mWISE Conference 2022 began today in Washington, D.C., with opening keynotes from major names in cybersecurity, including Kevin Mandia and Phil Venables.
Mandia, CEO at Mandiant, kicked off the keynotes. He spoke about the company’s progress over the past year and how organisations globally have a shared responsibility for the cyber domain.
“Wherever information goes, espionage is going to go,” Mandia said.
He also noted that Mandiant responded to an increasing number of malware and threat groups as well as intrusions, stating that “we responded to more intrusions last year than ever before, no question about it.”
Further, Mandia discussed zero-day attacks. Defining these as attacks with no patch, he said the company has responded to 36 already in 2022 and expects approximately 44 by the end of the year.
Mandia also noted that the increase this year is, in fact, a positive, and indicates that companies are getting better at defence.
However, he still stressed the importance of being on top of threats before they become major problems for enterprises.
“[There is] always an emergence of new novel attacks that are out in front and ahead of our defences,” Mandia said.
“Know the new novel, be the first to learn it and close the window.”
Mandia also touched on the company’s increasing work with the US government and, alluding to Russia’s invasion of Ukraine, acknowledged that sharing information between governments, vendors and partners globally can be vital to protecting against emerging threats.
“There’s going to be attacks on the cloud because that’s where we’re all going. That’s where the data is. That’s where the information is,” Mandia said.
“When you prepare in cyber space for attacks, you can do pretty well.”
Mandia also acknowledged the role of cybersecurity in protecting people from disinformation as well as the importance of attribution when attacks occur.
“You’ve got to know what to trust and what to believe,” Mandia added.
“Disinformation is a huge problem for this generation to solve.
“Attribution does matter. It’s the only way we hold nations and people accountable.”
Mandia said that Google Cloud’s acquisition of Mandiant came about because the two companies have a shared vision: to automate.
Once Mandiant made the decision to be proactive about automation, it identified Google as the company best suitable to work with because of its success in analytics, search and AI.
At this point, Mandia introduced Phil Venables, CISO at Google Cloud.
Mandia had previously acknowledged that because society’s reliance is so high on digitising processes, boards across a range of industries are now eager to be involved in cybersecurity.
He gave the example of the hospitality sector, saying that if restaurants and other food businesses processed orders digitally, and something were to happen to their system, they would lose customers because they wouldn’t be able to put orders through.
Venables echoed this, saying that there are now higher expectations of boards to effectively manage the software they use.
He also recognised Mandia’s point around zero-day exploits, saying that the fact that attackers are coming up against these challenges is a sign of success.
“Our goal is to make attackers work harder and harder,” Venables said.