About Me

Dr. Phyllis Schneck

Dr. Phyllis Schneck
Vice President & Chief Technology Officer, Global Public Sector McAfee, Founding Chairman and Chairman ...

Read More

Enterprise Blogs

Feeds & Podcasts

Meet the Bloggers

Archive

Tags

#McAfeeFOCUS, #MFETrivia, #SecChat, #SecurityLegos, 12 Scams of Christmas, 2012, 2012 Security Predictions, Acquisition, Advanced Persistent Threat, Android, android antivirus, Android Malware, Android security, android security app, anti-phishing, anti-theft, anti-virus, antivirus, APIs, App Alert, Apple, application blacklisting, application developers, application security, app protection, apps, app safety, ATM scams, attacks, authentication, automotive, Bad Apps, balanced scorecard, best practices, Big Data, big security data, BlackBerry, Blackhat, Black Hat, black hat hackers, botnet, Brazil, breach, Business IT, car hacking, certification, Change Control, China, CISO Executive Summit, Citrix, class action lawsuit, cloud, Cloud city, Cloud computing, Cloud Expo, cloud security, Cofer Black, collaboration, Compliance, Conficker, consolidation, Consumer, consumerization, consumerization of IT, Content Protection, counter identity theft, credit card fraud and protection, credit card skimming, critical infrastructure, CSP, cyber attack, Cybercrime, cyberespionage, Cyber Insurance, Cyber Intelligence Sharing and Protection Act of 2011, cyber security, cybersecurity, cyber security awareness, Cyber Security Mom, cyber threat, cyberthreats, data, database activity monitoring, database security, data breach, Datacenter, data center, data center security, Data Classification, data loss, Data Loss Prevention, Data Protection, Data Protection Act, Dave DeWalt, Dave Marcus, dedicated security appliances, Deep Command, Deep Defender, DeepSAFE, DefCon, DefCon Kids, Department of Commerce, device, Device Control, devices, dewalt, DLP, Dmitri Alperovitch, easter, Ecuador, Eelectric Vehicle, Email & Web Security, Email & Web Security, email security, embedded, embedded devices, Embedded Security, Emerging Markets, Emerging Market Security, EMM, encryption, Endpoint Protection, Endpoint Security, enterprise, enterprise mobility, enterprise resource planning, enterprise scurity, enterprise security, epayment, epo, ePO Deep Command, ePolicy Orchestrator, ERP, ESM, espionage, EV, exploit, exploits, facebook, Facial recongnition, Family Safety, FDCC, file sharing, Financial Security, firewall, FISMA, Fixed Function Devices, Focus, Focus11, FOCUS 2011, forrester, Foundstone, Friday Security Highlights, Garter, Gartner, Gartner Security and Risk Management Summit, George Kurtz, Global Cybersecurity, Global SecurityAlliance Partner Summit, global threat intelligence, google, government, GTI, Hackers, hacking, Hacking Exposed, Hacktivism, HB1140, Healthcare, Heuristics, HIPAA, host intrusion prevention, Host IPS, HV, Hybrid Vehicle, ICS, IDC, identify potential cyber-threats, identity protection, identity theft, IDF 2011, Incident Response, Information leak, Information Protection, Information Security, Information Warfare, Insider Threats, Integrity, Integrity Control, intel, intellectual property, Internet Explorer, internet security, Interop, IntruShield, In vehicle Infotainment, IP, iphone, IPS, IT, IT Security, japan earthquake safe donation, japan earthquake scams, kurtz, labs, laptops, Larry Ponemon, law, legal, legal risk, linkedin, live-tweeting, lizamoon, Lockheed Martin, mac, Mac OS X, malware, Malware research, managed security services, Management, Mariposa, mass sql injection, mastercard, Maturity Model, McAfee, McAfee Application Control, McAfee Cloud Security Platform, McAfee Data Loss Prevention, Mcafee DLP, McAfee Email Gateway 7.0, McAfee Enterprise Mobility Management, McAfee ePO, McAfee ePolicy Orchestrator, McAfee Firewall Enterprise, McAfee FOCUS, McAfee FOCUS 2011, McAfee Identity Protection, McAfee Labs, McAfee Mobile Security, McAfee MOVE AV, McAfee Network Security Platform, McAfee NSP, McAfee Policy Auditor, McAfee Risk Advisor, McAfee Security Journal, McAfee Security Management, McAfee Security Webinars, McAfee SiteAdvisor, McAfee Vulnerability Manager, McAfee Vulnerability Manager for Databases, mcafee wavesecure, Microsoft, Microsoft Security Bulletin, Mid-Market, Mobile, mobile antivirus, mobile app, mobile data communications, mobile device, mobile devices, mobile devices and security threats, mobile malware, mobile phone spyware, mobile security, mobile security app, mobile smartphone security, mobiles security, mom, MS12-020, MySQL, NACACS, near field communication, Network Perimeter Security, Network Security, Network Security; Email & Web Security; Security-as-a-Service, network security server security, new year resolution, next-gen IPS, Next Generation IPS, NFC, Night Dragon, NIST, NitroSecurity, NitroView, OMB, online banking, Open Source, operational risk, Operation Aurora, Optimized, outages, OWASP, passwords, password security, patch, Patch Tuesday, Patmos, PCI, PCI Compliance, PCI DSS, Peer to Peer file sharing, perception, personal information over mobile phones, phishing, PII, Ponemon Institute, PostScript, Potentially unwanted program, power grid, power loss, Pre-detection, Pre-Installed Malware, Printers, privacy, protection, Public-Private partnerships, Public Sector, pup, QR codes, reference architecture, regulations, reporting, reputational risk, retail, risk, Risk Advisor, Risk and Compliance, Risk Management, ROI, Rookits, Rootkits, RSA, RSA 2012, SaaS, SaaS security solutions, safe searching, Saviynt Access Manager, SCADA, scam, SCAP, SEC Guidance, SecTor, secure cloud computing, secure container, security, Security-as-a-Service, Security and Defense Agenda, security attacks, security awareness, security breach, security conferences, Security Connected, Security Connected Reference Architecture, Security Influence, security information and event management, security management, security metrics, security optimization, security policy, security threats, Sentrigo acquisition, Shady RAT, SharePoint, shortened URLs, SIA Partners, SIEM, SiteAdvisor, Situational Awareness, Small Business, smartphones, smartphone security, SMB, social business, social media, social networking, social networks, Software-as-a-Service, spam, Spearphishing, sql attacks, SQL Injection, State of Security, stealth attack, stealth crimeware, stealth detection, Steve Jobs, storage, Stuxnet, Support, Symbian, T-Mobile, Tablet, tablets, tablet security, targeted attacks, TCO, technology development, Telecommunications, threat reduction, TJX, TPM, Trusted Computing Module, trustedsource, twitter, Twitter online security, U.S. Cyber Challenge Camps, urchin.js, Vericept DLP, ViaForensics, Virtualization, VIrtual Machines, visa, Vontu DLP, vPro, vulnerability, Vulnerability Manager, vulnerability manager for databases, Web 2.0, Webinar, web protection, web security, Websense DSS, Web services, white hat hackers, Whitelisting, wikileaks, Windows 7, Windows Mobile, Wind River, Xerox, youtube, Zero-Day, zeus
Enterprise :

