endpoints before [malware] lands," says Palo Alto CEO Mark McLaughlin in a recent interview with Network World.

+ FULL INTERVIEW: Register to read the full transcript from the interview +

IoT endpoint devices may connect directly to other, more valuable assets on a network or they may provide a toe-hold from which attackers can move around laterally inside a network until they gain access to high-value data, McLaughlin says.

He says the way to go is to defend the endpoints which is what Palo Alto does but at least initially that will have to be done using risk analysis to determine which endpoints warrant the defenses.

"I think the way to think about endpoint security is What's the value of what you're trying to protect?' If my refrigerator is talking to Safeway automatically to say, On your next Peapod [visit] bring some more milk because I'm out of milk,' and you're the bad guy, and you knew that, I'm not sure that I really care," he says.

But it could be less innocuous. "If you penetrated the refrigerator and that got malware into the fridge and that went into the store system, could it get to the payment database? Yeah, that's possible. That's an example of saying maybe you do want to protect your refrigerator."

The test of which IoT devices to defend is whether the consequences of a compromise are dire enough. "I think you're definitely going to want it on the car you buy in three years from today, which is more and more just a computer wrapped around wheels," he says. "I think you want them on ATM machines. I think most retailers in the world right now would like to have it on their point-of-sale devices right now. I think it just depends on what the value of the data flowing through the endpoint is as to where you're going to invest your money."

Meanwhile, corporate network security is already facing stiff challenges that have many experts saying that breaches are inevitable something McLaughlin isn't willing to concede.

"It's as if you and I would go home tonight and say to our families, Somebody is going to break into the house, probably every night. They're going to walk around, they may take stuff, take whatever they want, but they're coming in any time they want to every day of the week, and there's really nothing we can do about that, so we just have to be OK with that,'" he says. "Nobody's OK with that. That's sort of the equivalent."

He says that in the past people have faced threats that perhaps they were unable to eliminate completely but that were minimized to the point of being acceptable. That's what he says will happen with network security. "The problem right now is that that may take a decade or something but we're in the midst of that, probably at the earlier part of that than the later part of it," he says, "and when your face is that close to the paper and you're living it every day, it's easy to not be able to see the light at the end of the tunnel."

The goal of improved security is to make successful attacks so difficult and therefore expensive that only a few well-financed actors can carry them out. These would include wealthy private organizations and governments, and the remedies might not be technological.

Some of the answer may be diplomatic, with countries coming to agreements on what is acceptable behavior. There may be treaties such as those banning chemical and nuclear weapons, with economic sanctions being imposed against violators, he says.

Other solutions could include giving economic incentives to businesses that practice better cybersecurity as a way to move the needle toward better protected networks. Incentives could mirror insurance discounts granted to safe drivers, for example. Rates for cyber insurance policies could be tied to applying industry best practices for security, he says.

Despite these efforts, breaches may seem to become more prevalent over the short term for two reasons, he says. First, they may actually be more prevalent because the vast majority of current security infrastructure is legacy technology that doesn't effectively prevent new types of attacks. Second, new laws and regulations will likely call for more reporting of incidents, so those that might have escaped notice before, won't, giving the appearance of more incidents.

Join the CSO newsletter!

Error: Please check your email address.

Tags palo alto networksnetwork securitysecurity

More about Palo Alto NetworksPeapodSafeway

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place