Having been a part of VeriSign® in the early days right after it spun out of RSA, the concept of mitigating risk has always been at the forefront of my mind. Back then, risk mitigation meant ensuring you had an SSL connection so someone didn’t launch a man-in-the-middle attack to steal your credit card information. Today it is much more sophisticated, but the underlying theme is the same; stopping an attacker BEFORE they gain entry to your system by making the “cost” to them (in time or money) much more expensive than the gain.
Here is what risk mitigation is not: it’s NOT about watching the attack, figuring out who (or what) is attacking you, and going from there — I don't know a single C-level executive who would prefer to report to their Board of Directors, “Well, we know who did it and how, but we couldn't stop it from happening.”
We all want to be able to say, “We stopped the breach before it happened - and this is how.”
That’s why I’m here at Cylance®.
Gone are the days where we could afford to wait for malware signatures or zero-days to be caught and have a CVE number or Microsoft patch custom-made to “fix” them. Now, it’s a matter of seconds before attackers break in and propagate a network, or social engineers fool staff into opening an email attachment and gain access to the company network in order to steal high-level login credentials.
In today’s hyper-connected world, cybercriminals don't bother attacking the main target head on. In the case of the recent SWIFT attacks, for example, why would hackers bother going after a major player in the banking industry and battling through their heavy security, when all they have to do is breach one of the smaller banks connected to them – the weak link in the chain? The “how” and “why” don’t matter to the bank owners when their money evaporates, leaving them with no recourse. What matters to them (and the general public) most is, "Who let this happen?"
Today, companies need to stop the door from opening to such an attack. Our CylancePROTECT® product does just that. In fact, the door is not just closed to attackers, but also dead bolted from the inside. IOCs and IOAs are important after the fact, but they are too late to prevent attacks, not to mention they are extremely costly. Incident response and litigation are expensive. The ability to stop something bad before it happens? Priceless.
The Growth of Big Data in Cybersecurity
Personally speaking, I was fortunate enough to join Hortonworks in its early stages and watch the growth of Hadoop, big data and data science. I worked alongside engineers who not only developed the Apache projects and code, but also made them do something. They were the brightest minds in the business. I saw where machine learning was at, and had a front row seat when in just a short few years, it developed into a formidable ally to data analysis.
To be able to use machine learning in an accurate manner with APTs was only a matter of time, but for most people and corporations, it is still out of reach. Machine learning and artificial intelligence must learn to spot patterns in data in order to be effective, and it takes extraordinarily sophisticated training and algorithms to determine a harmless computer file from one that has malicious intentions.
On that note, Cylance delivers. We use machine learning to grow artificial intelligence into CylancePROTECT, our endpoint protection product, which aims to protect everybody under the sun. Are we Skynet? Not exactly. But does artificial intelligence have the ability to learn and anticipate the future? Yes. We are already there in practice. Cylance currently leads the way in next-generation cybersecurity by applying artificial intelligence and machine learning to teach our endpoint protection solution the difference between “good“ and “bad” files, using millions of data points.
CylancePROTECT stops threats, pre-execution – and all without requiring an Internet connection or constant signature updates.
The Cloud vs. Machine Learning and Artificial Intelligence
Everywhere we look, the data industry is burgeoning. The cloud went from being an unsecure and unknown hodgepodge of unproven technology, to a critical online infrastructure used by most companies today. Even with cybersecurity and compliance requirements, the public cloud is very much a matter of business for all companies and most industries.
And yet, the cloud is not always available. Whether you are on the move and run into a cloud dead zone, or you must travel out of the country to a zone where cloud access is not available, being protected from malware, viruses and trojans while untethered is critical - zero-days or otherwise. Waiting for a vulnerability signature update or a push from the cloud still allows enough time for memory-targeted attacks or malware to gain hold - and again - knowing the “what” and “who” is of little comfort when all your vital company data is wiped, permanently corrupted or locked up by ransomware.
CylancePROTECT protects the endpoint while untethered and disconnected from the Internet, and that is where machine learning and artificial intelligence-based security products win out over traditional legacy AV vendors.
But don't just take my word for it. Take Cylance for a test drive yourself.Contact a Cylance expert to get started.
Finally, on a personal note, I would be remiss if I didn’t call out my gratitude to Stuart McClure and the Cylance Team for their sponsorship of women’s pro cycling. Having been a bike racer at the grass roots level, I’ve seen many women as eager and as brazen as the men race, but with little fanfare. Cylance is bringing women’s cycling to the mainstream, and I am eager to be a part of their journey.
Vice President of Global Customer Success at Cylance