BusinessDay 27 Mar 2018
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Tuesday <strong>27</strong> <strong>Mar</strong>ch <strong>2018</strong><br />
BDTECH<br />
In association with<br />
BUSINESS DAY<br />
Why securing mobile devices have become more necessary<br />
Andrew Voges is the threat prevention sales leader for Middle East and Africa at Checkpoint Software Technology Limited, provider of cyber<br />
security solutions. In the interview with Jumoke Akiyode-Lawanson, he discusses the immediate need for mobile phone protection, offerings<br />
available to enterprises and the impeding generation five cyber security risks. Excerpt.<br />
25<br />
Andrew Voges, threat prevention sales leader, Middle East and Africa, Checkpoint<br />
Software Technologies Limited.<br />
Why has cybersecurity<br />
for mobile<br />
devices become<br />
so important?<br />
What we are<br />
talking about today is something<br />
called Generation five (V) of cybersecurity.<br />
If you think about Generation<br />
one (1), it was more about viruses<br />
attacking the computers. This<br />
happened in the 80s and 90s. In the<br />
late 90s to the year 2000 we had the<br />
networks and they were more of internet<br />
based attacks and that was<br />
Generation two. What we see from a<br />
threat landscape, specifically around<br />
Nigeria and other parts of Africa and<br />
even globally, is that customers have<br />
anti-virus protection from a generation<br />
one perspective. So, they are<br />
protected on the basic level. Generation<br />
two was more on the perimeter<br />
gateway which was the network. We<br />
have noticed that 100 percent of our<br />
global customers are protected on<br />
generation one and two. Generation<br />
three was more on the application<br />
base and that is where IPs kind of<br />
protection comes into play and we<br />
only see about 50 customers in Lagos<br />
or Nigeria protected around that.<br />
The protection levels for generation<br />
three attacks is also very low globally.<br />
Generation four was more about<br />
expert level attacks and that is where<br />
the sandbox and anti box plays a roll.<br />
Only seven percent of Africa or globally<br />
is protected there. So, if you look<br />
at it from that perspective, there is<br />
still a lot of work to do, with regards<br />
to security, specifically around public,<br />
government and enterprises.<br />
Generation five is where you have<br />
got the mega type of attacks such as<br />
state owned type of attacks. That also<br />
happens on the enterprise level but<br />
if you look at the attack surfaces and<br />
how they come about, and you think<br />
of how we actually access resources<br />
to our corporate environment, you<br />
will see that this is usually accessed<br />
through mobile. Mobile has become<br />
the new perimeter and these types<br />
of attacks happen across all the surfaces<br />
and that is why you need those<br />
type of protections. Specifically, with<br />
mobile, most people use their mobile<br />
phones to access email, cooperate<br />
resources, applications and all<br />
sorts. If the phone is vulnerable to attacks<br />
such as the ‘man in the middle<br />
attack’ which is highly likely when<br />
people join free Wi-Fi available in<br />
public spaces; the malicious code or<br />
application installed on your phone<br />
through that attack will give criminals<br />
full access to everything on your<br />
mobile. We normally use a capsule<br />
workspace, which is a capsulated,<br />
encrypted file storage on the phone<br />
to secure that portion of your corporate<br />
information, but if this phone is<br />
vulnerable, criminals will still gain<br />
access to it. That is why Checkpoint<br />
also says that you need to have some<br />
form of protection on the phone to<br />
make sure that it is not vulnerable.<br />
How do you intend to successfully<br />
create awareness and increase<br />
adoption of these types of security<br />
levels in the Nigerian market?<br />
Checkpoint has a local team<br />
in Nigeria and we also educate<br />
through channel partners. We also<br />
have cyber events, where we get<br />
customers involved to educate internally.<br />
Part of Checkpoint’s roadmap<br />
is to ensure that our customers<br />
are secure. Not just from a network<br />
perspective or desktop perspective,<br />
but also from a mobile and cloud<br />
perspective. So, the education is<br />
driven through channel partners,<br />
events and we also go face to face to<br />
customers and talk ab out the full<br />
scope of security. It doesn’t help<br />
just talking about what is currently<br />
relevant to the customer, you need<br />
to also make them aware of other<br />
benefits to them. So there is a drive<br />
on awareness on a Checkpoint internal<br />
