Yesterday, we covered the McAfee Labs 2019 Threat Predictions Report, which explored the likely threat trends enterprises will face in the coming year. Collaborative criminal undergrounds, IoT attacks, and targeted cloud attacks all made appearances in the report, prompting serious thoughts about enterprises’ endpoint protection platforms.
However, we wanted to get a more in-depth analysis of the potential perils of 2019. So we sat down with Nathan Jenniges, Senior Director of Corporate Device Security at McAfee, to get his thoughts on the future.
Here’s our conversation, edited slightly for readability:
Solutions Review: Do you feel optimistic or pessimistic about endpoint security in 2019? Why?
Nathan Jenniges: What matters is whether endpoint security can have significant, provable impact against current and future adversarial attacks. In other words, can endpoint security solutions provide significant impact against what the adversary is doing now and will likely do in 2019 and can you prove it?
The answer to both questions is yes. The easiest way to prove that is to show the latest attacks or even projected attack use scenarios and then ask whether endpoint solutions would have an impact.
SR: McAfee Labs just released its 2019 Threat Predictions Report. Which threats do you think enterprises should be most concerned about in particular, and what steps can they take to protect themselves?
NJ: The McAfee Labs 2019 Threat Predictions Report focuses on what the overall cybercriminal adversarial strategies will be, and for enterprises, what matters from the cybersecurity response side is to answer the question of what threat methods, tactics, and techniques will actually be employed in these over-arching strategies and whether the use scenarios that use these threat methods are accounted for.
A number of non-traditional attack methods are predicted as part of these strategies. They include live-off-the-land attack methods, malicious fileless payload streaming, polymorphic zero-day malware and more.
Enterprises should engage with reputable cyber security specialists to understand the threats methods involved and do situational audits of whether their organization’s security posture is up to defending against them. They should then identify gaps, prioritize them and then fill them as needed.
SR: What security skills should enterprises foster in order to better defend themselves against the upcoming threats of 2019?
NJ: The first skill needed is the acquisition of understanding and knowledge of these new attack methods, tactics, and techniques. E.g. Do you know what a fileless attack is? The second skill is the understanding of how to identify attacks that use these methods. E.g. can you identify a fileless attack if you see one?
This knowledge will provide a baseline against which defenses can be built and effective strategies can be thought out.
SR: Anything else you would like to add?
NJ: The best way to help each other is to meet with other cyber security professionals and discuss things live or even face-to-face on a regular basis. The amount of knowledge gained over the internet or reading an article is awesome, but there’s no substitute for getting together with others to share insights, or even to do things like Red/Blue/Purple teaming or more. You really find out whether you’re prepared if you take the time to actually test your defenses with someone else.