Gabi Reish, global head of product development at network security specialist Check Point, talks to Duncan MacRae about the IT threat landscape and how ‘sandboxing’ should be part of everyone’s defence.
How should sandboxing fit in with a company’s threat defence?
It should compliment traditional protection methods, rather than replacing them. There are lots of technologies that can help protect you so make use of them but sandboxing is an important layer now.
We have more and more customers who are buying and evaluating our solutions all the time and we’ve been detecting about two or three unique new attacks that we’ve detected through our cloud services per week so it’s a very effective solution.
How important is it for companies to share information about attacks?
The entire IT industry is realising the value of collaboration has created a huge contribution to the entire technology industry, not just on the security side. Wikipedia, for example, is a dictionary of information that was created by the masses, millions of contributors around the world, and it’s created a very valuable source of information. People have shared information to create that.
As for security, there was a story in the new recently about a large food manufacturing company that suffered from attacks and wasn’t sharing information about it with other companies. This happens with a lot of companies. They don’t share the information and struggle to deal with an attack on its own when it happens to them. With this particular company, because information in that sector was not being shared, it took them about five years to even realise they were under attack.
Some companies are more concerned about their reputations but sometimes they’re just not aware that if they share information about an attack other companies might actually be able to help them. It’s very important to share information. The collaborative information about attacks and how to deal with them is very valuable.
What kind of threats we can expect in the next year?
I don’t think anything dramatic will change in this area anytime soon. The motives won’t change much but we will likely see the number of attacks increase. Social engineering has been a key element in threats for the past 20 years. It’s nothing new but the accessibility of threats is increasing, with the likes of Facebook, Twitter etc. It’s easier to access a certain person, find out information about them and analyse habits that they have. So I think we can expect to see social networks become a more pronounced threat vector when it comes to attacking organisations in the future.