Herbert “Hugh” Thompson has become well known in the industry, mainly for his work as the programme committee chairman at RSA Conference, but I recently had the opportunity to talk to him with his Blue Coat hat on, about the move to protect against evolving and sophisticated threats.
Blue Coat announced the launch of an advanced threat protection suite earlier this year, tapping into technology acquired from Norman Shark last year. I asked Thompson if it was important to protect users from evolving threats, but also consider the people factor too, and how much of a role they play in security?
He said that is an interesting problem, and one that has been perennial plaguing problem of IT security for a long time. “Philosophically I’m a big believer in education. I taught at Columbia University for years and I spent a lot of time in that space and it’s so difficult because, when you do education to users, you end up being really prescriptive,” he said.
“So you say ‘hey, don’t click on links that come in email’, as an example, and that might be a message that you push down. I got a phishing email about three weeks ago that essentially said ‘for security reasons we have not included a link in this email because links can be very dangerous’. Instead there was the name of the company, ‘look up on Google, go to our site and you can download a trial version of the application from there.’ They then search engine optimise this fictitious company so it’s right at the top when you do a Google search, and you essentially then have some degree of false confidence.”
This, Thompson said is a challenge as the employee is doing what the security awareness training told them to do; they didn’t click on the link from the unknown person, but still did something really dangerous.
Another piece he said that was making awareness and security more challenging is that people are so knowledgeable now, that a stranger could find out everything about a person before they even met. “You can find out my parents names, the fact that I grew up in the Bahamas, you know what I studied in school, where I went, what my favourite thing is to eat and that I don’t like fish. You could find all of that stuff out because it’s there – it’s either there on social media, it’s there through genealogical sites that you can sign up for, like ancestry.com, and so it’s easier than ever to write a really targeted, really compelling phishing email, or even a phone call to somebody.”
Going forward, Thompson said that one of the biggest challenges for security is how we can create technology that makes it easier for users to make good choices naturally, and how do we have an infrastructure in place that accommodates for those kinds of failures, that just accepts them and assumes that they’re going to happen and then gives us the ability to isolate them, learn from them, and then recover from them.
I asked him where the next technology options going to come from. He said that on the educational side, we’ve come a long way in new provocative ways to teach people, but one of the things that that Blue Coat does, especially on secure web gateway, is to block a suspicious link. “We’ve got a free tool that we give away for families called ‘K9’ that actually barks at you if you go to a dangerous URL,” he said.
“Bu
t, it’s an interesting tool, it’s a safety net for those folks depending on where they go, but I think that that is one area that we still have a long way to progress in.”
He went on to say that there’s a concept in computer science called ‘Calm Computing’, which is this idea that you should never have to have a reminder pop up on your phone, there’s just some signalling that happens around you where you naturally get the feeling that “hey, there’s something I’m supposed to do at 3 o’clock”, and it gets more intense the closer you get to it.
“I think that that’s the ideal in security; I think we need to make browsers and make other places signal to you that if you’re on a .ru site looking for a cheaper X-box, then that browser should make that site look a little darker, look a little scarier, or give you some signal mapping so you can make the same choices that you do in the physical world, but that’s a place we got a long way to go.”
Hugh Thompson, senior vice president, chief security strategist and chief marketing officer at Blue Coat Systems, was talking to Dan Raywood