The advantage of dealing directly with a security firm as opposed to a neutral third-party is that it may possess deeper expertise. “It’s the difference between going to a medical generalist and a specialist,” says Joshua Goldfarb, chief technology officer of FireEye in Milpitas, California, which has emerged as one of the most visible Internet security firms. “If you have a cold or fever, you might go to a general practitioner. But if you need orthopedic surgery, you’re going to go to an orthopedic surgeon. We’re the surgeon. A new customer can tap into all the experience we have built up over a decade of experience as an organization.”
Last year, FireEye, which markets its own hardware and software, acquired a highly specialized computer forensics firm, Mandiant, that has been a leader in identifying and tracking government-sponsored or government-sanctioned hacking organizations, particularly from China.
It calls those organizations Advance Persistent Threats (APTs.) That acquisition enables FireEye to help its customers anticipate the “threat vectors” coming from other countries. Altogether, it has 3,700 customers in 67 countries.
FireEye’s core offering is what it calls a “virtual execution engine” complemented by dynamic threat intelligence to identify and block cyber-attacks in real time. “But if a company wants to partner with us, to operate in the world we live in, then we are happy to offer our solutions as a service,” Goldfarb adds.
Goldfarb offers CEOs two pieces of advice. The first is to adopt a balanced approach toward security, which is part prevention, part detection and part response. If a bad guy wants to get into your systems, the chances are that he can—no matter what prevention measures are in place. One reason is that traditional perimeter-based defenses are breaking down, partly because of more distributed computing systems and partly because of the proliferating use of handheld devices.
“If an attacker wants to come after you, they will find a way in and we need to mitigate the incident before the attacker is able to get the information he wants,” Goldfarb advises.
The second is to find a security partner who understands your business and takes a systematic approach to defending it, rather than merely trying to apply Band-Aids. “A partner should approach security in a holistic way,” he says. “If the discussion consists of a bunch of buzz words and tactical type approaches that are not guided by an overall strategic approach, it may not be an adequate partner.”
The bottom line? If you haven’t adopted an Internet security strategy, it’s way past time to get started.