sb-au logo
Story image

Exclusive: Is cybersecurity losing because it’s too profit-focused?

06 Mar 2018

Almost every week there is news of another massive data breach where cybersecurity failures or human errors have allowed cybercriminals to profit.

Recently I sat down with High-Tech Bridge CEO Ilia Kolochenko who spoke about the industry, its challenges, and why he believes cybercriminals currently have the edge.

In terms of the current threat environment and whether it’s becoming increasingly unsafe for businesses, Kolochenko says the situation is very complicated.

“In blunt terms, the very first goal of most cybersecurity vendors is to sell more, which means marketing often takes priority over research and innovation,” says Kolochenko.

“And while most businesses do believe cybersecurity to be very important, their first priority is making money. If the business isn’t profitable then they will simply not have enough cash to pay salaries so it's impossible to say that security is the very first concern.”

Kolochenko says the recent spate of attacks has created a concerning mentality among businesses where they believe spending more will fix the solution.

“Spending more doesn't necessarily mean spending better, or that it will improve your privacy and security. For many modern businesses if they're compliant with regulations and there are no public scandals, then they don't care about the rest,” Kolochenko says.

“We have a lot of confusion and I believe the situation will become even more challenging as people have different views, they cannot agree on whether cybersecurity services business or whether business services cybersecurity. Every company is different and I think until we have some agreement with the boards of directors, CIOs, CFOs, and IT teams then we will continue to have breaches and leaks almost every week.”

When asked if the power at the moment lies with the cybercriminals, Kolochenko says that is true to an extent because of a very simple reason.

“Given their pay is never guaranteed, cybercriminals are outperforming the 'good guys' in many particular aspects only because they are 'hungry'. They need money and need it now as they don’t have the luxury of easy cash so essentially can’t afford to fail. They try to plan everything very carefully and they have multiple backup plans to make sure that if plan A doesn't succeed then they have other options,” says Kolochenko.

“Cybersecurity companies by definition have much more capacity to maintain and create such technologies then the bad guys and the community of good guys can afford to fail in most cases. For example a failure can be seen as an achievement because in the future they will be able to prevent it from happening again.”

Kolochenko also commented on the on the role artificial intelligence (AI) has to play in cybersecurity and whether all the hype surrounding it is justified.

“The term ‘AI’ has become massively misused. AI is a scientific domain that has existed since the 1940's where very little – if any –  computing power existed. We need to distinguish strong AI which can virtually replace humans almost everywhere. It doesn't exist yet and it will unlikely appear in the next 10 years,” says Kolochenko.

Kolochenko says while the industry does have some great technologies in place that use machine learning as part of AI to reduce human input in certain areas, we tend to overestimate the impact it will have as its current applicability is limited to certain tasks.

“For example, within our company we use machine learning in a very particular way to enable intelligent automation for application and mobility testing. It essentially means that you can remove or reduce human involvement and time without reducing the quality or reliability,” says Kolochenko.

“You will see almost every single cybersecurity company around boasting about how they're using AI, but when you start asking them to explain how their product is different and what are the tangible benefits for the customer then often you will not get a reply - or at least not a coherent one.”

The story behind High-Tech Bridge is an interesting one, with Kolochenko deciding to start the company in late 2007 after beginning his career as a penetration tester in 2004.

“We used to be a small penetration testing boutique then we began to grow with the need to invest in our own in-house technology if we wanted to get ahead. I decided to create a platform with the goal to bypass all the usual logistic administration tasks associated with penetration testing,” says Kolochenko.

“Many startups try to invent a problem and then sell it to you afterwards, but we built something that customers were looking for.”

Link image
Emerging technologies present big opportunities – but know the risks
Adopting cloud, AI and IoT can bring a boost to your business. But being informed of the risks is crucial when implementing digital transformation tech.More
Story image
Mentorship key to bringing women into cybersecurity - Microsoft
“Diverse teams make better and faster decisions 87% of the time compared with all male teams, yet the actual number of women in our field fluctuates between 10 and 20%. What ideas have we missed by not including more women?”More
Story image
New stalkerware tech wreaking havoc on personal privacy
Stalkerware, which tracks and stalks victims using their own devices, is not a new concept but researchers at Kaspersky have found a new sample of it, which it says supersedes all previously found software. More
Story image
Interview: Barracuda decision-makers discuss public cloud security
Last month, Barracuda released a report outlining the security barriers organisations must overcome to adopt the public cloud, as studies reveal that security was the top concern for such organisations.More
Story image
It’s time for firms' cybersecurity credentials to take centre stage
leading enterprise database was also used to identify whether each company had a chief information security officer (CISO) or a chief security officer (CSO). The results proved extremely interesting…More
Story image
Former Nutanix head to drive Rubrik’s A/NZ expansion
Jamie Humphrey has been appointed to the role of country manager and general manager for Rubrik's Australia and New Zealand business.More