The Importance of Incentives in Securing the Network from the Cyber Threat

Wednesday, February 8, 2012 at 9:09am by Dr. Phyllis Schneck
Dr. Phyllis Schneck

The cyber security threat landscape has changed fundamentally over the last decade from “Code Red” to mass espionage and the threat of kinetic damage.  Instead of moving unsophisticated worms around the Internet, today’s adversaries are moving money, markets and jobs between countries and companies. 

The cyber adversaries of today are smart and fast, and have no legal, international, or competitive boundaries for sharing information.  They often have plenty of funding and well-placed trusted relationships, enabling them to execute harm upon us with an unmatched alacrity. What once might have been called science fiction and displayed by Hollywood is now reality: malicious actors perpetrating cyber attacks to steal money and intellectual property, disrupt businesses, sabotage critical infrastructure, and threaten governments.

Today, I had the great privilege of speaking before the Committee on Energy and Commerce at a hearing titled “Cybersecurity: Threats to Communications Networks and Private-Sector Responses.” At this hearing, I provided McAfee’s perspective and insight on the cyber threat environment as it relates to communications networks and offered policy recommendations on protecting the telecommunication infrastructure. 

Internet Service Providers (ISPs), which are foundational to all electronic communications, are hampered in security efforts by the design and physical components of the architecture of the Internet and have the potential to enable mass espionage and critical infrastructure risk. While communications networks allow us to share information around the world instantaneously, they are also a conduit for malware.  The very Internet that virtually promises the arrival of our traffic at its destination also promises the arrival of the malware at the destination intended by the sender.

Although telecommunications and ISP firms have been diligent in securing their infrastructures and taking proactive steps to prevent the delivery of some of the known malicious and botnet-affiliated traffic, the task could be done far better and a much more comprehensive global threat picture could be created.  However, this is complicated by legal, regulatory, financial, and attitudinal disincentives.  Government and private sector need to work together to remove these obstacles.  Currently, it is unacceptably easy for the cyber adversary to delivery malware via the Internet and have it promptly and accurately delivered to its destination.  

