McAfee’s Steve Petracca on future trends in security, and more [Interview]

McAfee’s Steve Petracca on future trends in security, and more [Interview]
HIGHLIGHTS

We had a chance to sit down with Steve Petracca from McAfee and spoke on length about how Intel acquisition has changed McAfee's outlook, the threat on mobile platforms and future trends about security in general. Here's the entire interview:

Q1) What is the purpose of your visit to Mumbai?

Today, India is one of the largest growing markets globally. India is uniquely positioned as it is on the crossroads of rapid globalization and we are seeing amazing new things which are exclusive to the country. We are aware, more than 50% of the population is under 45 years of age and this makes them more open towards technology and allied devices. Growth of mobile devices in the country has been phenomenal and we are seeing the same trend on pc adoption. This also opens doors to more cyber threats.

As a company, McAfee has been in India for more than twelve years. We are committed to the Indian market and we are also seeing a healthy growth in the country. People are aware that we have sophisticated solutions which can combat threats within seconds of detecting them.

I have come to meet our customers and key partners along with our Engineering and Sales office to outline our 2013 strategy. This has been an extremely satisfying trip and I am sure to come back to India more often.

Q2) Intel as we all know is a hardware company and it has acquired McAfee, a software player. What has changed since Intel’s acquisition of McAfee in terms of work culture, roadmaps, etc.?

On a higher level, Intel has a history of solving computing’s biggest challenges. They’ve been focused on energy-efficient performance, connectivity, and now security. For Intel, Security is their “third pillar of computing.” Unless we can solve the problem of keeping computers secure, we’ll never live up to the Internet’s full potential. If we can solve it, it will be an enabler to growth in the computing industry and will allow Intel to achieve its goals related to transparent computing and the compute continuum.

We have several examples of why a software-only approach does not work. The future of security is hardware-enhanced security where the software works with the chip at a level below the operating system. By taking this approach, we’re stopping malware at a level that was never before possible.

We will exploit both technical and business synergies between Intel and McAfee to produce the best of breed Security solutions that will be unparalleled in the industry.

Q3) Considering Intel is into chip making and hardware, is McAfee designing any products in collaboration with Intel?

The Intel and McAfee integration falls into two main areas: 1) co-design efforts, and 2) go-to-market efforts. McAfee Deep Defender and McAfee ePO Deep Command are both co-design efforts, and there are many areas that we can point to where those efforts continue. Security on Ultrabooks is an example of a go-to-market effort. McAfee is working to improve performance of security on Ultrabooks by leveraging the graphics processor and in-built encryption provided within the Intel hardware and producing dramatic results in the area of performance for example. On machines that run the i5 processors , Intel and McAfee have partnered to release an Ultrafast, UltraSecure Anti-theft solution that will allow customers to remotely control and retrieve data and device – something that no one else in the industry can do today.

Q4) Could you elaborate on the consumer products which offer security at the hardware level? How easy or difficult is it to implement that vis-a-vis a software layer protection?

We have believed that it is necessary that security should now rest on the hardware level especially since the sophistication of malwares and viruses are increasing by the day. We have made meaningful traction towards many of the biggest issues facing IT. ePO Deep Command utilizes Intel vPro Active Management Technology (AMT) extensively to reduce power consumption, discover / activate vPro platforms via the Secure Console, leverage hardware accelerated data encryption and deliver “beyond OS” malware protection. ePO Deep Command is clearly better when combined with the hardware features inherent in vPro. We also worked together to bring security to Ultrabooks. Users don’t even notice the additional processing.

Q5) Could you tell us what goes on behind the scenes once a new virus is detected? What is the workflow like?

McAfee Labs is at the forefront of Malware detection and removal for McAfee. The Labs teams have world class infrastructure that constantly collects information globally and analyze samples through our Global Threat Intelligence (GTI). McAfee Labs use blacklisting,whitelisting and heuristic analysis in combination to determine if a particular sample is a malware. Once the malware (say a virus ) has been identified, the Labs team will come up with a signature for that virus that is unique and update their DATs ( which contain millions of such signatures ). These DATs are then distributed globally to millions of machines across the world and every day resulting in detection and subsequent cleansing of the machines. With patented behavioural technology, McAfee is able to detect malware zero day – essentially meaning that we can block threats even before we have a signature available. This is the power of GTI – something that none of our competitors possess.

