Is Cyber Prevention the best form of cyber security?
Lately it seems that I have been inundated with folks wanting to talk about cyber prevention. Is it just me? Is it just marketing shift or are we really going to see cyber prevention emerging as the best form of defense?
John Davis at FCW deals with cybersecurity from a policy perspective and he believes there are concrete ways that the incoming trump administration can beef up U.S. cybersecurity.
Davis says the Trump administration should focus on threat prevention by adopting the Cybersecurity Framework’s tenets on identification and protection
Spearheaded by the National Institute of Standards and Technology, the Cybersecurity Framework was game-changing in that it established a common cybersecurity risk management lexicon and five core tenets for mitigating attacks: identify, protect, detect, respond and recover. We hope the collaborative and inclusive public/private dialogue that took place during the development of the framework is a model the next administration will use when crafting cybersecurity policy.
As the framework matures, we encourage the next administration to place a particular focus on identifying the systems, networks and information most important to the success of each organization, and then protecting those elements. That approach would underscore the importance of adopting a prevention-first mindset toward cybersecurity.
“Detection and response alone can’t keep pace with today’s automated threats, which is why a prevention-oriented approach is the key to stopping attacks. Focusing on identification and protection ensures that preventive measures are baked into an organization’s cybersecurity strategy from the start and limits the need to devote resources to incident response.”
Cylance’s approach to prioritizing prevention
Cylance, is a California company co-founded in 2012 by McClure and McAfee’s then-chief scientist, Ryan Permeh. They have a somewhat unqiue apporach to cyber security, with a particular emphasis on prevention. In their words…
The key difference between Cylance and its competitors is that it moves to prevent hacks, rather than to simply detect them. Most legacy antivirus software is maintained by humans, says McClure. Researchers find a virus and tell a security company, an employee has to give it a signature and a name, and then an update is issued and sent to all the antivirus software users. This process, which is prone to human error, can take weeks, McClure explains.
Co-founder Ryan Permeh explains why Cylance’s method works: “Bad guys change their hacking methods slowly over time. They are approaching glacial speeds. The snow and ice on top changes, so their tools appear new, but the glacier doesn’t move that much.” In other words, since there aren’t many new ways to break in, you can plan around the known vulnerabilities. And rather than task a team of humans to watch a company 24 hours a day, seven days a week, it is possible to teach a machine to do the work.
“Our machine-learning model continues to go through iterative experiences to learn incrementally, like a human brain,” says McClure. “The more data we feed it, the smarter it gets, the more aware it becomes, and the easier it is to recognize objects and names.”
Inc. magazine will announce its pick for Company of the Year on Tuesday, November 29. Cylance is a contender for the title in 2016.