Author Archives: Melissa Gaffney

Countdown to MPOWER 2019: Survival Guide

This year, we’re excited to host the 12th annual MPOWER Cybersecurity Summit at the ARIA in Las Vegas, where fellow security experts will strategize, network, and learn about the newest and most innovative ways to ward off advanced cyberattacks. With the show nearly upon us, I’m sharing a “survival guide” for first-time attendees and anyone who might want a refresher of what’s to come. Here are a few tips and tricks to help make your MPOWER experience even more successful and enjoyable.

Travel, Transportation and Accommodations

MPOWER is the best place to leverage your existing McAfee investment, engage with our ecosystem of security experts, connect with other McAfee customers and much more.

If you haven’t yet booked your travel arrangements, be sure you do so as soon as possible to take advantage of the special rates offered by the ARIA Resort & Casino. When you arrive at the Las Vegas McCarran International Airport, it will be a quick 20 minute Uber or Lyft ride to the ARIA. For more information on ground transportation from the airport to the hotel, click here.

TIP: Need some help convincing your company or manager? Click here for our email template (and modify as appropriate) to help justify your attendance at MPOWER 2019.

Innovative Keynote Speakers

We have a great lineup of keynote speakers this year. You’ll hear from Secretary of State Madeleine K. Albright, General Colin L. Powell, and tech venture capitalist Roger McNamee. We’ll also have McAfee leadership on the keynote stage, including CEO Chris Young, EVP & Chief Product Officer Ashutosh Kulkarni, SVP of Cloud Rajiv Gupta, SVP & Chief Technology Officer Steve Grobman, and CMO Allison Cerra.

TIP: Be sure to get to the keynote stage early, as spots fill up fast.

Breakout Sessions

The sessions offered at MPOWER 19 will give you a better understanding of how to maintain the highest standards of security while reducing company costs, streamline processes, and drive efficiencies in the daily administration of your systems. You’ll also have an exclusive opportunity to hear actual McAfee customers discuss how they solved real-world business challenges.

TIP: Once you’ve registered, enter your registration information at the MPOWER 19 My Event site to create a personalized agenda of the sessions and events you most want to attend. Then use your convenient schedule to make sure you don’t miss a thing!

MVISION Training Classes

New at MPOWER this year, MVISION training classes will be available free to customers and can be added to your schedule during registration. Classes will run October 1-3, and each attendee will receive a Certificate of Completion that can be submitted as a Continuing Education Unit (CEU/CPE) to ISC2, CompTIA, and other certification vendors. Seating is limited and available on a first-come, first-served basis—so add a course to your registration today!

TIP: Be sure to get your badge scanned at the door for each session to get credit.

Customer Spotlight

Stop by the Customer Spotlight, located on Level 1 to have fun. This is a place where you can kick back and relax, challenge your peers to a game (Jenga, Connect 4, Cornhole, and many more) or just take a few minutes to catch up on email or recharge your phone. The Customer Spotlight will be open Tuesday through Thursday, 8:00 AM – 5:00 PM.

TIP: The list of the activities is lengthy—there’s something for everyone! For your participation, we offer an incentive program that will earn you points—redeem anytime for McAfee gear and much more.

Expo Hall & Innovation Fair

The Sponsor Expo will feature an impressive lineup of McAfee partners, including some of the world’s most successful businesses. This is your chance to meet with the key players of the security industry—all in one location. Also, stop by the Innovation Fair booth and see what product innovations McAfee has planned in the areas of threat defense, data protection, intelligent security operations, and cloud defense. During the Innovation Fair hours, you will be able to join in on short innovation talks with technical leaders from McAfee.

TIP: Navigating the conference and expo hall will involve a lot of walking. Bring comfortable shoes—your feet will thank you later.

Stay Connected with Twitter

Twitter is one of the best ways to “stay connected” whether you are at the event or attending virtually. You can learn a lot about what’s going on at MPOWER by following the #MPOWER19 hashtag—McAfee will be live tweeting keynotes, favorite session updates, valuable insights, freebies, party details and more. Be sure to tweet your own findings, happenings, etc. using the hashtag.  

TIP: Follow @McAfee, @McAfee_Business for conference updates, company announcements and more!

The MPOWER Mobile App

 The MPOWER 19 Mobile App puts a full guide to the conference in the palm of your hand. Just download and enter your MPOWER registration info to access the daily schedule of events, session details, speaker info, and more! Available for iPhone/iPad and Android, the MPOWER 19 Mobile App will help you maximize the value of the conference and keep you updated on everything that’s happening.