Q6) Considering tools such as Avast and AVG offer free anti-virus for life, does McAfee have similar plans? What’s your take on this freemium model where security is concerned?

The reality is AV has become very commoditised and we have to accept the fact that the Companies you allude to are indeed doing very well and have a decent installed base. Also the AV is now bundled with the manufacturer of the OS.

Our strategy will be to identify elements that can be given away for free but at the same time not compromising on the quality and monetisation opportunities that will come from compelling value added features that are required to fund our R&D that is so essential to stay ahead of the game.

It has to be understood that there is inherent risk of free products lacking support and the depth of research that is needed in this combat zone and these can only come from the right level of investment. The reality is nothing comes free. And importantly the threats today are beyond just AV and encompass a range of requirements from data protection to Personal protection and across a set of devices from multiple threat vectors. It requires committed services that the customer will be obliged to get because he has paid for it. Free products will not carry the same obligation to a customer that a paid subscription will. Ours will be a very balanced approach that will ensure the customer is never compromised and he gets the best of breed solutions with both freemium and other value added features that will be sold at a price that is justified and acceptable to our customers and partners.

Q7) What do you think of the Indian market, where people are not very keen on paying for software?

McAfee has seen aggressive price competition in India but we price our products fairly. To answer your question about price, it is not the sole factor that gives a differentiating edge to a security company. Today, consumers are beginning to realise that cyber criminal activity has become more aggressive than ever. Consumers recognize the need to adopt more sophisticated and niche technologies such as anti-phishing protection, website safety advisor, mobile security to cater to the ever evolving threat landscape. The awareness level of consumers has also evolved steadily and we are witnessing demand for products that have more than mere antivirus capabilities.

The McAfee advantage is that our entire range of offerings ranging both enterprise and consumer products take advantage of McAfee’s unique Global Threat Intelligence to provide an unprecedented level of protection. Global Threat Intelligence includes security know-how from McAfee’s researchers, threat honey pots and the installed base of McAfee products to make computer security on every computer protected by McAfee smarter and safer, at no additional cost. With this technology, there is no other security provider today who can match the power of the collective threat intelligence resources we tap into.

Q8) What are the new features that we should expect in McAfee Internet security suite 2013?

There are many features and improvements across the suites. The key ones that I can highlight are :

•Vulnerability Scanner
•Windows 8 Support
•New UI (metro style) with touch support
•Casper Integration – To improve effectiveness
•Support for McAfee All Access 2.0

Essentially we continue to drive effectiveness, performance and usability to produce the best of breed Security solution for our Consumer market.

Q9) With mobile phone operating systems getting so elaborate and functional, what is McAfee doing to prevent these systems from being targeted by viruses and malware?

We have seen exponential growth of malware on the Android platform. There have been exploits in IOS , Symbian and all other operating systems. Our McAfee Mobile Suite has the Virus Scan Mobile product that detects malware and provides protection on the phone in addition to a host of other services that include data and web protection.

Q10) Which platforms drive the sales of your security offerings for mobile? Effectively, does that imply that they are less secure, or simply popular?

At this point it does seem that Android is driving a significant portion of what we sell. The reasons are due to the higher adoption and the opportunities for hackers on an operating system that is open. Cyber crime is all about opportunity in proportion to volumes. It is a volume game. The more you are able to target the higher the chances of getting your victims.

Q11) Are security offerings relevant anymore? Do mobile users need such offerings if app stores have stringent policies to safeguard their users?

Indeed they are. There is enough evidence that seems to suggest that whatever app stores do to control the quality of the applications they host, the sheer numbers of applications that get hosted and updated is so high it is very difficult for them to have a system that guarantees zero threat. There have been many instances of malicious apps getting downloaded from these stores and it’s days before they are discovered and plugged.

Additionally there are other stores that host copies of the applications of the major players like Google and customers downloading from those links are vulnerable. So in this situation, one needs to be vigilant and not blindly trust any application they download – regardless of the Store reputation.

Q12) With regards to that, is any single platform more effective in curbing out threats and plugging loopholes in apps delivered via respective stores?

