Thursday 1 May 2014

In depth: What's the most annoying question you can ask an antivirus company?

In depth: What's the most annoying question you can ask an antivirus company?

Infosecurity Europe (better known as Infosec), one of the biggest security events around, is over for another year.


The show features everything a security fan could desire, from live demos to testing out security products - but one of the most satisfying aspects is being able to put your questions to hundreds of security professionals stationed on every stand and corner.


We're used to bringing you deep insights on TechRadar Pro, but we're also interested in what's ticking off the industry from time to time, so continue reading to find out what's really been grinding security vendors' gears at Infosec 2014.


1. "How do I remove the Heartbleed virus from my computer?"


Listen up, now: Coca-Cola didn't invent Santa Claus, Lemmings aren't suicidal and the Heartbleed Bug definitely isn't the reason your PC is running slow.


The OpenSSL flaw that means cyber thieves can nab your valuable information from infected servers has caused a lot of panic in recent weeks. It's also generated a lot of misinformation that's resulting in some baffling questions currently being put to security vendors, as Jack Daniel, Technical Product Manager at Tenable Network Security, explains.


"If you Google 'Heartbleed virus' or enter it into Twitter, you'll find thousands of hits, but a lot of it is misinformation," he says. "People are still going around saying misinformed stuff like 'my computer's acting funny - I think it's the Heartbleed virus'. I have friends who are struggling with understanding it - that sort of confusion doesn't help people the problem."



Daniel reckons that cable news channels are particularly to blame for spreading nutty untruths.


He continues: "When the first Snowden story broke I was at a trade show and somebody had printed out a picture of Edward Snowden at the hotel's business centre with a sign saying they could've protected the NSA from Snowden.


"No. No you could not."


2. "All of this cyber warfare stuff is just like the Bond movies! Right?"


Despite what the movies tell you, hackers aren't middle aged, scar-faced megalomaniacs from Russia hell-bent on world domination (you'll get the odd one or two, granted). Cyber crime is serious business that costs millions to counter and shouldn't be glorified, ok?


Paul Dwyer, Director at Mandiant, gets kind of annoyed at the number of people who fail to see the real-world dangers of cyber espionage and instead treat it like it's been lifted from the pages of an Ian Flemming-penned Hollywood blockbuster.


"People think that it's almost entertaining as opposed to asking, 'does this happen in the real world'?" he says. "People see it as a Bond Movie - it's almost think they can't connect with cyber espionage stories as they don't live in China or Russia - but it doesn't matter where you are. I actually have to tell them that this stuff is real.


"In particular, people think malware is overhyped, that it's just the industry trying to impress people with even more vast numbers and different variants of malware. The point people miss is that it only takes one piece of malware to destroy a business."


3. "Why are you all the same?"


A question that cuts deep, the question of why security vendors are all the same as each other can ruin even the most hard-faced researcher's day.


How would you feel if your business made billions in profit every year, hired 20 PhD holders per month and was still seen as a faceless, generic entity in the eyes of the clueless masses? Annoyed: that's what you'd be, and the only thing that security vendors can do to change things is to get out there and talk to customers, partners and end users, says Alex Raistrick, VP at Palo Alto Networks.


"Sometimes we're told 'you don't seem to be any different from your competitors'. That's quite irritating," he says.


"We're very different from good old statement inspection technology from 20, 25 or 30 years ago - we're much more effective. It's not a question of whether we get tired of answering it, but we wish the market would understand more about how the world has changed. Everybody has a next-generation firewall marketing message but nobody has a next-genereation firewall product, which is the big difference."


OK, Alex. We were only asking.


4. "Why aren't you more transparent with how you deal with security threats?


If you think about it, a lot of trust is placed in the hands of anti-virus and other security vendors. One successful hack or phishing attempt could cause you a lot of problems for a long time, and the only thing preventing that (aside from your own actions) is often a security product or service that you've installed on your PC or mobile device.


As such, it's only natural that you might want to know more about how they go about fighting nasties on your behalf on a daily basis, but is it a good idea for them to give away all of their secrets? That's a definite no, according to Righard Zweinenberg, Senior Research Fellow at ESET, who would rather you stopped pestering him for more information.


"Transparency is good, but there's a problem with that in the security industry," he says. "We're quite transparent at ESET - we give away a lot of what we do - but we can't disclose everything because of non-disclosure contracts no matter how much people ask.


"More importantly, if we disclosed in public what kind of technology we're using to detect specific threats, that could be misused by the bad guys. Evasion techniques would be quickly created to evade our protection - so sometimes it's not a matter of us not wanting to be transparent, it's better not to be."


5. "Where in the cloud do you store my data?"


Placing any type of data in the cloud can be risky businesses. From the location of the data centre that it ends up in to compliance and regulatory requirements, whether you're a consumer or business you should at least try to get clued up on where it's headed.


JD Sherry, Vice President at Trend Micro, says that cloud vendors in 2014 have to be prepared for a quizzing from customers around where they store data to avoid being caught off guard.


"Cloud is very topical at Infosec - there are a tremendous amount of providers now from Amazon AWS to many neat, niche players," he says. "Customers want to make sure that their data is protected and what counter measures exist, what security measures there are and how their data is being handled, because the privacy component is in everybody's face.


"We're transparent about it. To use Steve Jobs' quote - we're gonna skate to where the puck's gonna be. In hockey you don't want to go where the puck is, you want to go to where it's going to be, and we knew that virtualisation and cloud security were going to be very important to our partners and organisations."
















No comments:

Post a Comment