Security has traditionally worked by detecting potential threats, analyzing them to pinpoint actual threats, then responding to neutralize or fix the issue.

Today, with nation-state actors conducting what amounts to a Cyber Cold War, this reactive response is too slow.

“By the time that I tell you that there is ransomware in your environment and send an alert, it will be five computers that are encrypted, and by the time that you look at the alert, it’s going to be 5,000 machines that are encrypted,” said Lior Div (pictured, left), co-founder and chief executive officer of Cybereason Inc. “And so by the time that you do something, it’s going to be already too little, too late.”

Div and Sunil Potti (right), general manager and vice president of cloud security at Google Cloud, spoke with David Nicholson, host of theCUBE, SiliconANGLE Media’s livestreaming studio, for a digital CUBE Conversation. They discussed Google and Cybereason’s collaboration to create an extended detection and response, or XDR, security solution that will switch the response paradigm from “detect, analyze, respond” to “detect, understand, anticipate.”

Cybersecurity solutions need to neutralize threats before damage occurs

As the world increases its use and reliance on technology, the opportunity to conduct espionage, create economic disruption, and gain easy funds has attracted nation-states and criminal cartels to the cyber attack game. The result is a security crisis.

“What’s happening right now, there is basically a cold war that nobody is talking about,” Div said. “Everybody is hacking everybody, and in the crossfire, we see all of those enterprises across the world.”

All executives need to pay attention to addressing cybersecurity in the same way they took note of the rise of mobile technology 15 years ago, or cloud computing 10 years ago, according to Potti. “Any company that has any sort of IP that they feel drives their top-line business is now a target for attack,” he said.

Building a solution that can neutralize ever more sophisticated threats requires the ability to view the global attack surface. It’s a big ask, but one that the collaboration between Google and Cybereason aims to accomplish with Cybereason’s XDR powered by Chronicle, due for release in early 2022.

Cybereason’s XDR powered by Chronicle will monitor the entire attack surface

When Cybereason’s expertise in collecting and analyzing end-point data is linked with Google Chronicle’s ability to collect logging data from across the world, it gives “access to every piece of information across the full attack surface,” Div stated.

The graph technology that powers Cybereason will be intricately woven in with the contextual information that Chronicle can get,” according to Potti. This means that the solution not only analyzes the current situation, but “understands the overall strategy that has been employed in the past to predict what could happen in the future,” he said.

The two companies created a solution five times faster than any solution currently existing in the market, according to Div.

“And, most importantly, it enables us to reverse the atmospheric advantage,” he said. “We’re moving from ‘Hey just to tell you …’ to actually preventing hackers being in your environment.”

Here’s the complete video interview, part of SiliconANGLE’s coverage of Google Cloud Next and one of many CUBE Conversations from SiliconANGLE and theCUBE: 

Photo: SiliconANGLE