RSA 2013: Interview with security evangelist Stephen Cobb

Written by

I’ve just spent a fascinating 45 minutes picking the brain of ESET security evangelist, Stephen Cobb. 

Below are the key statements made by ESET's Cobb during the interview, and his explanation for each:

The theme of this year’s RSA is Big Data Sharing

“We’ve been sharing data for a long time. The anti-virus industry does a tremendous amount of data sharing, including samples and signatures. Vendors are using big data analysis to find the bad guys and the bad stuff.”

There is too much reliance on the firewall

“There’s a tendency to believe that if you have the latest technology, you won’t be hacked or breached. But there’s too much reliance on the firewall. It’s not just about having the technology, but about how it is implemented. If you have the right technology, with multiple layers and the right implementation, advanced persistent threats would not be as much of a problem.”

Security needs to be added, but never turned off

“It’s important to have a complete and co-ordinated approach to security. You always need to add new technologies and new defences, but you shouldn’t, in turn, be turning anything off. It might appear that you’ve solved a problem, but in reality it is only being hidden by the technology that you have in place. Always add security, never take it away.”

The quality of the hacker is improving

“It’s evident that there is now a division of labour amongst hackers. Modules of malware will be written by different people and sold on the black market. Combined, these modules make stronger attacks.”

Hackers are working in teams, but so are the good guys.

“There’s a lot of work going on behind the scenes – cooperation between vendors, ISPs, academia and law enforcement. People are actively thinking about how to get ahead and small conferences happen where intelligence is shared. There’s always the conflict between information security vendors’ need to compete versus the need to tackle the problem. ESET are not a competitor bashing org, which is why I like them.”

New Technology and devices, as a rule of thumb, have terrible security

“New devices and technology are cool, but guidelines include very little about security. Speed to market plays a part in that. We are evolving towards a built-in security model, but it will take time. As we make more digital things, we’ll start thinking about security earlier in the process. Kudos to Microsoft for their work on the SDLC.”

SMBs are a juicy target

“SMBs have less security than large organisations but more money than individuals. This makes them a prime target. I’d like to see SMBs improving their security, but this is dependent on an improved economy.”


What’s hot on Infosecurity Magazine?