Story image

Exclusive: Is cybersecurity losing because it’s too profit-focused?

06 Mar 18

Almost every week there is news of another massive data breach where cybersecurity failures or human errors have allowed cybercriminals to profit.

Recently I sat down with High-Tech Bridge CEO Ilia Kolochenko who spoke about the industry, its challenges, and why he believes cybercriminals currently have the edge.

In terms of the current threat environment and whether it’s becoming increasingly unsafe for businesses, Kolochenko says the situation is very complicated.

“In blunt terms, the very first goal of most cybersecurity vendors is to sell more, which means marketing often takes priority over research and innovation,” says Kolochenko.

“And while most businesses do believe cybersecurity to be very important, their first priority is making money. If the business isn’t profitable then they will simply not have enough cash to pay salaries so it's impossible to say that security is the very first concern.”

Kolochenko says the recent spate of attacks has created a concerning mentality among businesses where they believe spending more will fix the solution.

“Spending more doesn't necessarily mean spending better, or that it will improve your privacy and security. For many modern businesses if they're compliant with regulations and there are no public scandals, then they don't care about the rest,” Kolochenko says.

“We have a lot of confusion and I believe the situation will become even more challenging as people have different views, they cannot agree on whether cybersecurity services business or whether business services cybersecurity. Every company is different and I think until we have some agreement with the boards of directors, CIOs, CFOs, and IT teams then we will continue to have breaches and leaks almost every week.”

When asked if the power at the moment lies with the cybercriminals, Kolochenko says that is true to an extent because of a very simple reason.

“Given their pay is never guaranteed, cybercriminals are outperforming the 'good guys' in many particular aspects only because they are 'hungry'. They need money and need it now as they don’t have the luxury of easy cash so essentially can’t afford to fail. They try to plan everything very carefully and they have multiple backup plans to make sure that if plan A doesn't succeed then they have other options,” says Kolochenko.

“Cybersecurity companies by definition have much more capacity to maintain and create such technologies then the bad guys and the community of good guys can afford to fail in most cases. For example a failure can be seen as an achievement because in the future they will be able to prevent it from happening again.”

Kolochenko also commented on the on the role artificial intelligence (AI) has to play in cybersecurity and whether all the hype surrounding it is justified.

“The term ‘AI’ has become massively misused. AI is a scientific domain that has existed since the 1940's where very little – if any –  computing power existed. We need to distinguish strong AI which can virtually replace humans almost everywhere. It doesn't exist yet and it will unlikely appear in the next 10 years,” says Kolochenko.

Kolochenko says while the industry does have some great technologies in place that use machine learning as part of AI to reduce human input in certain areas, we tend to overestimate the impact it will have as its current applicability is limited to certain tasks.

“For example, within our company we use machine learning in a very particular way to enable intelligent automation for application and mobility testing. It essentially means that you can remove or reduce human involvement and time without reducing the quality or reliability,” says Kolochenko.

“You will see almost every single cybersecurity company around boasting about how they're using AI, but when you start asking them to explain how their product is different and what are the tangible benefits for the customer then often you will not get a reply - or at least not a coherent one.”

The story behind High-Tech Bridge is an interesting one, with Kolochenko deciding to start the company in late 2007 after beginning his career as a penetration tester in 2004.

“We used to be a small penetration testing boutique then we began to grow with the need to invest in our own in-house technology if we wanted to get ahead. I decided to create a platform with the goal to bypass all the usual logistic administration tasks associated with penetration testing,” says Kolochenko.

“Many startups try to invent a problem and then sell it to you afterwards, but we built something that customers were looking for.”

How to stay safe when shopping online
Online shopping is a great way to avoid the crowds – but there are risks.
Dell EMC embeds security in latest servers
Dell EMC's 14th generation of PowerEdge servers has comprehensive management tools to provide security across hardware and firmware.
Why data backups should be a part of daily operations
"Disaster recovery needs to address complete system failure and provide a set of security policies to govern disaster incidents."
Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
Businesses too slow on attack detection – CrowdStrike
The 2018 CrowdStrike Services Cyber Intrusion Casebook reveals IR strategies, lessons learned, and trends derived from more than 200 cases.