ISPs need solutions that are proactive and predictive, rather than reactive. ISPs can help guide the market by acquisition of innovative technologies.  One example suggests that Global Threat Intelligence (GTI) be used within the network fabric by ISPs, which is the basis of a cyber immune system and offers the ability to protect against an attack by comparing current traffic to a dynamic snapshot of real-time cyber activity to determine a risk probability of that traffic before allowing it to continue on its path.  If the risk is high, that is noted in the system and the traffic can be stopped.     Another example is application whitelisting, which can prevent malicious instructions from executing on a system even if they are able to enter.  These technologies extend to systems outside of the ISPs as well, and we note in testimony that ISPs cannot own all the burden of cyber security – every system must be secure and play a proactive role.

In addition to these private sector solutions, policy plays a key role in assisting ISPs and telecommunications firms in protecting their infrastructure. We need to see more joint collaboration and cooperation between the private and public sectors and passage of the Roger’s bill to encourage the public-private partnerships we need in moving forward in cyber security. This bill already contains a number of privacy protections, and we are working to further upgrade these protections.

To achieve a cyber secure nation, we also need positive incentives.  Such incentives would include:

  • Imposing limitations on liability for damages as well as non-economic losses would remove a serious obstacle to information security investments.
  • Cyber security competitions, challenges and scholarships can assist in identifying and recruiting talented individuals to the cyber security workforce.
  • Accelerated depreciation or refundable tax credits are being considered to encourage critical infrastructure industries to make additional investments in cyber security technologies, solutions, and human capital. 
  • Government should give consideration to implementing reinsurance programs to help underwrite the development of cyber security insurance programs.

ISPs play a fundamental role in the global digital infrastructure.  Government action is needed to help address the legal and economic challenges faced by ISPs in terms of sharing threat intelligence, and McAfee believes that a holistic approach is needed.  By incorporating private sector solutions, policy regulation, and positive incentives, we can ensure that ISPs have access to the most innovative technologies available to protect our networks and nation states from future sophisticated cyber threats.

Bookmark and Share

Submit your own comments / message for this post

Your email is never published nor shared. Required fields are marked *

CAPTCHA Image

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Comments (3)

  • Mist Carbajal February 16, 2012 7:32PM

    Although these Committee hearings tend to be long winded, the Energy and Commerce hearing titled “Cybersecurity: Threats to Communications Networks and Private-Sector Responses”, was informative and a must see. And Dr. Phyllis Schneck speaks to the issues, rather than spinning into a redirect by avoiding the reality of the cyber security threat landscape of our time.

    Reply
  • Charlie Delgado February 9, 2012 9:01AM

    Thank you for appearing before the committee, for your information, and for your article.

    Reply
  • Dennis London February 8, 2012 10:22AM

    This is exactly what I’ve been talking about for years! Since 2005 to be precise. The ISPs are the conduits for which we all connect to the internet yet they allow “raw data” to constantly be transmitted without regard. I use an example of local water districts not providing filtered or clean water to homes when I discuss this. It really gets the point across.

    In my discussions with a couple of ISPs, I have asked them about what type of filtering they use to provide (if any) security for their customers; each response was just as appalling as the other. I was told by some fairly high level people within those organizations “We allow for the lines and means of communications, what people do with it is up to them and not our problem.” I couldn’t believe my ears! And those I spoke with in person made those statements with straight faces. I even approached people within different divisions of the federal government, of course they all hid behind the lack of any regulatory mandates or laws which would allow for such levels of protection. Ignorance must be wonderful.

    The simple fact is this; in order to provide a reasonably secure cyber infrastructure, the ISPs must realize they are the conduits of not just the “lines and means of communications” but they are also the conduits for the malware and cyber threats which the citizens and corporations of this great country are faced with every hour of every day. There are plenty of examples we could use where corporations that have been hacked or compromised would have been protected by even the basic levels of “reasonably secure” protection from an ISP. One example could be Sony. The SQL injection and cross-site scripting which was used to initially break in could have been prevented if their ISP was using even the default configurations. Not to mention all the home users who are constantly being attacked with code which is easily cleaned and removed by the same default policies. Of course there will be those who will cry about privacy concerns. Those people need to realize that every packet they communicate with must already pass through the basic layers of filtering in order to be properly routed. Nobody is going to read your emails or track your usage.

    The solution is out there. If only the ISPs would grow up and realize they are the enablers of the problem.

    Reply