Distinguished CEO Series – Lifting the Veil on Today’s Cyber Threat Landscape
21 September 2017
CIO Academy Asia hosted the suave and highly respected Kevin Mandia, CEO of FireEye at Binomio Spanish Restaurant, in partnership with FireEye.
- About 15 C-level SG folks engaged Kevin in a roundtable luncheon session, facilitated by CIO Academy Asia.
- Kevin clocked his 10, 000 hours as a security officer in the US Air Force in his early days managing logs day in day out for 8 years! That could be the reason why he is so familiar with cyber forensics.
- He shared that cybersecurity is very much associated with the geo-political situation happening around the globe, many of the attacks today are nation-sponsored triggered. Countries like Russia, China, N Korea and Iran are all in hacking other countries at different points in time.
- Mandia has co-authored two books on responding to security breaches, Incident Response: Incident Response: Investigating Computer Crime (in 2001) and Performing Computer Forensics (in 2003) and was instrumental in implicating China in cyber espionage in 2013 while he was with Mandiant. He urged the participants to read it because many of his insights and predictions covered in the two books are still relevant today.
- A question was asked whether Singapore government’s air gap policy to separate the internet from the internal application systems was an over-reaction. Kevin felt that most governments do incorporate a multilayer protection system to insulate their classified data assets either by software or physical separation controls. As such he felt that Singapore was no different and had every right to impose such policies.
- A question was asked about the role of Interpol to mitigate cybercrimes internationally. Kevin felt that Interpol has to rely on international norms like the Geneva Convention for nations to cooperate but still face challenges when dealing with rogue nations. Singapore is a good cybersecurity model for others to emulate as far as governance and trust is concerned because its like a hybrid of Switzerland and Israel.
- Kevin feels that the cybersecurity world is badly lagging behind in the use of AI in terms of mitigating threats.
- Attackers can always find loopholes especially if organisations keep hanging on to their legacy systems and old architectures.
About Kevin Mandia – Kevin has served as FireEye Chief Executive Officer since June 2016 and was appointed to the company’s Board of Directors in February 2016. He was previously President of FireEye from February 2015 until June 2016. Kevin joined FireEye as Senior Vice President and Chief Operating Officer in December 2013, when FireEye acquired Mandiant, the company he founded in 2004. Before Mandiant, Kevin was the Director of Computer Forensics at Foundstone (acquired by McAfee Corporation) from 2000 to 2003, and the Director of Information Security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000.
About FireEye – FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant® consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 6,000 customers across 67 countries, including more than 40 percent of the Forbes Global 2000.