Andy Vallila is the General Manager for Dell Security’s business in the Americas. Recently Vallila sat down with WashingtonExec to discuss cybersecurity, the threats the nation faces today, and how we can stay ahead of these issues. In his role at Dell, Vallila is responsible for the revenue growth and customer success for Dell’s IAM and Network Security product lines.
Q: How have cyber threats changed since last year?
Andy Vallila: The overarching advancements in cyber threats over the past year come as little surprise – threats are only becoming more frequent and sophisticated, despite efforts to combat them.
According to the Dell Security Annual Threat Report more than 900 million users were exposed to malware in 2015. The cyber landscape in government also reflected a growing security challenge, with an increase to over 77,000 network breaches into government systems in the last fiscal year, according to a FISMA report.
Q: What trends in cyber-crime do you see?
Andy Vallila: Dell’s Threat Report identified four cyber trends from 2015 that are expected to have an ongoing influence.
One trending challenge is the ability of adversaries to stay one step ahead of cyber solutions. This was illustrated through the evolution of exploit kits, which continue to exhibit increased speed and stealth and even unique “shapeshifting” abilities. Continually better able to disguise and evade current security techniques, exploits are increasingly difficult to detect.
The second trend of note is related to the surge in Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption. An increase in SSL/TLS encryption has led hackers to use encryption to their advantage. Now adversaries are implementing difficult to detect hacks using SSL/TLS encryption to avoid detection by intrusion protection and anti-malware systems. Legacy network security solutions often cannot inspect SSL/TLS-encrypted traffic or their performance is so low that they become unusable when conducting the inspection, making this approach extremely effective.
The report also identified an increase in malware for the Android ecosystem, which puts a large portion of the global smartphone market at risk. This trend was illustrated through a wide range of new techniques targeting the Android ecosystem including the development of Android-specific ransomware and innovative, hard-to-detect malware.
Finally, one broad, overarching trend that came through was the increase in malware activity across the board. The number of malware attacks identified in 2015 nearly doubled from 2014 to 8.19 billion. The increase in attacks was coupled with rapid threat evolution. Over the past year, Dell SonicWALL received 64 million unique malware samples, compared to 37 million in 2014.
These trends all come together to represent an extremely dynamic threat environment, one that will require a holistic approach and concerted effort to address.
Q: Millions of data breaches occurred in 2015. Could these have been prevented?
Andy Vallila: While not every breach that occurred in 2015 was preventable, the frequency of breaches could certainly have been reduced. Government recognizes this and has made a concerted effort to improve security across the board. From 2015’s Cyber Sprint to the $19 billion requested for cybersecurity funding in the 2017 budget proposal, the emphasis placed on security has never been more apparent.
However, it is impossible to completely prevent breaches and in most cases, adversaries succeed due to small security gaps, rather than gaping holes. Cybercriminals can utilize any point in the data lifecycle – in storage, in transit or during consumption – as an access point. To get as close as possible to complete security, agencies need to approach security holistically and consider this entire lifecycle.
Q: With the rapid changes in cyber threats, how can organizations stay ahead of the cyber criminals? Is it possible to predict and prepare for emergent threats?
Andy Vallila: While it isn’t possible to predict the future, it is possible to identify cybersecurity trends and evolve in response. As cyber threats change, government’s best defense lies in an end-to-end, holistic approach to security. Such an approach includes consistent use of next-generation firewalls, more frequent updates to security systems and implementation of robust, context-aware identity access management (IAM) protocols including multifactor authentication and privileged account management.
Becoming knowledgeable on cybersecurity trends and educating agency employees are also critical pieces of the holistic security puzzle, although the security approaches mentioned previously will go a long way to improve government’s current stance.
Q: Is the US government more at risk than private companies—or consumers?
Andy Vallila: Federal government entities and private sector organizations have information that is valuable to hackers, making them both potentially vulnerable targets. Both can be considered equally and constantly at risk.
Q: Cybersecurity has been described as a shared risk. What can we all do to prevent cyber-crime?
Andy Vallila: First and foremost, a holistic approach to security must include employee and consumer education and IAM to cover everyone who accesses an agency’s network or data. Employees need to understand the reasons behind agency policies so they can appreciate the potential harm that can be caused when policies are violated.
Further, awareness of common and evolving techniques utilized by cybercriminals can help prevent employees from being the weak link that allows an adversary through. All organizations, public and private sector alike, need to focus on education for their security strategy to evolve. Cybersecurity is a shared risk – and everyone plays a role in preventing cybercrime.