IronNet Cybersecurity enhances platform to combat threats through collective defense
With the global coronavirus pandemic affecting millions, the immediate health effects are clear. What is less apparent is a blame and threat campaign quietly going on behind the scenes.
General Keith Alexander, former director of the National Security Agency and founder of IronNet Cybersecurity Inc., recently wrote a commentary for The Hill in which he and fellow IronNet executive Jamil Jaffer outlined an increase in active media campaigns by foreign nations. According to the two cybersecurity executives, China, Russia and Iran have been “doubling down” on media influencing initiatives to blame the U.S. for the spread of coronavirus.
These efforts to spread disinformation and foment unrest in advance of the U.S. election cycle are also designed to create distraction for government authorities as they deal with the impact of the pandemic and mask potential attacks against military personnel in other countries, according to Alexander and Jaffer.
“This is the invisible enemy,” said Bill Welch (pictured), chief executive officer of IronNet Cybersecurity. “While this COVID-19 may or may not have been anything as far as a bioweapon, now others will see it as a way to bring down a country or an economy. There are going to be adversaries who are going to take advantage, and some of the nation states are looking at opportunities to use this to go after other countries, maybe just to test and see what their vulnerabilities are.”
Welch spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed a cybersecurity approach using collective defense, changing enterprise reluctance to share threat data, and recent enhancements to IronNet’s platform.
Leveraging behavioral intelligence
Times of great vulnerability, such as the current pandemic, can lead to greater reliance on people banding together to defend against threats. This is the concept behind IronDome, IronNet’s collective defense solution. IronDome leverages the behavioral intelligence gleaned from IronNet’s Network Traffic Analysis platform and shares it across an industry sector to gain rapid visibility on potential threats.
“Our customers are seeing increasing awareness of their employees to understand what’s going on around them,” Welch said. “What we’re able to do within our environment, in our IronDome, is bring all of this together — the human element and the information-technology element. We believe that collective defense is our collective responsibility.”
This notion of collective defense is couched in the belief that a threat detected by one can be blocked by all, resulting in greater visibility of the attack landscape. IronNet commissioned a whitepaper on this approach with the independent research firm Vanson Bourne, interviewing 200 U.S. security and IT decision makers.
The results found an appetite for sharing threats. Among respondents, 94% said they were willing to increase the level of threat sharing among industry peers, and 92% expressed interest in sharing security intelligence data with government agencies if it resulted in cyberattack deterrence.
“Stop defending in isolation; that’s what enterprises have been doing,” Welch said. “They’ve been defending in isolation with no sharing, no collective intelligence. We’ve brought the power of people to come together and collectively defend when something happens.”
New visual interface
One of the issues the cybersecurity industry must deal with is that cybercriminals have gotten very good at covering their tracks. Threat actors have long used the latest, most robust encryption tools to communicate with each other, and they transact business in the hidden corners of the dark web.
As COVID-19 spread around the globe, the number of malware attacks and phishing attempts has escalated rapidly, fueled by the ability of cybercriminals to move with speed and agility as the remote work attack surface expanded.
To counter this trend, IronNet announced last week a new, highly visual interface for IronDome that can animate suspicious cyber anomalies as they are correlated across members of the collective defense network. The goal is to improve the ability of a security operations center to see attacks.
“We have to get our arms around the ability to invite people into this experience no matter where they are,” said Welch, who cited a comparison with the interactive nature of the gaming community. “Make it visualized and immersive, as in a gaming environment. That’s what we’re doing in IronDome.”
In pursuit of improving the collective cybersecurity defense, IronNet has formed partnerships with several firms. Last year, IronNet announced a collaboration with BlueVoyant Inc. to provide threat detection capabilities for energy providers in the U.S. In February, the firm announced it would team up with Raytheon Co. to help defend operational and IT systems.
These latest moves highlight IronNet’s persistent drive to shift the cybersecurity paradigm from defense by one to a collective approach. Events of the past several weeks have added urgency to this mission.
“It is going to be about a lot more communication,” Welch said. “These are challenging times where the adversary is not going to just sit back.”
Here’s the complete video interview, one of many CUBE Conversations from SiliconANGLE and theCUBE:
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.