Last week, I had the pleasure of meeting with many of our customers at FOCUS12, and addressing the audience on both the Tuesday and Wednesday keynote. We covered a wide range of subjects in our sessions, and made several announcements. We specifically looked at energy sector vulnerabilities, and announced partnership with Westinghouse to prevent network intrusions into nuclear power plants. We discussed a major shift away from that which was traditional “A/V” to the more intelligent real-time connected capabilities that will incorporate our integration in hardware, firmware, endpoint, network and cloud. But if I could only focus on three key takeaways it would be these:
We have evolved Security Connected into a Platform. Many of you are familiar with what we called the “trinity” slide, showing how endpoint, networks and the cloud were connected through our management console. At FOCUS, we extended the Security Connected approach and introduced the concept of the Security Connected Platform. Let me put aside some key concerns about a platform. We aren’t saying this will be only McAfee technology. This isn’t a monolithic installation. We will leverage our core components for the plumbing and framework, and we understand that each countermeasure we provide needs to stand on its own as best-in-class. The presence of the SIA partners at the Expo is a proof point in the value of the security connected platform. We are seeing the joint ecosystems of McAfee and Intel come together to deliver real security solutions as a part of this platform. There was a lot of interest by customers in how the integration of third party product simplifies security management while delivering greater security controls.
Real-time ePO capabilities will be a game changer. Imagine having the ability to verify if a piece of malware had hit an organization following an event of malware identification. Imagine an agent that sits on boxes and sees everything and controls everything. Imagine being able to answer any question (using natural language) and allow you to take immediate action (e.g. immediately killing a process throughout your environment). What’s exciting about real-time ePO capabilities is that they will bring real-time understanding and awareness to something that’s traditionally just been historical. It’s the next step in situational awareness. For example, in 30 seconds you will know if you have vulnerability in your environment, whereas now it takes days… if you ever know. You can answer questions such as “what’s the code that’s running on my system that wasn’t there the day before?” Real-time ePO is nimble and fast. I look forward to updating you on the roll-out of this exciting technology in the coming months.
Any operating system is vulnerable, but can be more secure through hardware enhanced security. As I looked back over the last year, I focused on three attacks: Flame, Operation High Roller and Shamoon. We demonstrated how a Shamoon-like attack could brick a Windows, a Mac and an Android device. While the code that bricked these devices was something we developed, the point was that it’s possible. Not only is it possible, but we know there are nation states out there planning just such an attack. It has never been more important to stop this kind of attack, particularly as they are targeted at our critical infrastructure – oil & gas, the energy grid, telecom and transportation. This is where hardware-enhanced security provides real value. I demonstrated how to use ePO Deep Command to reach out to the chip and bring it back to life.
Over the next few months, I plan to update this blog with some of the key milestones we will reach as we build out our technology, and I look forward to engaging with you on that discussion.