More than 20 years ago, Intel became a famous household brand by launching its highly popular 'Intel Inside' campaign which firmly etched Intel's brand in PCs. Now, with the acquisition of McAfee, Intel wants to take the concept of enterprise security to every aspect of computing -- from smartphones and tablets to servers and the cloud by taking a 'Security Connected' approach.
To better understand Intel's strategy in the changing threat landscape, Dataquest spoke to Chris Young, SVP and GM, Intel Security Group, who shares a detailed perspective on how Intel is positioning its security expertise in the emerging world of cloud and IoT.
Some edited excerpts:
1. It is now more than 4.5 years since Intel announced the acquisition of McAfee. How has Intel gained from the acquisition?
With McAfee, Intel Security has combined the best security products with the best next-generation security platform, amplifying its capabilities. In doing so, we have renewed our concentration on innovation and plan to reinvent security for the next generation. With our Security Connected strategy, which represents an innovative approach to hardware-enhanced security, and unique Global Threat Intelligence, Intel Security is deeply focused on developing proactive, proven security solutions and services that protect systems, networks, and mobile devices for business and personal use around the world. Security is built in by design to better protect every layer of computing, from chip to cloud and from devices to the data they hold.
2. Specific to India, what kind of opportunities does Intel see in the Indian market with respect to security?
Be it the booming eCommerce market, competitively priced smartphone devices, the pervasiveness of BYOD solutions, the Indian Government’s Digital India initiatives, or the Aadhaar card program, all of these have created a new economy for businesses and customers alike.
That said, the level of cyber-attacks in the country have increased tremendously with more aimed at lucrative targets like financial services and IT organizations. For instance, data from Intel Security Labs indicate that of all the Indian organizations that have experienced security incidents in recent times, 34% were financial services organizations and 34% were IT companies. The heartening fact is that the awareness levels of organizations and customers are also increasing, gradually leading to more as well as wiser spends on IT security.
3.What are your observations on the security threats facing Indian establishments?
In terms of sectors specifically, India’s IT sector is probably being attacked because it works with global companies around the world, so has access to valuable information. The good news is that at least the IT companies that I know of have very modern security programmes. They have good CISOs, they are deploying the latest technology, and many of them are cutting edge solutions. They are investing and they know this is a problem, so they may be attacked but, I think they are doing well in terms of defending themselves against these attacks.
In terms of the overall threat landscape, I believe that there are three forces that shape security across the world and are relevant to India as well. The first is the changing attack landscape, so the attackers are changing their attack types – it drives the industry in many ways. The second force is all the mega trends in IT; IoT, cloud, and mobility, which also drives security, because security must adjust to new attack surfaces and vectors. If things change, security has to change with it. Mobile is a great example. Thirty-eight percent of consumer mobile security incidents in India are from mobile adware. Now imagine these devices in a BYOD scenario and suddenly it is an enterprise problem too.
The third force is complexity and fragmentation. There are so many tools and technologies out there, that when you look at a large company security programme, it is like a patch work of all these different products. They don’t talk to each other, they don’t work together, and it becomes very hard to manage IT security for a large organization. I think this is particularly relevant in India where we’re still dealing with a lot of legacy technology while also trying to come up to speed with the nexus of forces.
4.How is Intel positioning itself in the changing threat landscape?
While we offer a number of products and solutions that are relevant to consumers and organizations in India, there are two key elements that define our security agenda:
#1 Security Connected: We have innovations across the full security spectrum and a framework that helps customers protect, detect, and respond to potential exploits of their data. This integrated approach, which we call Security Connected, yields a robust, secure architecture that is more easily managed than frameworks operated with security controls in disparate silos of operation. The Security Connected framework from Intel Security enables integration of multiple products, services, and partnerships for centralized, efficient, and effective risk mitigation. It helps organizations across segments and sizes to improve security, optimize it for greater cost effectiveness, and align security strategically with business initiatives.
#2 Threat Intelligence: For Intel Security, providing customers with intelligence on the threat landscape is as important as providing them with products to secure themselves from those threats. In doing this, we empower our customers to remain ahead of the curve and take a more proactive approach to security, improving their overall security posture. Our Global Threat Intelligence and Threat Intelligence Exchange offerings are aimed at exactly this.
5.What is your perspective on the impact that IoT will have on information security? What kind of opportunities will IoT (from a security point of view) throw up for Intel?
The industry at large is still fairly uncertain about IoT’s impact on the security posture of an individual, organization or even a nation. That uncertainty makes the situation more dangerous. The challenge lies in embedded systems that are now increasingly connecting to the internet. Gartner estimates that the installed base of IoT devices (excluding PCs, tablets and smartphones), will grow to 26 billion units in 2020, up from 0.9 billion in 2009.
What is happening is that the definition of what is sensitive information is changing as well. IoT devices today are able to gather information that was probably not aggregated previously. Their connections to the Internet make them vulnerable to cyber criminals. From an opportunity standpoint, this is huge for Intel Security given that it will open up new avenues in security by design.