According to Intel Security, formerly known as McAfee, the threat landscape is undergoing some massive shifts. With 26 smart objects per person by 2020 the threat surface is expanding and the cost is now at $3.8 million per attack.
Scott Lovett, CVP for global sales at Intel Security says “It was clear that what we’re doing isn’t solving customer problems. The reality is the actors are way ahead of us. Over a billion identities were stolen last year”.
Research Intel Security has conducted says 70% of IT leaders plan to change their technology sourcing arrangements over next couple of years. And that means lots of opportunities for the channel. But it’s not simply a case of selling the same products and services.
“It's no longer about building up the biggest wall around the outside and stopping everybody from getting in and protecting ourselves,” Lovett says.
“It’s really about figuring out what’s occurred out there and figuring out how to remediate it. That’s the challenge and opportunity we’ve got.”
Lovett, during his opening address at Intel Focus 15 Channel Partner Program, was at pains to say Intel’s journey through this would be through the channel. In his conversations with customers, he says they’re telling him they don’t need people selling them boxes. They want partners and vendors to come in and help create a strategy.
Lovett took the opportunity to introduce Richard Steranka (pictured) as Intel Security’s new head of global channel operations. Recruited just a couple of months ago, Steranka was chosen for the role – after a long search – because of his focus on partner profitability.
Steranka’s focus is on working closely with partners so that they can move away from simply selling hardware and software to delivering complete solutions that address specific needs that target customers’ specific needs.
"We can get better in terms of sales engagement,” he says.
That strategy is founded on the Threat Defence Lifecycle. The three elements of the lifecycle are Protect, Detect, Correct. They were described by Chris Young, the SVP and GM for Intel Security.
Protect targets endpoints through the use of encryption, anti-virus and firewalls.
Detect involves the use of SIEM and sandboxing for payload detonation.
Correct is all about remediation, system restoration after an incident and incident response.
The challenge, says Young, is traditional approaches are based on paradigms that have long since changed. The volume and velocity of threat creation means the number of potential attackers and weapons has grown by several orders of magnitude over the last few years.
In parallel, a massive skills shortage has become evident, meaning the solution to the security riddle will have to come from technology as we simply don’t have enough skilled practitioners to deal with the rapidly escalating threat environment.
As part of that, Young says the normally very acquisitive Intel will be focussing on developing more solutions in-house.
Young then handed the baton to his colleague Bryan Dye, the CVP for corporate products at Intel Security who discussed the importance of metrics.
Dye suggested there were four key metrics to consider when it comes to security; protection effectiveness, detection accuracy, correction speed, and personal efficiency.
For each of these, Dye says the time it used to take to be considered successful has dropped substantially. For example, protection effectiveness has moved from a manual process to a fully automated one with correction speed moving from minutes to seconds.
He also notes that Intel Security’s Global Threat Intelligence network is 35% larger than any other threat detection network.
Perhaps the most important advice Dye has is to treat ‘security as a business process’.
Closing out the opening to the partner summit was Steve Grobman, Intel Security CTO and Fellow. The position of Fellow isn’t one Intel gives out lightly. Of the approximately 100,000 employees at Intel, just 10 have been made Fellows.
Grobman says there needs to be greater intellectual honestly about information security. We live in the age of the industrialisation of hacking.
The next wave of threats will be more than malware. Already we’re seeing unique, targeted attacks that exploit low level exploits with malicious actors having different motivation and tactics to those of the past.
Attackers are no longer just focussed on traditional clients with the data centre and network targeted. While the cloud has enabled new agility it has added additional risk. And we will soon have over 50B connected devices in the world.
The solutions that will see us through this wave of threats will use analytics at scale with probability-based solutions and adaptive response tools.