Many companies are coming to see security as a form of damage control rather than prevention – an implicit admission that cybercriminals have outflanked and outclassed them – but one security innovator is still working hard to convince customers not to give up on the idea that attacks can still be prevented.
“There are many organisations out there that think we've lost, and that we should remediate any damage as quickly as possible,” Nir Zuk, founder and chief technology officer with security firm Palo Alto Networks, explains.
“But I just cannot accept this. It does't make sense, and we work to give customers some hope. They have to do something about these attacks, but their goal from the get-go should be to prevent the attacks. I'm going to keep fighting and telling them that we can prevent attacks – and that should be our goal.”
It's not the first time Zuk has dug in while fighting conventional wisdom about security attacks: his long history at security innovators Check Point Software Technologies, OneSecure and NetScreen Technologies saw him exploring a range of new approaches to long-established security problems.
As a co-founder of Palo Alto Networks, his entire mission statement was about taking a new approach to security – based on observing changes in network behaviour patterns rather than malware signatures – and the market has responded as forward-looking customers reach out for new security options.
The company is now growing at around 50 percent year on year, outpacing the overall security industry by a ratio of 5:1. Growth is particularly strong in Australia, where a strong governance-fed appetite for data security has driven growth that Zuk says is “three-digit percentage” year on year.
Most of that business comes from customers who have given up on their previous security solutions, implementing Palo Alto Networks solutions as a replacement rather than an augmentation to their existing environment.
This buoyant growth has been supported by the company's 2014 acquisitions of endpoint security vendor Cyvera and advanced threat detection specialist Morta Security, which have each contributed new technologies to bolster the range of new technologies that Palo Alto Networks can bring to bear on the malware defence.
Tightening the net
By filling out its security offering, Palo Alto Networks is working to be able to provide customers a single, unified security platform that extends from on-premises to cloud-based applications with a single security interface.
This type of seamless security framework has become a common goal for today's customers, says Zuk. “Cloud is an extension of the enterprise,” he explains. “And what customers really want to do is to run applications on premise, or through a cloud provider, or use a SaaS provider – and they want it to be seamless.”
That seamless capability, in particular, results from having a single security platform that can apply the same level of scrutiny to different types of traffic being carried across different types of channels, from a variety of sources to a variety of destinations.
“We're finding security has to be like that,” Zuk continues. “They expect security in the cloud to be the same as security on premise, and part of the same platform, because you have a better chance of stopping attacks as they happen.”
“Security is only as good as your weakest link, because attackers will always find the weakest link and attack it. So, it doesn't make sense to secure different parts of your enterprise differently. If you do, then by definition one of them will be weaker than the other.”
Tightening the links between various security elements will not only give organisations better visibility into their security profile, but it will also offer a measure of additional control that will help those organisations increase their resistance to existing and new threats.
This, in turn, will force attackers to get ever more-resourceful in their attempts to compromise security – increasing the amount of time and money they need to spend in order to successfully penetrate any given target.
This approach is the best hope for organisations wanting to improve their resistance to outside attack, Zuk believes, arguing that even small improvements in organisational defences can have a dramatic effect on the cost of attacks.
“It may be that you're not going to stop 100 percent of attacks, but this is all about making it more expensive for hackers to attack organisations,” he explains. “By being 10 percent better at defences, you can make it 10 times more expensive for the attacker to attack.”
“Our goal at Palo Alto Networks is to get to a point where we can prevent such a high percentage of attacks that it's going to make sense for our customers to take this approach.”
One critical requirement to making this approach work is positive thinking – believing that there are still ways to block hackers when others say all options have already failed – and another is having the patience to start small and grow bigger over time.
“Once we convince customers that we are right and they give it a try on a small scale, they become a bigger customer,” Zuk says, noting that success at small scale often breeds greater interest amongst increasingly security-conscious business executives.
“That's how we grow,” he adds. “Some people are scared of change and some aren't – but one thing we're seeing is that you cannot go to the board and say 'I'm using the best there is and it doesn't work'.”
“You either get hacked or don't get hacked. Security is becoming a board-level issue, and you either secure the enterprise or find a new job.”