Hillstone’s Tim Liu recently spoke to Cybernews about the latest in the cybersecurity world and its impact on IT teams and businesses. The full article can be discovered in Cybernews, and a section has been reprinted here with kind permission.
Today’s guest, Tim Liu, CTO of Hillstone Networks, strongly believes that in the near future, ransomware is likely to become a prominent problem and with easy access to commodities such as ransomware-as-a-service, hackers will easily initiate even more attacks.
There may not be a way to stop it altogether, but there are many solutions, that help you detect ransomware early on or reduce the consequences to the minimum. Today we once again will take a look at the latest cybersecurity measures, to find more about how to protect our networks and devices.
Can you tell us about the story behind Hillstone Networks? What has the journey been like since your launch in 2006?
The first challenge Hillstone Networks took on was solving the problem of UTM performance. If you recall, back in the day, when UTM features like AV or IPS were turned on, throughput would slow down dramatically. We fixed this issue by leveraging multi-core processors that were starting to appear at that time.
From there, we eventually leveraged similar technology to release one of the first AI-based firewalls. The cybersecurity landscape is constantly changing, in part, due to constant innovation on the business productivity side. These innovations need to be met by similar augmentations on the security side in order to continue securing these new topographies. By continuing to innovate in the past decade, we’ve been able to launch security solutions that line up with advances in technology.
For example, when virtualization technology was popularized, Hillstone CloudHive, our micro-segmentation solution for virtualized environments, was released. More recently, with the massive migration to cloud-native applications, containerization, and distributed workforce, we have a whole suite of new solutions to support this migration, from XDR to CWPP, to SD-WAN, and others. Our constant strive for innovation is recognized by our qualification as a Visionary in Gartner’s Magic Quadrant for Network Firewalls.
From a thought leadership perspective, we intend to re-educate the industry on how cybersecurity is an investment, rather than an expense. Our products are easy to use and help customers visualize and understand security situations within their enterprises. Our goal to re-educate the industry and help make cybersecurity more accessible is embodied by our message of “Security that works” and our long-running inclusion in the Gartner Peer Insights report.
Can you introduce us to what you do? What are your main areas of focus?
Today, cybersecurity is omnipresent – from headlines, to how your home network is secured, to how you securely access corporate assets and resources safely from any entry point. And across technology sectors and industry verticals, security is no longer an afterthought. My role as a CTO is dynamic and continuously forward-looking — we help our customers become resilient, and we have to look at the integrity of the world as a whole, as today’s security incidents have a far-reaching impact.
From edge to cloud – everyone wants a secure and seamless experience. There is an increasing need for more bandwidth, better network availability, and quality to serve specific high-volume workloads across all sectors. Employers want their workforce to remain productive and to deliver a competitive advantage in their products and services. Remote and mobile workers demand a quality user experience. Edge computing and IoT-driven workloads are increasing and are the primary drivers for specific solutions like secure SD-WAN.
My job is to consider gaps in technology against the market trends and customer pain points and to help ensure that IT teams can reliably and efficiently secure their networks, apps, data, and users – all of their critical assets — while delivering on their SLAs with our core solutions.
When it comes to enterprise cybersecurity, what myths and misconceptions do you think people tend to have most often?
I think the biggest misconception is that businesses will not get breached, or that they are smaller or mid-size enterprises and not a target because hackers go for the big Kahuna and big pockets. According to Accenture, forty-three percent of attacks are aimed at SMBs, but only 14% are prepared to defend themselves.
The second misconception is their understanding of the impact of a breach – from a damage/cost perspective, as well as from a recovery time perspective.
Another misconception is that security is in the purview of the IT department. The fact of the matter is that today, every individual in an organization shares responsibility for the security posture of their network.
How has it altered the way people perceive cybersecurity?
A lot of times, security is still considered IT’s responsibility. Cybersecurity is oftentimes viewed as an expense of doing business in this age of digital transformation. However, a cyber-resilient infrastructure – our main goal – is one that is adaptable and agile, able to continually protect an enterprise from known and unknown threats.
There is a general misconception of “it won’t happen to us, though.” However, with the complexity and sheer volume of multi-layer and multi-stage attacks, and easy access commodities such as “Ransom-as-a-service,” malicious attackers have likely already gained footholds in countless enterprises around the world.
They are just waiting for the right time to strike. In such a world, a post-breach mitigation strategy is imperative, which goes back to our discussion about cyber-resiliency. A resilient infrastructure that is adaptable and agile can quickly mitigate these advanced threats and withstand others.
In the age of frequent cyberattacks, do you think small businesses and big enterprises require the same security measures?
Risk management starts with identifying your critical and confidential assets. Security strategy and measures will depend on the value of these assets that businesses want to protect. And then implementing the right level of investments to ensure the security of those assets.
Security teams, software, and CISOs are all investments. Companies need to look at the possible damage that a potential breach could cause and determine the security investment against what they can afford to lose if a breach occurs.
Talking about individual users, what security solutions do you think everyone should look into?
Today, there is no shortage of tools and solutions – across many categories and areas of opportunity. There are firewalls and monitoring tools for network security, encryption tools for data protection, vulnerability scanning tools for risk management, and detection services – much of which can be found in most IT environments as well as the hardened networks at home offices. Simple installations of anti-virus or anti-spam programs are a start, but they may not necessarily be enough. Following industry best practices, together with good digital hygiene and a secure enterprise strategy is still the more surefire way to help secure these remote workers.
As the attack zone expands and widens, and as hackers become more brazen amidst transitions in the industry, and how customers consume technology on the go on their portables – security and cyber resilience become ever more important. In today’s anywhere access to everything, every individual is a security ambassador, and the professional/personal lines are blurring and irrelevant.
Why do you think certain organizations are unaware of the dangers hiding in their own networks?
Today’s IT infrastructure and deployment environments are very complex – and hybrid and multiple cloud deployments are becoming the norm. There are a few adages that are applicable here – “you can’t fix what you can’t see”, or “you can’t improve what you can’t measure.” Everything starts with visibility or knowledge. In a typical IT environment, assets are grown, shrunk, or migrated all the time based on business needs.
What this type of dynamic infrastructure means is a potential for vulnerabilities to be exploited. Organizations don’t have a way to keep track of or monitor their critical assets in a holistic way, leaving windows of vulnerabilities to overly eager hackers.
What are some of the most serious cyber threats you think will become prominent in the next few years?
Ransomware is likely to continue growing both in terms of complexity and volume. With such easy access to commodities such as ransomware-as-a-service, hackers can easily initiate attacks. Successful ransomware attacks are very detrimental to brand image, tear trust away from customers and the general public, and provide a big pay-out quickly – look no further than the recent Costa Rica government ransomware attack. This is why we believe ransomware will continue to be on the rise.
OT and IoT security will be another topic of concern. Security for OT and IoT involves many more different types of endpoints, making it different from standard IT which only deals with a few (Windows/Mac/iOS, etc). The fact that there are many endpoints to contend with makes asset discovery and management more important in the quest to ensure an overall security posture.
What does the future hold for Hillstone Networks?
Security will continue to follow the general technology trends of cloud, distributed workforce, and diversity of connected endpoints. In terms of security delivery, we will continue to focus on ways to deliver security to reach all corners of the infrastructure.
In this case, the cloud becomes a natural medium. With respect to security operations, we see security solutions becoming overall more complex. For enterprises, it becomes more and more important to focus on security-situation awareness, and security resilience to respond timely and effectively to incidents.
Hillstone is focused on helping our customers in this aspect through our ‘see understand act’ methodology which is integrated into our platform to ensure cyber resilience.