INTERVIEW
BUILDING TRUST WAEL MOHAMED, CEO OF FORESCOUT, TALKS ABOUT HOW THE COMPANY IS HELPING ITS USERS TO REMEDIATE CYBER THREATS FROM CONNECTED DEVICES WITHOUT DISRUPTION OF BUSINESS.
Y
ou joined Forescout in March last year. Before that, the company had three CEOs in six months. What is your vision as the CEO? As you know, I joined Forecout after an 11-year stint at Trend Micro, where I successfully transformed it into one of the largest cybersecurity companies in the world. Forescout is a great company that is a market leader in IoT security, an area that will be the focus of next surface of attacks; it’s something cybersecurity needs to pay attention to. The more I looked at Forescout, I realised that some of the largest customers already use it. The company had multiple CEOs before I joined because, during COVID, the company went through the process of being a public company to a private one. So naturally, in the process, the company had gone through some level of change in priorities. The previous CEO asked me to come and help as a board member. And then, as I got closer, I got more excited about the company and became the CEO. Forecout is talking of active defense for the enterprise of things. What do you mean by that? We believe endpoints in organisations have changed dramatically from just being PCs, laptops, and printers to other devices. Either these devices are smart monitors in an office, or they could be smart MRI machines in healthcare. It could be an operational
technology asset or even a connected sensor in manufacturing. All these devices have IP addresses now and have an enormous potential impact if compromised by threat actors. It is our job to be able to help our customers. First, discover all these devices, help them govern these devices, and align them with a framework. Is traditional security failing us? As a security leader in the industry for the last 25 years, I don’t think we’re failing. We hear about attacks that make it to the news. Nonetheless, there are millions of attacks that the industry stops every single day. There are unsung heroes in our industry. However, we still have a lot more work to do because attackers are becoming more sophisticated and have different motivations. We need to collaborate and innovate faster. We have a bigger mountain to climb, and we all work hard to climb it every day. What makes IoT security very difficult? The number and diversity of IoT devices are growing rapidly, and it can be a challenge to control and monitor them. Bad guys are actually targeting these devices to infiltrate networks. So you will see them come into this weak surface, take a position and use it as a launchpad for something dangerous. We have identified millions of IoT devices potentially at risk and have been working with package owners to mitigate these risks.
Is ransomware the biggest attack vector we need to watch out for? It’s not ransomware itself because ransomware has existed for many years. It is the different use case of ransomware that has changed. It is no longer about compromising your PC or stealing files. Now ransomware gangs can capture pipelines and shut down the whole operations. They can disrupt business continuity because they know it is the most valuable to some customers. And they use it as a way to extort money; it is very unique and dangerous. So we definitely we have a lot of work to be able to reduce this type of attacks and organisations also need to revise their processes to basically get in front of it. Is zero trust the way forward? We have been talking about zero trust for a while now. Zero trust is about architecture more than technology. We all work hard to contribute to this architecture. For me, the most secure thing on the internet is something not connected to the internet, which is not realistic. Zero trust is to be able to manage risks and reduce the surface of attack in such a way that customers can continue to do their business. It is the way organisations have to architect their systems with zero trust in mind. But, this is not to say, ‘ I do not trust anything.’ It is basically putting in place an architecture to make sure if something malicious comes in, it should not be able to cause any damage.
APRIL 2022
CXO INSIGHT ME
43
