| Danial Norjidi |
REGARDLESS of where a country is in the world, cyber threats are an issue that all must be prepared to deal with.
This was said by Steve Ledzian, the Technical Director (Asia) for FireEye, a leading company in cyber security that works to protect organisations from cyber-attacks such as advanced malware.
Steve, who spoke with the Bulletin on the sidelines of yesterday’s Cyber Security Forum at the Rizqun International Hotel, has 20 years of IT experience, leading a team of seasoned security experts responsible for providing high level pre-sales support and guidance to FireEye account teams, customers and partners.
He said that cyber security has evolved in a dramatic way. “It’s exponential in terms of threat capability.
“If we look back at the last 20 years, a lot of the attacks were from individuals who were trying to either get some notoriety or prove how smart they were and today we see nations arming themselves in terms of cyber defensive capabilities.
“So it’s a night and day contrast between where we were 20 years ago and what we’re facing today.”
Speaking on how prepared Brunei Darussalam needs to be, he said, “Cyber security doesn’t necessarily respect borders. Whether an attacker compromises a server in Asia, Europe or in America isn’t really important from that attacker’s perspective. So I think essentially the risk posed to countries is equal in terms of cybersecurity. It doesn’t really matter where you are.”
He described 2014 as being a wake-up call, known as “the year of the breach” and said he thinks 2015 will probably see a lot of the same.
“I think it’s down to the organisations at the very senior level to ask questions about whether or not they are prepared.”
Steve was one of the featured speakers at yesterday’s forum and when asked for what his biggest take away from it was, he said, “One of the key things is awareness.
“Awareness was sparked, really, last year with all the high profile breaches being exposed in the media and all the painful ways in which those companies were impacted. So I think that it sparked interest in people in looking and wondering ‘could I or my company be the next victim of an attack like this?’
“I think forums like this go a long way to help educate and raise awareness, and bring an additional level of detail to the problem,” he highlighted.
Speaking on his company, he said, “FireEye is a technology firm dedicated to stopping cyber threats. We’re based on three main pillars, first of which is technology.
“We have a technology which is different than the traditional face-to-face technology that is largely failing in most cases, and the technology we have is signature-less, based on virtual machines, and it’s a way of protection that doesn’t require previous learning,” he shared.
“The reason that is important is because new malware threats are coming at such a rate that there’s no time to do that. It’s not possible to categorise every malware threat on the list the way signature-based technology does.
“We have a much more effective technology in terms of protection but technology alone isn’t sufficient to stop today’s attackers. The problem isn’t a malware problem, it’s a human problem.
“So, in addition to the technology, we have expertise. You need to be able to do analysis and response when technology fails to close the window of time the attackers have to operate. That expertise is also provided by FireEye. We have a service which has the best cyber minds in the industry augmenting individual organisations.
“Lastly is intelligence. It’s really important to understand your opponent. For example, a boxer will prepare for a fight by studying his opponent. If he understands where his opponent is strong and where he is weak, then he has a better chance of winning the fight than just using basic boxing knowledge.
“Cyber-wise, it’s the same,” he continued. “If you can understand your attackers, how they operate and what tools they use, how they maintain persistence, and a number of other things to better understand them. That intelligence comes from our incidence response work, working with companies who are breached and helping extract the attacker out of those breached networks.”