CYBERSECURITY ON THE FRONTLINES
02
HOW INTELLIGENCE LED SECURITY FIRM FIREEYE IS FIGHTING CYBER THREATS ON THE FRONT LINES
03
w w w.f i re e ye. com
FIREEYE INC
FIREEYE CIO COLIN CARMICHAEL SHARES HIS INSIGHT INTO THE CHANGING LANDSCAPE OF CYBERSECURITY, AND HOW THE COMPANY USES CUTTING EDGE TECHNOLOGY AND HUMAN EXPERTISE TO WIN THE WAR AGAINST CYBER THREATS
T
he first two decades of the 21st century have borne witness to dramatic and unilateral change of a scope and scale
seldom seen before. Ubiquitous mobile devices, the rise of artificial intelligence and the sweeping 04
digitalization of the global landscape have, even in the last decade, brought about dramatic and constant reinvention of the way businesses operate. In few places is this transformation more pronounced than the field of cybersecurity. From sophisticated phishing attacks and ransomware to high-profile data breaches, perpetrated by nation-state funded groups of cyber criminals, and direct interference in democratic elections, the war against digital crime has never been waged more fiercely. Colin Carmichael, CIO of leading cybersecurity firm FireEye, lives and works in the heart of this conflict. “We live and breathe on the front lines of cybersecurity every day here at FireEye,” he says. “FireEye is called into the biggest breaches all over the world. We see, first hand, what’s going on and what the bad guys are up to.”
05
w w w.f i re e ye. com
FIREEYE INC
“ SECURITY CERTAINLY HAS CHANGED A LOT. BACK IN THE DAY, IT WAS SIMPLY A CASE OF MAKING SURE YOU HAD THE BEST PERIMETER SECURITY OUT THERE. TODAY, NO ONE’S SAFE” 06
— Colin Carmichael, CIO, FireEye
For the past 15 years, FireEye has fought tooth and nail against the machinations of cyber criminals, relentlessly protecting its customers from the impact and consequences of cyber attacks. Carmichael himself came to the firm in 2016, having previously worked in “every function of IT you can think of: hands on coding, managing people, building data centers, building applications. You name it, I’ve done it,” he laughs. Carmichael cut his teeth at Californian technology giant Sun Microsystems, and later held senior roles at Amazon
CLICK TO WATCH : ‘KEVIN MANDIA: WHO IS FIREEYE?’ 07 and Polycom. “The one role I avoided for most of my career was security, because back in the day it didn’t excite me.” We sat down with Carmichael to find out what changed his mind, get his insight into the complex and dangerous world of cybersecurity, and discover how FireEye is fighting the war against increasingly sophisticated and capable bad guys. “Security certainly has changed a lot,” recalls Carmichael. “Back in the day, it was simply a case of making sure you had the best firewall and DMZ structure out there to secure the perimeter. Then, w w w.f i re e ye. com
FIREEYE INC
CLICK TO WATCH : ‘FIREEYE: LEADING FROM THE FRONT LINES’ 08
if that perimeter was totally secure, you
“ FIREEYE’S MAJOR DIFFERENTIATOR IS WHAT WE CALL INTELLIGENCELED SECURITY” — Colin Carmichael, CIO, FireEye
just got on with your life.” In previous decades, the motivations behind cybersecurity breaches weren’t as clearly understood, and even major technology firms like Sun Microsystems saw competitors looking to steal intellectual property (IP) as the primary risk when it came to cyber espionage. “Today, no one’s safe. Every industry is at risk of being attacked for multiple different reasons,” says Carmichael. “There are obviously still attempts to steal IP, but there are also financial
attacks, people who want to ‘bring you to your knees’, ransomware and
groups out there. It’s a war.” Carmichael and FireEye are as close
phishing are off the charts – there’s a
to winning that war as anyone, but the
whole industry of adversaries out there,
process is a constant battle to stay one
and they are very, very sophisticated.”
step ahead of the bad guys. “You have
This increase in sophistication,
to continuously innovate. When you
Carmichael maintains, is the leading
identify a new vulnerability – a new
driver behind the unending innovation
attack vector for those bad guys –
cycle at FireEye. “The bad guy used
you’ve got to be able to respond
to be thought of as a teenager in dark
immediately,” he says. As technological
glasses and a hoodie,” he chuckles.
security measures become increas-
“Today, that’s not the case. There are
ingly airtight, users are being targeted
organized Advanced Persistent Threat
more and more as weak points in
groups – that are typically nation state
security systems. According to
driven – as well as organized crime
Carmichael, ransomware attacks are
E XE CU T I VE PRO FI LE
Colin Carmichael As Chief Information Officer, Colin Carmichael is responsible for leading the Information Systems & Services organization as they seek to deliver highly secure, modern and frictionless IT architecture and services to FireEye. Prior to FireEye, Colin held senior IT executive positions at Coopervision, Amazon and Sun Microsystems. At Sun, he was handpicked to run one of the world’s largest ERP implementations for the office of the CFO for 2 years, which led to the eventual integration into Oracle Corp after the acquisition of Sun. Colin has a Masters, IT in Commerce and Industry from The Open University in the UK.
w w w.f i re e ye. com
09
Service Management Automation X Smarter for employees. Smarter for IT.
Start delivering Intuitive, personalized, no-wait selfservice — powered by machine learning — to every employee. See productivity rise. See costs, outages, ticket volumes, and resolution times fall.