TIP: When onsite at MPOWER 19, visit the Mobile App Help Desk near registration to get all your questions answered. 

MPOWER Special Evening Event

On October 3rd, we’ll be hosting Fall Out Boy for a special performance. Get ready to dance the night away starting at 8 p.m. PT.

See You Soon!

We are committed to bringing together the best of the security industry to unite for a cause that’s bigger than all of us—the digital safety of our customers, organizations, and future generations. We invite you to join us in Las Vegas.

The post Countdown to MPOWER 2019: Survival Guide appeared first on McAfee Blogs.

Black Hat 2019: Q&A with McAfee

Now in its 22nd year, Black Hat is an information security event showcasing the latest research, newest technology, scariest threats, and biggest trends. Around 19,000 security professionals will be taking over Las Vegas’s Mandalay Bay during the six-day event.

Before the security world convenes the first week in August, I spoke with McAfee leadership and threat researchers about the major themes we should expect to see at Black Hat and DEF CON this year.

Q: What should attendees watch out for at this year’s Black Hat?

Steve Povolny, Head of Advanced Threat Research: This year will piggyback on some of the themes we’ve seen developing in recent Black Hat briefings, including a growing focus on emerging technologies such as autonomous and connected vehicles, blockchain, and 5G, among many others. Some of the key industries under extra scrutiny include industrial control systems, aviation and aerospace, and supply chain. Finally, there is a continued and now-standard focus on crypto, mobile, and cloud/virtualization security.

Douglas McKee, Senior Security Researcher: Once again, Black Hat will have a great variety of talks for both the offensive- and defensive-minded individual. One of the newest topics we are starting to see will be on deepfakes. As social engineering continues to have a large impact on every security discipline, the concept of deepfakes becomes something to watch out for.

Q: What topic(s) do you think will play an important role at this year’s Black Hat and DEF CON?

Povolny: I foresee vehicle security continuing to generate heavy interest, as well as cloud and virtualization attacks. The more popular mobile device sessions are typically well attended, and we’ve had a spate of recent high-profile vulnerabilities that may drive even heavier traffic this year. Industrial controls are receiving renewed focus, though I’m surprised to see little to nothing in the area of medical devices given the security research community’s focus on this topic for the last 12-18 months.

McKee: Topics focused around our critical infrastructure and transportation will continue to play an important role, as these topics are growing fast with a security focus. As major companies continue to strive towards greater automation, how we protect this automation will play a key role in our everyday lives.

Philippe Laulheret, Senior Security Researcher: Although it’s not new, hackers and security researchers are looking into the security of secondary targets and then pivoting towards their main goal, which is usually hardened and more difficult to reach. Of particular interest are two talks centering on communication modules, and few others concerning equipment. Targeting VoIP phones, printers, faxes, etc., is really interesting: These devices sit on the network, are hard to monitor, and if compromised, can be used as a stepping stone to attack other machines. At the same time, they’re also valuable targets for eavesdropping or stealing confidential information.

Q: What is one of the biggest cyber concerns in 2019, and how can consumers or enterprises stay protected?

Povolny: The BlueKeep vulnerability (CVE-2019-0708) is a prime example of what should be top of mind for both enterprises and consumers. As WannaCry quickly taught the world, eliminating legacy operating systems and defunct protocols should be a foremost priority. These systems tend to be the most valuable targets, as attackers can reach millions of targets quickly through self-propagating code. I anticipate we will likely still see BlueKeep exploited publicly, perhaps (and maybe likely) turned into a worm in 2019. This is a rare opportunity for consumers and enterprise to address a likely breach before it happens, and to invest extra attention into removing or securing similar systems.

McKee: In 2019 it is almost impossible to buy a device that doesn’t have an IP address; everything is network connected. As both consumers and enterprises, we need to stay vigilant about what devices and information we are allowing to connect to the internet. Both our homes and offices are only as strong as our weakest device. The industry needs to continue to invest in developing secure products from the beginning while consumers direct extra attention to what they are buying.

Q: What are you hoping to get out of Black Hat or DEF CON this year and what do you want your attendees to take away from your session?

Povolny: I’m always interested in which topics tend to generate the most interest and why. So, I will be curious to see if my assessments of the most interesting topics are on point and will be spending additional time networking with researchers and attendees to find out what is driving them towards the topic. I’ll be speaking on IoT security, which encompasses threats across many of the industries, devices, protocols and technologies being presented at this year’s Black Hat. I’m hoping to give attendees a better understanding of the breadth and depth of the problem space and what the impacts are to them by showing them first-hand research from McAfee’s Advanced Threat Research team on a few IoT targets.

