In-depth

Q&A: George Kurtz, CTO, McAfee

We met with the chief technology officer (CTO) of McAfee, the largest dedicated security vendor, to discuss the growing information security threats facing business, and how IT professionals can respond.

Spending on information security is one area that has escaped budget cuts in many enterprises, and for good reason. The threats against businesses continues to grow, as hackers become more sophisticated, and seek out new targets.

IT PRO met with George Kurtz, McAfee's chief technology officer (CTO), to discuss how companies can boost security, without standing in the way of innovation, and still allow businesses to exploit the consumerisation of IT.

You have been CTO at McAfee for around a year now. What's changed in that time, especially when it comes to the IT security threats faced by businesses?

What we are really focused on now are low and slow attacks, trying to evade any security technologies that are in place. We are seeing malware compiled for each company to avoid static signature detection and for the individual network settings of that company.

We are seeing much lower infection rates too as low as 10 computers within that company very targeted attacks at the critical servers and devices to gain access to whatever the intruder is looking for.

So why are attackers changing tack? What is prompting this?

It's more a refinement than a change. The refinement has really come in the ecosystem and the economy which has changed some of the tactics that the bad guys are using. Because the economy has become more fluid and more efficient and more anonymised in nature, not only are they trying to get in under the radar but they are just waiting. Sometimes they will wait months, even up to a year.

These are almost sleeper cells within a company and they wait until the timing is right. When the timing is right it's almost a bank heist: they hit everything at oce pull out what they need and are gone.

They also have a technique I call social footprinting, mapping out what I call a "chain of trust" within privileged users. They are doing a lot of up-front reconnaissance so that when they attack, it has the most effect. So rather than "spray and pray", trying to infect as many people as they can, it is very targeted.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

McAfee Total Protection review: Expensive at full price
antivirus

McAfee Total Protection review: Expensive at full price

2 Nov 2021
McAfee’s zero trust solution strengthens private applications’ security
cyber security

McAfee’s zero trust solution strengthens private applications’ security

3 Aug 2021
PowerShell threats increased over 200% last year
cyber security

PowerShell threats increased over 200% last year

14 Apr 2021
McAfee to sell enterprise business to STG for £2.8 billion
mergers and acquisitions

McAfee to sell enterprise business to STG for £2.8 billion

9 Mar 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
Jack Dorsey resigns as Twitter CEO
business management

Jack Dorsey resigns as Twitter CEO

29 Nov 2021
Nike to take customers into the metaverse with 'NIKELAND'
virtualisation

Nike to take customers into the metaverse with 'NIKELAND'

19 Nov 2021