All platforms are vulnerable – be it IOS, Android or any other. They are all operating systems and operating systems are open to the same risks as any other piece of software. You will see a trend where clients become thin and the business logic moves to a secure cloud. In that situation it could be that the cloud becomes a single platform system. There will likely be a shift of attacks from the client to the cloud – but then Security will be focussed on a single system as opposed to multiple operating systems as is the present case and potentially more difficult to penetrate as these will be maintained and managed by professionals.

Q13) Do you see the use of apps or ignorance on part of users (responding to spam, social networking…) as the greater risk?

Social Engineering is undoubtedly the easiest means for a cyber criminal to get to his victim. It’s easier to garner data from someone vulnerable via social Engineering as opposed to spending lot of time and effort in trying to hack into one’s system. There has been an upswing in malware and distribution of malware due to social networking. Applications that are potentially rogue are downloaded by innocent victims leading to violation of privacy, loss of data and personal information. So Social Engineering continues to be a means of tricking users to download and run malicious apps.

Q14) We have seen the hacking evolve from an activity that was just meant to boost hacker’s ego to organised crime involving major players, even governments in some countries, for financial gains. What trends do you see going forward?

Certainly, today cyber hacking is no longer an activity where kids in garages write malicious programs for fun. The malware is written by professionals and they even go through a stringent software development life cycle including quality assurance before release. These are funded programs and in some cases sponsored by the State. Cybercrime and Cyber warfare are a reality. McAfee has investigated several cases where State infrastructure and Financial institutions have been penetrated and organised crime is at the bottom of these cases. I expect these will continue as these are money spinning operations resulting in gains of billions of dollars for these criminals. McAfee has released several reports that cover cyber crime and cyber warfare – Stuxnet, Operation Aurora, Night Dragon and you will be hearing about operation Blitzkrieg.

Q15) Could you tell us something about McAfee All Access 2013. I think this is a first of its kind product which offers protection across all platforms – PCs, Macs, smartphones, tablets and so on with one product. How and why did McAfee come up with such a product? What advantages does it offer over stand-alone security suites for each of these platforms?

McAfee All Access (MAA) is a cross platform offering to users to protect multiple devices that they might own. We were first in the market with a product offering that protects multiple devices with a single SKU.

We noticed that with the explosion of devices in the market a typical home no longer had a desktop or a PC – but had many devices that stored/manipulated electronic data including smartphones and tablets. It is not unusual for a home to have as many as 15-20 devices today. This clearly brought about a need to be able to service multiple devices from a Security standpoint seamlessly and with the least hassle to the user. This resulted in the evolution of McAfee All Access. This product provides a single SKU provides license to use the products McAfee offers on the various platforms and helps manage the various devices as well thought an integrated console on our the users account on our home.mcafee.com website.

Q16) Considering All Access is a cross-platform tool, how easy or hard was it at the design and coding level since the malware that attacks each of these platforms is quite distinct in nature. Does the tool utilise different techniques to get rid of the malware or is there some sort of standardization across the platforms?

Given the plethora of devices and combinations of product offerings it was critical to design the product such that the user had a seamless experience. The products will be device/OS specific while the backend will provide the experience of a single offering to the user. For example the McAfee Mobile Suite will be downloaded silently on an Android phone while it will be McAfee Integrated Suite that might be downloaded on a PC. But the user has a single interface/console to manage and control his products. Again when you look at the security engine – that exploits a common cloud called Global Threat Intelligence and then the respective data is abstracted for a given device – so as far as the user is concerned this is a single offering and experiences a single offering.

Over time much of the functionality will move to the cloud providing an even more seamless experience across devices.

Q17) Has the whole social-media platform been a sort of catalyst for increase in cyber crime? If yes how?

Please refer to answer 13. Indeed, the social media platform is being well exploited. That is not a surprise because cyber crime is a volume game. When you have a social network of close to a billion the opportunity for a criminal is so inviting and huge it is only natural that attacks will be planned on this platform. Social groups are formed on the basis of trust. Once you have a criminal in your midst and are unaware it is not too difficult for the criminal to exploit vulnerable ‘friends’. This is happening on a regular basis. Again not surprising – criminals will focus attention on areas of high activity and where there is implied trust that makes their job easier to victimise.


Steve Petracca, Sr. VP and GM for Consumer and Mobile Business, McAfee
 

Nimish Sawant
Digit.in
Logo
Digit.in
Logo