UPDATED 10:00 EST / APRIL 22 2020

bill-welch-cc-2020 SECURITY

IronNet Cybersecurity enhances platform to combat threats through collective defense

With the global coronavirus pandemic affecting millions, the immediate health effects are clear. What is less apparent is a blame and threat campaign quietly going on behind the scenes.

General Keith Alexander, former director of the National Security Agency and founder of IronNet Cybersecurity Inc., recently wrote a commentary for The Hill in which he and fellow IronNet executive Jamil Jaffer outlined an increase in active media campaigns by foreign nations. According to the two cybersecurity executives, China, Russia and Iran have been “doubling down” on media influencing initiatives to blame the U.S. for the spread of coronavirus.

These efforts to spread disinformation and foment unrest in advance of the U.S. election cycle are also designed to create distraction for government authorities as they deal with the impact of the pandemic and mask potential attacks against military personnel in other countries, according to Alexander and Jaffer.

“This is the invisible enemy,” said Bill Welch (pictured), chief executive officer of IronNet Cybersecurity. “While this COVID-19 may or may not have been anything as far as a bioweapon, now others will see it as a way to bring down a country or an economy. There are going to be adversaries who are going to take advantage, and some of the nation states are looking at opportunities to use this to go after other countries, maybe just to test and see what their vulnerabilities are.”

Welch spoke with John Furrier, host of theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed a cybersecurity approach using collective defense, changing enterprise reluctance to share threat data, and recent enhancements to IronNet’s platform.

Leveraging behavioral intelligence

Times of great vulnerability, such as the current pandemic, can lead to greater reliance on people banding together to defend against threats. This is the concept behind IronDome, IronNet’s collective defense solution. IronDome leverages the behavioral intelligence gleaned from IronNet’s Network Traffic Analysis platform and shares it across an industry sector to gain rapid visibility on potential threats.

“Our customers are seeing increasing awareness of their employees to understand what’s going on around them,” Welch said. “What we’re able to do within our environment, in our IronDome, is bring all of this together — the human element and the information-technology element. We believe that collective defense is our collective responsibility.”

This notion of collective defense is couched in the belief that a threat detected by one can be blocked by all, resulting in greater visibility of the attack landscape. IronNet commissioned a whitepaper on this approach with the independent research firm Vanson Bourne, interviewing 200 U.S. security and IT decision makers.

The results found an appetite for sharing threats. Among respondents, 94% said they were willing to increase the level of threat sharing among industry peers, and 92% expressed interest in sharing security intelligence data with government agencies if it resulted in cyberattack deterrence.

“Stop defending in isolation; that’s what enterprises have been doing,” Welch said. “They’ve been defending in isolation with no sharing, no collective intelligence. We’ve brought the power of people to come together and collectively defend when something happens.”

New visual interface

One of the issues the cybersecurity industry must deal with is that cybercriminals have gotten very good at covering their tracks. Threat actors have long used the latest, most robust encryption tools to communicate with each other, and they transact business in the hidden corners of the dark web.

As COVID-19 spread around the globe, the number of malware attacks and phishing attempts has escalated rapidly, fueled by the ability of cybercriminals to move with speed and agility as the remote work attack surface expanded.

To counter this trend, IronNet announced last week a new, highly visual interface for IronDome that can animate suspicious cyber anomalies as they are correlated across members of the collective defense network. The goal is to improve the ability of a security operations center to see attacks.

“We have to get our arms around the ability to invite people into this experience no matter where they are,” said Welch, who cited a comparison with the interactive nature of the gaming community. “Make it visualized and immersive, as in a gaming environment. That’s what we’re doing in IronDome.”

In pursuit of improving the collective cybersecurity defense, IronNet has formed partnerships with several firms. Last year, IronNet announced a collaboration with BlueVoyant Inc. to provide threat detection capabilities for energy providers in the U.S. In February, the firm announced it would team up with Raytheon Co. to help defend operational and IT systems.

These latest moves highlight IronNet’s persistent drive to shift the cybersecurity paradigm from defense by one to a collective approach. Events of the past several weeks have added urgency to this mission.

“It is going to be about a lot more communication,” Welch said. “These are challenging times where the adversary is not going to just sit back.”

Here’s the complete video interview, one of many CUBE Conversations from SiliconANGLE and theCUBE:

Photo: SiliconANGLE

Since you’re here …

Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!

Support our mission:    >>>>>>  SUBSCRIBE NOW >>>>>>  to our YouTube channel.

… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.