How do large companies, like Sony, become vulnerable to advanced persistent threats?
Deb Stonikas: We heard how hackers were inside Sony for months, stealing information. How could a large company become so vulnerable and what can be done about that?
Stelios Valavanis: Even big companies don’t realize that today’s networks are without perimeter. They’re lacking in monitoring. We have to be looking at what’s going on on the network. Plugging holes isn’t good enough. What happens is, an advanced persistent threat achieves its results and our monitoring picks that up. How does it do that? It does that by looking at the traffic, understanding it, understanding what normal traffic looks like, and therefore being able to detect anomalies. It’s analysis work. On top of that, when monitoring, you’re also looking for compliance to policy, so that you’re making your network more secure every day just by looking carefully at the data. We call this the Panoptic approach.