Open Cybersecurity Platforms

Background

business-discussions-2males-laptop-2

While IT security spending is increasing, we are becoming less effective at combating adversaries; yet two-thirds of the commercial market for cybersecurity products think their game plan is working. The security industry is not delivering the protection that people and organizations need, in large part, because of a lack of collaboration. There are two dominant cybersecurity models: best of breed, where the customer is free to choose any available product but is responsible for integration, and end-to-end, where a single vendor provides a fully integrated solution. Both models come up short, however, because they are based on closed systems of proprietary interfaces that are controlled by dominant vendors and restrict third-party developer participation. This limits customer choice and favors vendors’ development priorities and resources.

Attackers have a significant time advantage and they can exploit the inherent weaknesses in these two security models. When a new threat type emerges, the security industry responds with new solutions to combat this threat, and customers try to determine which is “the best,” which takes time.

Importance to McAfee

Unlike traditional software, the effectiveness of cybersecurity offerings follows the path of Grobman’s Curve:

open-cybersecurity-graph

  • In the Invention phase, the effectiveness increases until the solution is ready for production and deployment.
  • During the Deployment ramp, real-world “in the wild” feedback results in further improvements, until they reach peak effectiveness.
  • As they become broadly deployed and stop more attacks, adversaries have the incentive to figure out how to evade them and develop countermeasures, gradually reducing their effectiveness.
  • Security vendors respond with sustaining innovations and enhancements, and another independent layer of security slowly cements.
  • This curve is different from other types of software development, where efficacy increases gradually over time as updates become available and are implemented.
  • In cybersecurity, however, the time from initial development to diminishing effectiveness is short.

McAfee is committed to playing a powerful, constructive role in helping solve the world’s most complex cybersecurity challenges. To honor this commitment, we are evolving from being a company focused on delivering primarily endpoint solutions to becoming the leading open platform cybersecurity company in the market. To support this evolution, we are partnering with standards organizations and policy makers to push the cybersecurity industry toward broad adoption of this model. This will help ensure that the entire cybersecurity ecosystem meets the security challenges of the 21st century.

Policy recommendations

The cybersecurity industry needs to change by offering customers solutions that benefit from an open platform model. This is an architecture that makes it easier to deploy and manage a broad set of capabilities, not a business model dictating who and how others can participate. The broad set of capabilities on Salesforce would not be possible on a closed platform, for example, nor would the extensive list of hardware and software options for a Windows PC.

Open cybersecurity platforms increase the rate and breadth of innovation by lowering development costs across the ecosystem. This helps leverage the power of the entire cybersecurity community to help stop the majority of unknown malware, correlate events across the broadest set of threat intelligence, and have compliance solutions appropriate for the largest population of customers.

McAfee supports:

  • Driving broad-based industry collaboration and adoption.
  • Partnering with standards groups to drive change towards open interfaces, allowing security products to more seamlessly integrate out of the box.
  • Urging policy makers to use their influence and voices to drive change by favoring open platforms.
  • Reforming procurement rules to enable faster uptake of cybersecurity solutions, particularly those based on open platforms.
  • Focusing government efforts on procurement of open platform solutions to help move the market in a more standardized, open, and interoperable fashion.