Contact Us
The James Hutton Institute Offers a Better Experience for Everyone The James Hutton Institute, a world-leading scientific organization based in Scotland, works to resolve global challenges in food, energy, and water security. The Institute’s IT team had been taking a fragmented approach to capturing requests from its 600 users. One site used a SharePoint solution, another a service automation solution. But neither solution really met the Institute’s service demands. “We didn’t have a single place for all staff to submit their requests,” said Ben Watt, end user computing manager at The James Hutton Institute. “This made it hard for the end users, but also for the team of 14 working on the requests.” Lack of full visibility was one of the team’s biggest challenges. “Without visibility across the process we could not easily allocate resources and deliver an effective service,” Watt said. “We wanted to provide a better experience for everyone, and create a service portal that would not just be used for IT requests, but for our estates, communications, and finance departments as well.” The Institute selected Micro Focus Service Management Automation X (SMAX) to provide a digital self-service experience for IT and non-IT users. Today, the SMAX-driven service desk manages about 500 IT requests and 300 non-IT requests a month. Users leverage smart virtual agents to receive automated assistance, 24x7, along with email. A fully integrated self-service portal makes it easy for users to raise requests, check the status of existing requests, and leave comments or questions for IT.
Issue resolution is easier too. Now the IT team can see all open tickets and use knowledge articles to reduce ticket volumes. Written by IT, knowledge articles are short answers to specific questions. For more details, users can link to the complete article in the SMAX knowledge management module. “Our views across all knowledge articles are now in the thousands, compared to the tens of views we had in the past,” Watt said. “In addition, SMAX Hot Topic Analytics, using advanced search and analytics capabilities to recognize request patterns, has helped us create knowledge articles or problem records to address common issues.” After every request, SMAX sends a survey to the user. According to Watt, the SMAX survey platform has streamlined the survey process and boosted the response rate from 10 percent to an impressive 50 percent. The team also uses SMAX Hot Topic Analytics to highlight keywords in the surveys and determine if extra services or knowledge articles are needed. With SMAX, the Institute has successfully delivered self-service for all. “Our SMAX service portal is well liked by staff, and we regularly receive requests for other departments to be included,” Watt said. “Users are very comfortable doing their own research through the various channels at their disposal, which helps us focus our resources where we can add the most value.”
Learn More
FIREEYE INC
on the rise. “It’s not unheard of nowadays for CEOs to get emails that look very much like a normal communication from inside their network. It looks like it’s come from a legitimate source, and they’re moving so fast that they just click on a link or respond saying ‘yeah, I approve this.’ Then, that email launches some bad stuff in the background,” he explains. “Ransomware is the biggest growth area right now. Humans are humans, and sometimes you need to repeat that message several times before it sinks in.” 12
Both in its relationships with clients and
“ THE WORLD IS A SCARY PLACE, BUT AN INTERESTING ONE NONETHELESS” — Colin Carmichael, CIO, FireEye
CLICK TO WATCH : ‘THE FIREEYE INNOVATION CYCLE’ 13 internally, FireEye promotes a continuous education cycle in order to keep security awareness at the highest possible level and constantly strengthen “one of the weakest links in the chain”. While humans are increasingly the weakest point in a company’s cybersecurity armor, FireEye uses people as its most effective defensive asset. “FireEye’s major differentiator is what we call intelligence-led security,” says Carmichael. It is the company’s view that technology alone isn’t enough to combat cyber attacks, and that ‘hands-on front-line expertise, combined w w w.f i re e ye. com
FIREEYE INC
14
CYBE R S E C U R I T Y S TAT S
• 3.5 million unfilled cybersecurity jobs worldwide • $600bn: estimated annual cost of cybercrime globally
with innovative technology,’ is the most effective defense. Top level cybersecurity professionals are essential to FireEye’s business model, making the process of attracting and retaining the best possible talent a critical objective for the company. “There are 3.5mn open positions in the cybersecurity world today. That’s an absolute dearth of talent and everyone’s scrambling for it,” Carmichael says. “There are a lot of experts in the cybersecurity world who would love to come and work at places like FireEye, but that doesn’t change the fact that we’re constantly working to figure out how to educate our people and how to partner better with universities that have curriculums focused on cybersecurity, so we can get new blood and a new generation of graduates coming out into this field, who are prepared to walk into a job on day one.” One way in which FireEye is helping its clients compensate for a shortage of cybersecurity talent is its new Expertise On Demand service. Given that “insufficient and under-skilled staff increases team workload, leading to burnout and attrition as well as increased business risk,” according to the company, Expertise On Demand w w w.f i re e ye. com
15
FIREEYE INC
$831mn Approximate revenue
2004
Year founded
3,200
Approximate number of employees 16
CLICK TO WATCH : ‘APT41: A DUAL ESPIONAGE AND CYBER CRIME OPERATION’
anything in terms of their network. They would rather have their cloud on AWS or Azure or just want a SaaS application,” says Carmichael. Looking to the future, the war against cyber threats is only going to escalate, and FireEye will escalate along with it. “We’ll continue to evolve our products and our business, whether that’s through organic growth or acquisitions,” predicts Carmichael. “We know we’ve still got areas we want to offer capabilities in and, internally, my drive is to develop systems that actually get IT out of the way of the business and allow the business to go at the speed allows companies to utilise FireEye’s
of business.” As a veteran of IT and
vast expertise as a remote service, in
cybersecurity fighting on a daily basis
exchange for prepaid units including
against sophisticated and organized
training, capability development, and
threats, Carmichael admits the world
custom intelligence. The progression
“is a scary place, but an interesting one
towards service-based products is
nonetheless, and one that FireEye will
something FireEye has been embrac-
continue in its mission to relentlessly
ing for several years, moving from
protect our customers.”
hardware appliances to a servicebased cloud model. “We still have customers that prefer the old appliance, we have customers that are now much more software driven, and we’ve got a lot of customers who are migrating fully to the cloud and don’t want to manage w w w.f i re e ye. com
17
601 McCarthy Blvd, Milpitas California 95035, USA T +1 877-347-3393 www.fireeye.com