Westcon-Comstor Imagine 2016: Security is a see-saw of prevention and protection, says Palo Alto Networks
- 25 May, 2016 16:34
Brendon Thwaites (Palo Alto Networks)
Businesses are constantly battling the see-saw of security and performance and of prevention versus protection, according to Palo Alto Networks Asia-Pacific head of distribution, Brendon Thwaites.
In a breakout session at the Weston-Comstor Imagine 2016 conference, he said businesses should place more emphasis on prevention.
“We live in a different world now where all systems are online. We have a strong dependence on technology and we expect instant results,” he said.
“The biggest example of a need for prevention is social networks. No matter how many patches or software updates, it’s actually not possible for any celebrity to get every naked photo back off a teenage boy's phone. You cannot remediate that.”
Despite the increase in the security conversation, Thwaites reminded the audience that businesses today use the same networking security technologies as in 1995 and because of this, they remain focused on a preventative stance in their cyber-defence strategy.
“We have a situation where you have a firewall, things go into the network and you try to work out what to do with it afterwards. Block this, block that, block users, block applications. We are constantly reacting, not preventing,” he said.
“We are so focused on a 1995 firewall problem that we are not looking at the securities of the fabric that goes around the business. Now, security goes all way around to Layer 8, which is the human interface,” added Thwaites.
Thwaites went on to say that he recognises that businesses hold back in investing in preventative security because often, they can’t quantify the problem.
“If you can’t understand exactly what is your issue, then it’s hard to put a cost next to that,” he admitted.
“We have two options. We can continue to let things in and let the infection spread, then detect them, update them and remediate in a reactive stance. Instead, you can automate the process, analyse in real time and immunise the entire network and create a platform for prevention.”
Thwaites said a key benefit of being immunised in real-time is that by the time the infection hits your network the first time, chances are, it was seen by at least one other of the customers within the user community.
“Every customer in Palo Alto Networks will benefit because the first patient to be attacked has found that exploit technique, created a signature, and then every other customer is immune because there are lots of other customers feeding information into that Threat Intelligence Cloud,” he added.