Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Careers & People

11/28/2016
02:00 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Q&A: SonicWall CEO Talks Rise Of Ransomware, IoT

Bill Conner discusses security risks at top of mind as the newly appointed leader of SonicWall, a company becoming independent for the second time.

Bill Conner is a networking and security professional with more than 30 years of experience in the industry. His leadership roles include nearly 13 years as president and CEO of Entrust, which was followed by terms as CEO of Silent Circle, Inuvo, and FWC Consulting. He was appointed to lead SonicWall in November 2016, when the company was spun out by Dell.

Dark Reading Associate Editor Kelly Sheridan recently spoke with Conner to discuss the security risks he has at top of mind as he leads SonicWall into its second term as an independent company.

(Image: Bill Conner, President and CEO of SonicWall)

(Image: Bill Conner, President and CEO of SonicWall)

Dark Reading: What are some of the most important security trends you're watching as we move into 2017?

Conner: There are six areas I'm zeroing in on: ransomware, cloud and management, hardware and operating systems for deep packet inspection and performance, global grid network threat capabilities, IoT, and email security.

Dark Reading: Which of these risks do you view as most important to businesses, and why? Which will pose the greatest risk if not addressed?

Conner: Bad actors are actively using ransomware to hold businesses, institutions, and individuals hostage. The rise of ransomware can be attributed to how quickly attackers can capitalize on thousands of victims in a short period of time as opposed to a targeted attack, which requires more work and time to monetize from a single breach.

In a survey of SonicWall channel partners, we discovered ransomware is the single topic they currently need more information on to serve their customers. It's the number-one issue their customers are asking about right now.

Dark Reading: How has ransomware evolved as an enterprise security risk?

Conner: Ransomware is still alive, but the trends are changing. Consider the start of the holiday shopping season. In stores, credit card chips have helped reduce the point-of-sale (PoS) risk factor; however, more people are now shopping online.

This is causing issues on the consumer side. Are shoppers accessing legitimate sites? Is their software updated? Criminal activity that once targeted the PoS is going right to consumers, but it could also expand to hit BYOD and work networks. Not all online shopping is done at home.

Businesses must figure out how to address this risk. Should they manage some of their bandwidth so workers aren't streaming video? Should they limit bandwidth to lunch hours or before/after work? Should they enable content filtering to monitor and manage websites?

Dark Reading: You're leading SonicWall as it becomes an independent company for the second time. What are your security priorities during this transition?

Conner: My priorities align with the trends we discussed before: ransomware, cloud and management, hardware and operating system, global grid network threat capabilities, IoT, and email security.

Pulling back, the big picture is about returning SonicWall to the speed and innovation this space needs. We were an ingredient brand in a large company, and Dell's roadmap of innovation is different from what it is when you're defending against the bad guys every minute of every day. Ours requires a different pace. 

Dark Reading: Where do you see the future of SonicWall going in 2017 following the Dell spinoff?

Conner: Prior to the spinoff, SonicWall had not been moving as fast with its channels and products relative to the market. In 2017, we expect to be at a market growth rate of 10% on average, and we plan to grow more than our fair share in the market next year. 

Key focus areas include customer and channel support. We see an unmet need in the market, and I think we can differentiate our level and brand of service to channels and end users. This will include providing more transparent service and making it easier for customers to contact us through social media, video, phone, etc. 

Dark Reading: How has the Internet of Things evolved as a security risk?

Conner: The IoT is only starting to make its way to the corporate security space. There are more devices out there connecting to consumer laptops and being deployed in business networks. ISIT departments are seeing this and saying "Hey, what kind of vectors is this opening up?"

Businesses don't want their networks compromised. We're in the early infancy of actually being able to filter these networks because a lot of them have been open. Security has been considered, but most of it is pretty rudimentary. 

Dark Reading: What are some of the specific security threats you see in using IoT devices? Are businesses addressing these threats now?

Conner: Businesses are using more IoT devices than ever before, and these connections mean more doorways to protect. 

Consider, for example, convenience store chains. They may have dozens of WiFi or Ethernet-connected devices in each store, including cash registers, cameras, soda machines, and refrigerators.

With recent malware variants like Mirai, these IoT devices are being targeted and used in concerted DDoS attacks. Obviously, businesses don't want their IoT devices being hacked, so it's important to have a next-gen firewall with sandbox technology to detect and prevent zero-day threats, as well as SSL inspection to decrypt and inspect SSL connections. 

Dark Reading: What are some of the best practices businesses can implement to protect against these risks as the IoT continues to grow?

Conner: For one, make sure employees' applications and operating systems are current. Ensure all new patches are in place and latest software is being operated. This isn't only relevant to the ISIT world, but on the endpoints where employees are.

With BYOD policies, the apps people use during the day are not controlled by ISIT. Whether or not your company allows this, keeping software current is critical. Employees should know to access legitimate websites to update their apps.

Some small organizations have a common laptop to provide a convenience. Public devices on these networks tend to get infected at alarming rates; keeping them clean is virtually impossible. Have employees use Apple platforms or Android devices protected with the right technology.

 

Kelly Sheridan is the Staff Editor at Dark Reading, where she focuses on cybersecurity news and analysis. She is a business technology journalist who previously reported for InformationWeek, where she covered Microsoft, and Insurance & Technology, where she covered financial ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Attackers Infiltrate the Supply Chain & What to Do About It
Shay Nahari, Head of Red-Team Services at CyberArk,  7/16/2019
US Mayors Commit to Just Saying No to Ransomware
Robert Lemos, Contributing Writer,  7/16/2019
The Problem with Proprietary Testing: NSS Labs vs. CrowdStrike
Brian Monkman, Executive Director at NetSecOPEN,  7/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Building and Managing an IT Security Operations Program
As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-12551
PUBLISHED: 2019-07-22
In SweetScape 010 Editor 9.0.1, improper validation of arguments in the internal implementation of the Memcpy function (provided by the scripting engine) allows an attacker to overwrite arbitrary memory, which could lead to code execution.
CVE-2019-12552
PUBLISHED: 2019-07-22
In SweetScape 010 Editor 9.0.1, an integer overflow during the initialization of variables could allow an attacker to cause a denial of service.
CVE-2019-3414
PUBLISHED: 2019-07-22
All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS vulnerability. Due to XSS, when an attacker invokes the security management to obtain the resources of the specified operation code owned by a user, the malicious script code could be transmitted in the parameter. If the front en...
CVE-2019-10102
PUBLISHED: 2019-07-22
tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: "ND_PRINT((ndo, "%s", buf));", in function named "print_prefix", in "print-hncp.c". Th...
CVE-2019-10102
PUBLISHED: 2019-07-22
aubio 0.4.8 and earlier is affected by: null pointer. The impact is: crash. The component is: filterbank. The attack vector is: pass invalid arguments to new_aubio_filterbank. The fixed version is: after commit eda95c9c22b4f0b466ae94c4708765eaae6e709e.