Thought Leaders in Cyber Security: Markus Jakobsson, Chief Scientist of Agari (Part 3)

Sramana Mitra: You’ve been in the cyber security space for a long time. Talk to me about what trends you see that are worth noting. Especially, what are some open problems out there that new entrepreneurs need to look into solving?

Markus Jakobsson: Cyber security defenses are often lagging behind. Many of the big and traditional companies are rather risk-averse when it comes to departing from their previous product strategy. You could see that, for example, in the antivirus market where antivirus products work pretty much the same as they dd 10 years ago. They’re a little bit faster with the updates these days than they were then.

Essentially it’s the same idea. They have a crew of people who identify threats and then they find what’s called signatures – identifying sequence of bits that are associated with threats. They then pump out these signatures so that all client-side installations have the latest signatures. These signatures are used to compare with all incoming files to see if it’s one of these things. That’s the traditional approach.

Similarly, there are traditional approaches related to spam filtering and anti-phishing. Many of the large companies, in a really unfortunate way, are married to these concepts. When the attackers find ways of circumventing them, that circumvents many of the traditional countermeasures. Its leaves the market vulnerable. Companies like Agari, who have realized that this is not a working approach, are trying to pick up slack. When the majority of users and companies out there use the traditional measures, the attacks still flourish. That’s a big problem – the lack of willingness to change direction within the tech sector.

You’d think that the tech sector would be willing to move with the demand, but they’re so traditional. If you’re looking, for example, at the FBI numbers that I referred to before, there was a 1,300% increase in one type of Internet crime over a year and a half. That tells you that there’s something that isn’t working. The companies that do the filtering out there using traditional methods are not just willing to change their approaches. One important thing for companies to do is follow the lead of Agari in the sense of identifying what has worked in the past, but what will work in the future based on what the current and trending threat is as opposed to the traditional threats.

Sramana Mitra: Talk to me a little bit about how you see what’s happening in the geopolitical environment right now vis-a-vis cyber security.

Markus Jakobsson: This is a very interesting year to ask that question. I have published a number of books on cyber security. One that I published in 2009 predicted that cyber crime is going to depart from direct financial incentives and go toward political incentives instead. This is what happened this year. It’s the same message that is used but for different reasons. Instead of extracting information that leads to funds transfer, this year the same criminal message and criminal gangs applied this message to make a political impact.

There are lots of people during the US electoral cycle who were targeted. Agari has identified some of these attacks. We have some insights into what happened to John Podesta and where the criminals were. Recently you might have read that there are concerns that the same kinds of attacks are now launched in Germany to try to affect their upcoming election. It’s not a surprise to me. I wish I could say so. Technically speaking, it’s all the same. It’s just a matter of who pays for the work. Is the work paying for itself, or is it a contract job?

Sramana Mitra: Great. Thank you for your time.

This segment is part 3 in the series : Thought Leaders in Cyber Security: Markus Jakobsson, Chief Scientist of Agari
1 2 3