perspective.<br />
Who are Checkpoint customers,<br />
are your security solutions developed<br />
only for government and<br />
large enterprises?<br />
Our customers vary. We have<br />
got financial service companies,<br />
we have got some government<br />
agencies, public sector and some<br />
commercial and SMBs. The focus<br />
for Checkpoint is not just from an<br />
enterprise or corporate perspective,<br />
because we also see that from<br />
a consumer perspective, it is also<br />
necessary.<br />
In percentage terms, how high<br />
are the chances of mobile phone<br />
breach globally and what is Nigeria’s<br />
risk level?<br />
Only 7 percent are on sandboxing<br />
as I said earlier, so you can<br />
imagine that the number for mobile<br />
is much lower. Only about two percent<br />
of mobile phones are protected<br />
globally. From a checkpoint perspective,<br />
Nigeria should be at least<br />
50 percent with regards to protecting<br />
the mobile, considering that the<br />
country is a mobile first nation and<br />
most people are accessing the internet<br />
through their mobile devices.<br />
We should be working towards 100<br />
percent protection for mobile globally,<br />
because the amount of threats<br />
coming through the mobile channels<br />
are much higher because mobile<br />
has become a more accessible<br />
opportunity for attacks.<br />
What is checkpoint doing to<br />
buy the cooperation of telecommunications<br />
operators to secure<br />
mobile channels?<br />
We are engaged with the telecoms<br />
providers in Africa and not<br />
just Nigeria. We also engage the local<br />
telecoms players wherever we<br />
are present and get them on how to<br />
do the enterprise type of protection<br />
for their customers, for themselves<br />
and from a consumer base perspective<br />
because we also believe that<br />
its important. On the enterprise,<br />
we have got the sandblast, which<br />
is protection for the mobile device<br />
to make sure that it is not vulnerable,<br />
also to protect the enterprise<br />
workspace and we sell that in conjunction<br />
to make sure that the data<br />
is protected and encrypted on the<br />
phone. From a consumer perspective,<br />
we have something called Zone<br />
alarm and it is more or less the same<br />
product, but to make sure that their<br />
data is not compromised.<br />
Apart from the Sandblast and<br />
Zone alarm, are there any other<br />
unique cybersecurity products<br />
that Checkpoint offers for mobile<br />
phone security?<br />
Our technology is quite vast, so<br />
we have end to end security products.<br />
Apart from the traditional firewalls<br />
and gateways which offer threat<br />
prevention, which includes the zeroday<br />
protection. Zero-day protection<br />
is for things that have never been<br />
seen, so any type of new malware or<br />
ransomware can be prevented with<br />
Checkpoint solution. If you think<br />
about the network, we have a blade<br />
architecture on the gateway. There is<br />
a firewall that allows access control,<br />
identity awareness and allows IPS<br />
in that blade architecture. Then we<br />
have a cloud service that actually has<br />
the sandbox, and it is not your traditional<br />
sandbox which is first generation<br />
and only inspects on OS level,<br />
we also inspect on central processing<br />
unit (CPU) level, which is patented<br />
to Checkpoint and is important, because<br />
the zero-days come through as<br />
expert type of malware and actually<br />
goes into the CPU. We have a 100 percent<br />
invasion resistant sandbox. On<br />
the end point, we have the sandblast<br />
agent, which allows you either to<br />
have the full end point, anti-ransomware<br />
forensics which allows you to<br />
see the full insight of the malware or<br />
attack and to mitigate quicker. From<br />
a cloud perspective, we have cloud<br />
guard, which is an offering to office<br />
365, google apps suite, drop box and<br />
the likes. That gives the same type of<br />
protection that you have physically<br />
on the network or endpoint into the<br />
cloud space or the cloud workspace.<br />
Then we have public and private<br />
cloud and we can actually have the<br />
same type of protection into the<br />
cloud environment and that can<br />
mitigate or suspend into the public<br />
cloud environment.<br />
What are the solutions that<br />
checkpoint provides to rescue already<br />
breached devices?<br />
If a customer does not already<br />
have Checkpoint solutions in his organisation<br />
or as a security vendor, we<br />
have got incident response as a service.<br />
What will happen is that we can<br />
actually inspect what has happened<br />
with the customer and effectively<br />
mitigate for them. These are services<br />
that we offer to customers.