The attacks have evolved, breaches have multiplied, and serious security gaps have been exposed. But what most concerns FireEye President Kevin Mandia? The rise of nation-states as leading threat actors.
"The biggest change is that there are more sovereign nations or state-enabled hackers that are active today," Mandia says, discussing how the threat landscape has shifted since his firm Mandiant merged with FireEye nearly two years ago. "And the reason that's alarming is that there's really no repercussions for state-enabled or state-enacted intrusions."
And if practice makes perfect, then recent breach trends show that the state-sponsored threat actors are only continuing to hone their craft without fear of consequences.
"They have unfettered practice every day; they are operational every day," Mandia says. "There is nothing that makes anybody better than game-time experience, and sovereign nations are gaining that on a daily basis."
Mandia spoke to ISMG in advance of FireEye's upcoming Cyber Defense Summit 2015, slated to be held in October in Washington, D.C.
Asked to offer his view of the state of cybersecurity today, Mandia sums up his initial thoughts in a single sentence:
"Attribution has to be right," Mandia says. "There is no deterrent in cyberspace unless we know who did it."
In this exclusive interview, Mandia touches on several hot topics related to breach preparedness and response, including:
- Today's top threats and threat actors;
- Why attribution matters;
- Key cybersecurity areas of focus for the year ahead.
As President, Mandia oversees all operations since December 2013, when FireEye acquired his company, Mandiant. Before Mandiant, he was the Director of Computer Forensics at Foundstone (acquired by McAfee Corporation) from 2000 to 2003, and the Director of Information Security for Sytex (later acquired by Lockheed Martin) from 1998 to 2000. Kevin was also a United States Air Force Officer, where he was a computer security officer in the 7th Communications Group at the Pentagon, and a special agent in the Air Force Office of Special Investigations. He holds a B.S. in computer science from Lafayette College and a M.S. in forensic science from The George Washington University.
For more information on FireEye's Cyber Defense Summit, click here.