Governments and regulators must relax data-sharing rules for businesses if the fight against cyber attacks is to be won, according to Palo Alto Networks CTO and founder, Nir Zuk.
Zuk told attendees at the company’s 2015 Ignite user conference that data will be key to producing the threat intelligence to combat malicious attacks, but warned that existing regulations are stymying efforts by the security industry.
“There is regulation that is preventing some of our customers from sending data to us. For example some European customers cannot send data to the US, and neither can some industries like financial services,” he said, addressing 3,000 attendees at the third annual Palo Alto Networks conference in Las Vegas.
“That has to be fixed. At the end of the day us and our competitors will not be able to protect you against attacks without seeing the data. We don’t need to keep it - we take it, we process it, we delete it. What we need is the result of processing your data and there is nothing confidential in that at all.”
Zuk added that regulators need to realise the importance of sharing information with the security industry and adapt laws accordingly. “In order for us and our peers to protect you against an attack we need to see lots of data. That is the only way that we can deal with this - laws will have to change and we will have to get you comfortable will collecting your data.”
Palo Alto Networks currently collates data from customers opting in as part of its WildFire threat intelligence cloud service to share information with other users as an attack prevention method. This includes sending all files, such as executables, office documents, PDFs, URLs that users are accessing. The service has grown to around 5,000 users.
Harnessing the data available to businesses will allow security companies to be more proactive in addressing security concerns - rather than investigating breaches in a reactive manner.
“A new approach to taking data that you send to us and detecting bad things is using big data,” he said.
“To me big data is more about predictive analytics which means it is about collecting information mostly about what is good and what is bad, and then given a new piece of information you can decide whether it is good or bad. We are doing that in many different aspects of life [such as cancer research, or car manufacturer using sensors to predict car breakdowns]. We can do the same with security.”
The company announced a number of products and services at the event. This included a AutoFocus, which provides customers with contextual threat intelligence to identify targeted attacks facing their organisation before they occur, based on billions of file analysis artefacts collected from its customer base of enterprise service provides and governments.
“The Palo Alto Networks AutoFocus threat intelligence service enables security teams to significantly close the gap on the time it takes to identify and prevent advanced, targeted cyber attacks," said Lee Klarich, senior vice president of product µanagement at Palo Alto Networks.
"By putting cyber threats in a context that speaks specifically to their network and industry, using the largest data set aggregated across customers and industries, we are helping customers around the world take a more strategic approach to securing their organisations.”
A partnership with VMware to provide support for its Airwatch mobile device management platform was also annoucned, integrating with Palo Alto Networks Next-Generation Firewall, WildFire and GlobalProtect technologies, to help customers enforce security policy and protect networks from compromised mobile end points.