Intel Security’s new approach: Protect, detect, correct

Chris Young, senior vice president and general manager of Intel Security

Chris Young, senior vice president and general manager of Intel Security

LAS VEGAS — In its first Focus event fully under its new name, Intel Security unveiled its new strategy, one that it says takes the ideas of its Security Connected approach and extends it for a more holistic approach to security.

Under the new strategy, the company aims to more fully cover what it calls the threat defense lifecycle, which includes protecting against threats, detecting threats that do get through, and correcting situations that lead to those threats getting through. While all security systems typically involve elements of all three parts of that approach, too many are too focused on just the first element, said Chris Young, senior vice president and general manager of Intel Security.

“We studied what we were doing, what w were saying, and it was obvious to me that we had an interesting and differentiated strategy with Security Connected, but it wasn’t enough,” Young told  the company’s partners. “It was about how we did what we did, not what the customer actually gets from us.”

So the new strategy and messaging picks up the mantle of focusing on customer outcomes, increasingly the focal point of many company strategies and messages. And in Intel Security’s particular variety of that centers around the “protect, detect, correct” concept, the three things that all security operations are about, Young said.

“They all have to work together, because there’s no one piece you can leave out. They build on each other, and if you do it well, you can be better and faster at resolving more threats, and doing so with fewer resources,” Young said.

That last point is critical, and here at Focus, a major McAfee product announcement will focus on automating many things that today security analysts have to do manually. The idea, Young said, is to free up valuable security resources for “hunting” those threats that can’t be found by automated systems.

“We do not have enough talent to be successful at dealing with the threats we’re facing,” Young said. “There are not enough good, trained professionals.”

Young added that there’s a shortfall of one million security professionals at present, and that number is growing. The results are the same as any other talent shortage in a prominent field — salaries are rapidly rising, and “talent wars’ are becoming the norm for those top security professionals.

The new strategy keeps the core of the security connected message, which involves viewing all products in the vendor’s lineup as parts of an interconnected system where all parts communicate and act together on what they have to see. Last year, the company expanded the role of that inter-product communications with the introduction of its Data Exchange Layer (DXL) and Threat Intelligence Exchange (TIE), which respectively provide the means for security software to share the information it finds and act on that shared information. Fast forward a year, and the company is showing the technology off, as well as key integrations from third-party vendors.

But Young said the company had to make “tough choices” when it comes to its product approach, suggesting that those offerings that don’t fit into the connected approach may be removed. Last week, the company announced end of life for its e-mail security offerings, and CRN reported earlier this week that Intel Security will sell its firewall offerings to Websense, now owned by Raytheon.

Still, as old products head out, new ones come in, including the introduction of McAfee Active Threat Response, the aforementioned tool for automating less intensive security analyst monitoring tasks.