The F-Secure approach to cybersecurity

F-Secure 01

“Cybercriminals are getting more innovative these days and attacking both individuals and corporations with ransomware and other forms of digital attacks that allow them to make money off of the general public,” said Keith Martin, F-Secure Corporation head of Asia-Pacific and Japan Business.

In this context, said Martin, cybersecurity companies like F-Secure have taken the attitude of being in an ongoing arms race with the cybercriminals.

“The better we get at one thing, they try to find another way to exploit a different area – so one of the areas that you’ve seen, for example, in the last few years, is that end-point protection has gotten much, much better,” he said, adding that it becomes harder for the criminals if businesses proper end-point protection.

Martin attributed F-Secure’s success to the fact that they actively collaborate with their competitors in addition to competing against them.

At its end, Martin said that F-Secure has been using AI regularly in its software for quite a number of years already. That said, Martin adds that although AI has benefits – in terms of looking at the machine-learning side of things, as well as when handling and analysing Big Data – you couldn’t rely solely on it.

Keith Martin
Keith Martin, F-Secure Corporation head of Asia-Pacific and Japan Business

“AI is absolutely indispensable from that perspective – but, it doesn’t necessarily supplant the traditional type of security. I usually use the analogy of a house: just because people have the ability to pick locks doesn’t mean that we shouldn’t lock our doors. We should still have locks – if you want motion sensors in your house, and other kinds of alarm systems, sensors on your door and so on; that idea of multi-layer security is still pretty critical.”

Martin also said that it is logical to assume that the cybercriminals will also be using AI soon, if they haven’t already.

“I wouldn’t be surprised if there are some of them out there that are already using at least a form of it. There are many different types of AI, and many different flavours of it, from the very basic to the highly complex,” he said, adding that he meant “basic” in terms of the task that the AI is created to accomplish.

“A lot of times, what AI is meant to do is looking for patterns – taking huge sums of data, and looking for patterns, and then learning from those patterns, and creating steps to provide additional security based on those patterns that they find.”

Cybercrime in this day and age

When asked about the rapid changes and the growth in F-Secure’s business sector, Martin said that the firm has doubled-down its efforts in the corporate security market.

“We see that market as the area of growing concern; it’s where we see more and more targeted attacks. For example, we’re seeing ransomware being offered as a service; we’re seeing other things that are putting more and more companies at risk – and that’s where a lot of the growth is coming from, both in terms of the business side of things and in terms of the dangers as well.”

He said that the cybercriminals are already starting to think bigger than they used to.

“One way or another, cyber criminals have gotten more sophisticated and go after more sophisticated targets – therefore, there needs to be someone to help people defend themselves.”

How businesses should approach cybersecurity

On how businesses should approach cybersecurity, Martin said that the most important factor is company’s employees.

“I think one of the things that I felt strongly coming into this company and getting into the cybersecurity world is that people are often the weakest link of any cybersecurity strategy. You see, you can have the best technology in the world – but if your team members are clicking on links, phishing emails, and giving in their login credentials, that’s going to be a problem.”

As such, he recommended that training people – giving them awareness – as being very critical.

“Unfortunately, it’s not often seen as being an important aspect. This should be a Boardroom level decision, and there should be support for the efforts to make sure that your network is secure, that your data is secure at every level of the company. But too often, I think, it’s only seen as a cost – and when attacks occur, the repercussions can be staggering.”

Martin added that being a small company didn’t offer any greater protection either. “I often talk to smaller companies that think: ‘Well, you know, we don’t have that much data!’ or ‘Why would anybody attack us? We’re small!’.

“Well, a lot of times, the reason they are attacking the smaller companies is because they are actually trying to get to their bigger partners. So, if you’re a partner of a large conglomerate, you are the target – because if they can go to you, and then create a phishing mail, for example, and then get to that larger company: guess what? That larger company is not going to do business with you anymore. And there goes your business,” he said, adding that if a business had not taken the necessary steps, it really could be mission-critical in terms of keeping the business staying afloat.

Martin reiterated that there truly was no such thing as a silver bullet; no one-stop all-encompassing solution that could you could use and forget about.

“To think that there’s something that will protect you from all attacks – that is an unrealistic expectation. You have to assume that companies that want to get will get in.

“In fact, we have a cybersecurity consulting arm of our business that does Red Teaming exercises. Basically, the company will list their maybe five or six top assets within their company that are digital assets – or even sometimes their offline assets – and ask us to try and find a way to get them, to be able to attack them. We have never failed in our ability to get into the companies. So, we say that all a 100% success rate tells you is that if somebody is really intent on getting into your infrastructure, they will be able to do so. The question is: can you detect it?”

Martin said that for cybercriminals to find a way to escalate their privileges – to allow them to get access into different parts of the company where the most important data might be residing – was not an easy nor quick process. “If you have things like end-point detection response, where you can search for those types of anomalies within the network that might look benign to a normal-type SOC (Security Operations Centre) monitoring your network, they’re often looking for attacks from the outside.

“But if you have one of these end-point detection response type services, these are able to detect these anomalies that allow you to identify someone in your network that shouldn’t be there, or someone in your network that probably – perhaps it’s even an internal player – that is trying to get access to something they shouldn’t, and they will be able to identify all these and stop them before they can cause any damage. So, it’s not a silver bullet – but it gets you a lot closer.”

Martin said that companies should never ignore having some kind of end-point protection. “Some of them are relatively inexpensive; they do the job pretty well – and so, having end-point protection from a reputable company is absolutely top of the list. I would say that you need things like firewalls and your typical network protections.”

Staying safe with F-Secure

Apart from the F-Secure’s progress in developing artificial intelligence (AI)-led security solutions, it has also been integrating Big Data-based algorithms into its cybersecurity approach to proactively identify and mitigate threats.

“We will be building on our existing capabilities in 2018, and will also be on the lookout for any new developments in the global cybersecurity domain that will help us further strengthen our defences. We continue to learn constantly by both a services and a product approach as far as our product development goes forward,” said Martin.

“For three decades, F-Secure has driven innovations in cybersecurity, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections,” he added.

Martin pointed out that F-Secure SAFE has protected users against ransomware effectively thanks to its advanced behaviour protection technology known as DeepGuard.

“F-Secure SAFE Internet Security now includes additional behaviour-based protection capabilities that monitor selected folders for ransomware-like behaviour as part of its DeepGuard Host-based Intrusion Prevention System. In case risky behaviour is detected, the process is automatically blocked and users are warned about the potential ransomware,” explained Martin.

“F-Secure’s DeepGuard functionality identifies attacks based on signs of unauthorised behaviour or exploits,” he added. “And the new ransomware functionality not only takes on the extortion threat, but it also prevents other unknown or potentially suspect applications from changing, renaming or deleting crucial files in the protected folders. It’s a tool that everyone will benefit from.”

This new ransomware layer fits right into DeepGuard’s lightweight and comprehensive endpoint protection with minimal impact on the user experience. This seamless new layer of security is included along with SAFE’s award-winning antivirus, Browsing and Banking Protection, and Family Rules, which helps set healthy boundaries for children online.

“For years technology has protected the operating system, so criminals went after data, something that is actually far more important to most people. Today we’re making progress on eliminating that threat,” concluded Martin.

SAFE is available for a free trial through F-Secure’s e-store, and supports Windows PCs, Macs, and Android and iOS devices.