My role (and title) is definitely too long to fit on a business card, ‘Global Vice President of Product Marketing and Business Development’. I’m taking care of our products so that their feature set, as well as the way customers can use them, stays ahead of the cyber security problems our society faces now and in future.
The technology is based on the understanding that a cyber-resilient posture can only be achieved when you have full visibility of your processes, the digital assets that support and enable them and how all that fits into your company’s business. Cyber Resilience is the ability of an organization to deliver its value despite being under attack or facing any kind of adverse cyber incident. Our technology of real-time control of any change happening in a given infrastructure establishes that solid base needed to be cyber-resilient.
What is NNT and what are your key offerings / services?
Dirk Schrader: The two elements of our technology, and our key offerings at NNT, are change control and vulnerability management. While they have a different approach, both serve the same goal, to make it as hard as possible for an attacker to gain foothold undetected. Vulnerability Management reduces the attack surface overall and Change Control enables the real-time monitoring of what happens to an infrastructure between scans.
NNT started back in 2005 with the idea to provide foundational security controls which are essential to any business. These controls – also prescribed by CIS and NIST – are enable organizations to prevent and protect themselves against all forms of breach as well as gaining full control of changes for both security and operational peace of mind.
How much has your role and responsibilities evolved in the last 8-10 months in the face of COVID-19? Did you anticipate these changes as part of routine 5 years ago?
Dirk Schrader: In all fairness, the daily routine hasn’t changed much. Online sessions and webinars have always been a major part of the job. What has changed is the reach the technology solution needs to encompass. COVID-19 forced many employees into a WFH setup, while that in turn accelerated a large portion of all digitalization efforts in many sectors introducing WFH. While our technology was certainly ready for this, the mindset of all involved wasn’t as much. Changes in operations, in how a company does its business, have an influence on so many aspects of cyber security, its procedures and guidelines. To get a grip on those influencing factors, to identify their impact will still take a while. A good amount of my time is about this impact (scope, depth, breadth) and it will be part of the routines of all in the future.
Cyberattacks have become a perennial issue for every business. How are these attackers adopting new technologies to surpass standards of security and compliance?
Dirk Schrader: Up-stream attacks (like Solarwinds) and Social Engineering attacks aimed at cyber security researchers are telling us that the cyber crooks will always find new ways and methods to circumvent security measures. They are examples of how the future of attacks will look like.
Companies have long talked about Big Data, analyzing those vast amounts the generate to find revenue opportunities. Cyber criminals will certainly use the data extracted from all these large data breaches of the recent years to tune their attacks, their social engineering attempts. ML and AI will start to play a role, being used in the preparation of attacks and how they are carried out. How that can happen has already been show-cased with the proof-of-concept by Skylight Cyber or the research done at the University of Hong Kong.
Tell us more about SecureOps (!changed from DevSecOps!) and the future of IT Security and Networking Automation?
Dirk Schrader: There are many factors making it necessary to automate security as much as feasible, without exposing it to another variety of attack vectors. 5G, digitalization, smart cities, you can’t name one mega trend which does not include an ever-growing amount of communication, especially machine-2-machine communication. The only way to sift through an exponentially growing haystack of events caused by this is automation, concerted operations of your tools and solutions. Unfortunately, this is going to be the next family of attack vectors, with APTs targeting that exact way of how an organization automates security processes. One element should not be forgotten in this effort, the operator, that human intelligence piecing things together. In the end, each cyber security battle is between humans using tools. If the operator knows as much of the security tool chain as the engineer who derived it, that battle is likely won by her or him and not the attacker.
Our SecureOps, the related FAST cloud service and our training and workshops with our engineers, is available to support the operators in exactly this manner.
How does AI and ML algorithm help in real-time breach detection? Tell us more about your work with AI and ML.
Dirk Schrader: ML and AI do play a role as they help to digest massive amounts of data and to extract basic context of out that haystack. I don’t think that ML/AI are the ultimate answer to our cyber security issues (or any other topic), they are helpful tools providing answers to well-defined problems which need to be integrated into a concerted security workflow and architecture.
My work is exactly there, that integration and – partly – the definition of the problem which should be solved. As said before, security tools must be orchestrated. An ML/AI solution deployed for the sake of using AI and ML doesn’t help.
Originally published on Aithority.com