Friday, 24 March 2017 16:25

Any network claiming 100% security is dreaming: expert

By

There is no such thing as a 100% secure network, especially if it is attached to the Internet, according to Sean Duca, ‎vice-president and regional chief security officer - Asia Pacific at Palo Alto Networks.

Duca is regarded as a guru in the security space, having joined McAfee back in 2000 and becoming chief technology officer in 2013 at Intel Security as it had become, before joining Palo Alto Networks in April 2015. He was also a member of the Australian Government’s Online Safety Consultative Working Group. He combines his leadership style, with a technical base and communication skills.

Duca says 90% of his role is about raising awareness of security best practice because the bad guys are getting smarter and more persistent. “These days we all know what the vulnerabilities are and anything that is known can be prevented although the adversaries are always finding new ways to get around patches and new security technologies,” he said.

“Most people tend to think that they are safe and secure if they use anti-virus (software) and have a firewall sitting at the front door of their organisation. That may have worked once upon a time, but unfortunately, the hackers of the world have become a lot smarter than that,” he said.

web
analytics

Palo alto Sean Duca 1Duca says that he was attracted to Palo Alto Networks based in Santa Clara, California, because its take on security was focused on the network (and that includes the WAN, cloud and Internet), it was a disrupter, and because of its contextual approach. He also could see the mission, purpose and passion for challenging the security status quo, and it was exhilarating.

The remainder of the interview is in his words.

Palo Alto Networks core products are a platform that includes advanced firewalls designed to provide network security, visibility and granular control of network activity based on application, user, and content identification and cloud-based offerings that extend those firewalls to cover other aspects of security like advanced endpoint protection.

Its founder Nir Zuk was a member of the famed Israeli Defence Force Unit 8200 and is credited in 2005 as the inventor of the first stateful inspection (SPI) firewall and intrusion prevention system. He wanted to use the firewall to identify network traffic like applications, ports used, users (and method of access), to protect against bad behaviour (e.g. not known good), and provide fine-grained visibility and policy control over application access/functionality. Hence Palo Alto Networks is credited with the first Next Generation Firewall.

It now is more important to place these attacks into a context and begin to understand the big picture – why are you using an unknown mobile phone from Russia at midnight to access corporate networks and run an app? The context is all wrong and it can be stopped at network level until it is investigated.

The bigger question is how to ensure security does not cripple line-of-business apps. You can lock down a network and pretend it is 100% secure, but it will cripple the user experience. There needs to be a better way – how can we safely enable those apps?

Palo Alto Networks can perform a single pass deep packet inspection without slowing the network or WAN down and through whitelisting it identifies good behaviour and lets it past. Then if you find something odd you can inspect it and upload it to us for bare-metal (on a computer) testing and analysis – and have a response within a few minutes.

Cyber criminals, hackers, are very well organised and funded. They are using tools like machine learning and AI equal in sophistication to the best protection companies.

We use tools too but we have over 37,000 customers to help us and once we find an issue it protects all of them instantly. Palo Alto Networks has been successful – we are not a huge company, but we are achieving 30% year on year growth and adding about 2000 customers a quarter.

Final messages to iTWire readers

  • Security is all our responsibility – “she will never be right again mate"
  • The world has changed and the bad guys have as many resources as the good guys.
  • Be prepared to ask hard questions and accept the bitter challenges.
  • Cyber-crime and breaches are a matter of when, not if – you will be challenged every day.
  • Consider security on a risk-based factor – what risk will you face if you are hacked, what will it cost to reinstate (if you can) and will you remain in business? What are the crown jewels to be protected at all costs?
  • Boards need to look at security as the top priority and not hesitate to spend what is needed.
  • Don’t accept fear, uncertainty and deception (FUD) propagated by many security vendors – call it out for what it is: BS.
  • Focus on how you make the company resilient for tomorrow – yesterday has already happened.

Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments