“We define our security standards and thus capabilities”, Gilliland explained. “We’re proud when we meet compliance – giving the [black hats] a roadmap to our defences.” While he admitted that the information security industry has done a “phenomenal job” of raising the low compliance bar, he insisted that the industry should not aspire to a low bar.
“We need to take a step back and look at how the black hats see us, change our behaviour, and respond more effectively”. At present, Gilliland, said, “we’re predictable to our adversaries.”
Eighty-six per cent of our expenditures are committed to blocking adversaries, he said, “and we’re spending all our money building a shield around us, whilst knowing that they are the best in the world and only need to get it right once.”
What we know about the attackers, Gilliland confirms, is that they are “a market with a distinct process which organizes its actors. There is massive specialization around the process, and intelligence is bought and sold.” Organizing the white hat capability to disrupt the black hat market, HP’s Gilliland said, is integral. “We need to use our intelligence correctly.”
Big data, he said, will be integral to “finding and sharing intelligence as much as our adversaries do”, adding his excitement about the promise big data has on the industry. “If we do [big data] right, we can fight and win.”