Business & Technology
This is a summary of an interview conducted with Phil Quade by Peter High, which appeared on the Forbes website on March 11, 2019. To listen to an unabridged podcast version of this interview, click this link.
Phil Quade spent 34 years at the National Security Agency, rising to the role of Director, Cyber Task Force, and Special Assistant to the NSA Director for Cyber. In that role, he dealt with some of the worst actors in the cyber crime world. Now, as Fortinet’s CISO, Phil brings that remarkable depth of experience to the private sector.
In this summary of his recent Forbes interview, we will look at some of his thoughts on the best approaches to securing the enterprise and how to best augment cybersecurity approaches and strategies.
One of the ideas that Phil emphasized was the need for segmentation and layers of defense. At some level, all security involves segmentation, whether implementing a traditional perimeter firewall, imposing network access controls, or applying micro and macro segmentation within a virtual environments.
While segmentation seems like a straightforward strategy, it can become increasingly complicated as organizations extend their networks and resources across multiple clouds or begin to converge traditionally segmented network environments such as IT and OT, which ensures the safety and reliability of physical operations.
As Phil explained, “While the convergence of [OT] systems with traditional IT is creating new opportunities for efficiencies, it is doing the same for adversaries. Not only does this allow adversaries to come in and do data breaches, but they can also cause physical compromises to occur. These compromises have the ability to negatively impact the safety of a human being or the reliability of the entire plant.” -Forbes interview, 11 Mar, 2019
One of the most interesting results of convergence is an emerging domain that Phil refers to as “Cy-Phy,” which is the integration of cyber space and devices in our physical spaces. As you converge physical oriented domains—expanding due to the rapid addition of billions of IoT devices to our networks, with cyber domains—you have the opportunity to combine data from the physical domain (temperature, color, proximity, speed, and heat) with traditional data analysis to empower the ability of developers to go in new directions that were not previously possible.
According to Phil, "Self-driving cars, for example, have a combination of sensors of the physical environment combined with some high-end processing in the IT domain. I believe that is a good comparison for what is going to happen in the Cy-Phy domain…We are going to see the emergence of smart buildings and 5G wireless, the latter of which represents a massive increase in speed out at the edge for wireless communications. Those dynamics are going to create a new domain that will allow us to achieve some new efficiencies and conveniences that we have not yet imagined. Simultaneously, it will create some challenges for the cybersecurity folks."
Phil went on to explain that the two most fundamental components of any network are the need to greatly increase the ability to send information back and forth, and to immensely enrich people’s ability to communicate with each other. As a result, cybersecurity solutions need to be built on speed and connectivity. And ironically, these are the places where many cybersecurity vendors fall short.
Fortinet’s strategy is to ensure that we have the fastest possible cybersecurity solutions out there—through such things as our proprietary silicon chips, advanced optimization of solutions, and embedding solutions into the native controls of a cloud environments—combined with the ability to fully connect them together—using a common OS, Open APIs, and a Security Fabric strategy that guides product and feature development as well as deployment.
Forbes interviewer Peter High asked, “What are some trends that are beginning to excite you?” and Phil replied by saying that, “We need to get to a place where machines are better serving people, rather than people serving machines.” Achieving that vision is where the potential of machine learning (ML), artificial intelligence (AI), and intent-based security comes in.
What most people are unaware of when looking at Fortinet is the large back-end organization that does full-time threat research. Traditionally, this was a relatively manual process where manual research was manually converted into indicators or signatures, and then manually pushed out to deployed security devices.
However: "For the past five years, we have used machine learning to do that on a massive scale that could never be done by people. We are looking at billions of pieces of malware using ML. From there, they are characterized into signatures or indicators of compromise, and they are automatically pushed out. ML allows us to highly leverage machines to do the work that is better suited for machines, rather than [using] precious hours from our cybersecurity specialists."
"I believe Fortinet is well prepared to implement that AI-based architecture with [our massive] back-end, [our] speedy communication architecture, and additional speed at the edge. AI is no longer simply on the wish list of the computer scientists from 1985; it is right around the corner."
Similar to the impact of AI is intent-based security, which allows you to say something like, "I want to make sure that dishwashers never talked to TV sets" in a language that people understand, and then your computer takes that intent and converts it into specific security rules and protocols. As more of these rules are generated, this same security solution also needs perform back-end checks and analysis to ensure that configurations and rules remain consistent and manageable. Fortinet’s intent-based segmentation solution is an example of this concept being turned into reality for millions of customers.
This interview originally appeared on the Forbes website on March 11, 2019. Please go to forbes.com to read the interview in its entirety.