This week I got a heads up briefing on McAfee’s latest router security release (part of Intel security), which more deeply integrates routers into its unique approach to comprehensive corporate security. The company indicated it was having surprising success given that a core portion of the product came from a recent acquisition, which was still in the process of being integrated into the company. Generally, benefits of an acquisition don’t really start to show up until after the acquisition has settled. It turns out that higher education is chomping at the bit for this solution, which provides an interesting data point for everyone else.
What makes McAfee’s security solution unique isn’t just that it is comprehensive in reporting and response. It focuses tightly on looking for indicators that someone is attempting to illegitimately access secure resources from either inside or outside the company. Most solutions attempt to block access and don’t begin to take corrective action until a breach is both successful and detected, which is why we tend to have so many large breaches. Often, by the time security becomes aware of the problem, the hacker has already made off with the information and disappeared.
You’d think that three-letter agencies, post-Snowden, would be lining up for this kind of a solution but they appear to be focused more on damage control at the moment, and Snowden did appear to be an exceptional case of insider theft. Though I wonder whether he was an exception because of what he did, or because we found out what he did? It did seem that it was easy for him to make off with massive amounts of confidential information and he is hardly a professional spy. Although he is turning into an impressive PR asset for Russia.
Higher education is desperate for this security approach because, if you think about it, schools are full of young hackers who are at an age when concerns over consequences for illegal actions aren’t that great and when risks seem fun and exciting. In effect, any school with a computer curriculum has thousands of potential hackers inside its walls. Each is looking for access to grading systems, email, security systems, and whatever else they can get into for a variety of reasons, including bragging rights.
You might argue that unlike the three-letter agencies, higher education schools don’t have to worry about professional hackers getting inside. But a lot of defense projects are researched in these schools, so even foreign governments are likely placing agents inside and are working to penetrate security from both inside and outside.
Colleges and universities, therefore, require a comprehensive approach to the problem, because perimeter and point solutions can’t possibly deal with a threat that comes from both outside and inside the security channels. Such an attack might even be coordinated.
I find it fascinating that higher education seems to have wrapped its arms around the right approach to the kind of security problem the NSA had before any other government agency has. But this is likely because colleges and universities are faced with these issues daily and broadly, while security agencies may not have anywhere near this level of problem. On the other hand, it does make me wonder how many breaches at these agencies go undetected largely because they don’t know to look for them. I think Snowden should have been a far bigger wakeup call than he appears to have been.
In the end, education appears to be leading the charge into the next generation of security. I wonder what this says about the kids who are coming out of these institutions and their ability to follow rules.
Perhaps the fix shouldn’t focus only on new security technology; it should also include a renewed focus on ethics and integrity.