McKee: As a security researcher, I am always most interested in what new techniques the industry has uncovered to continue to find new vulnerabilities. It’s a constant game between evolving protections and new bypasses. In my session at DEFCON, I hope to convey some of the new methods we have used over the last year. More importantly I hope to highlight how, when researchers work together with vendors, very critical vulnerabilities can be swiftly mitigated.

 Laulheret: My presentation, “Intro to Embedded Hacking—How You, Too, Can Find A Decade-old Bug In Widely Deployed Devices,” is part of the DC 101 track and has the same aspiration of sharing one’s passion. The goal of this track is to get people up to speed on topics they are not familiar with yet. Hardware hacking can be intimidating if you are coming from a software background or if you never had any electronic/electricity classes. What I really want for this session is to show people that hardware hacking is neither hard nor scary, and by learning the basics, they will be able to investigate devices from their day-to-day life, potentially finding previously unknown critical flaws. There’s something extremely empowering in gaining the ability to dissect devices that used to be magic black boxes sitting on your network.

Best ways to catch McAfee at Black Hat & DEF CON:

Speaking Sessions:

Black Hat: Internet of Threats – The Current State of IoT Device Security

Steve Povolny, Head of Advanced Threat Research

Wednesday, August 7 | 12:40pm PT | Business Hall Theater B

 

DEF CON: Intro to Embedded Hacking—How You, Too, Can Find A Decade-old Bug In Widely Deployed Devices

Philippe Laulheret, McAfee Security Researcher

Thursday, August 8 | 1:00pm PT | Paris Theater

 

DEF CON: HVACking: Understand the Difference Between Security and Reality

Douglas McKee, McAfee Senior Security Researcher

Mark Bereza, McAfee Security Researcher

Friday, August 9 | 1:00pm PT | Track 2

 

Booth Presence:

Visit us at Booth #914 and test your hacking skills with our Capture the Flag contest.

 

Be sure to follow @McAfee for real-time updates from the show throughout the week.

The post Black Hat 2019: Q&A with McAfee appeared first on McAfee Blogs.

The 2019 Job Seeker & The Cybersecurity Skills Shortage

In today’s ever-changing job market, job seekers and employers alike are under a great deal of pressure. Those looking for their next career move are focusing on what’s required to land a great role with competitive compensation and room for growth in an exciting field. And employers are seeking a rising star that will be a good culture fit and have values that match those of their company.

A Letter to Jobseekers

Whether you just graduated college, left your previous role, or are seeking a different career path, you’re probably thinking, “Now what?” No matter where your path leads you, stay positive. Try to find a company that invests in you, truly wants you to succeed, fosters both personal and professional growth, and makes a big difference in your career progression.

If you’re a problem solver and love to learn, cybersecurity is the path for you. A career in cybersecurity can be very fulfilling. As cybercrime continues to rise, so will the demand for qualified cybersecurity professionals, offering both dynamic growth opportunities and job security. Furthermore, cybersecurity professionals are generally among the most highly-compensated technology workers—and as the need for security professionals further outpaces the supply, salaries will continue to climb as companies compete for top talent Lastly, a career in cybersecurity offers the sense of purpose that comes with making the world a better place by helping protect innocent people from cybercriminals.

Whether you are just out the gate or further along in your career, check out McAfee CHRO Chatelle Lynch’s five powerful career tips: stay hungry, celebrate other’s success, work hard, own your brand, and take pride in everything you do.

Good luck!

A Sustainable Model for Cybersecurity Talent

The term “skills shortage” is all too familiar to those in the cybersecurity industry. A Cybersecurity Ventures report estimates there will be 3.5 million unfilled cybersecurity jobs by 2021. And as cloud platforms demand an increasingly complex set of cloud SecOps skills, the skills gap will continue to grow at an increasing clip.

Success requires fresh thinking and fresh perspectives. It’s time for the cybersecurity industry to redefine the minimum credentials for entry-level cybersecurity jobs and accept non-traditional sources of education. Instead of expecting to hire an experienced cybersecurity professional, more companies should consider accepting job applicants that will require upfront investment and training. According to our Winning the Game report, 92% of cybersecurity managers say gamers possess skills that make them suited to a career in cybersecurity—and 75% would consider hiring a gamer even if that person had no cybersecurity training or experience.

In order to grow security talent and close the skills gap, companies should also consider developing apprenticeship programs, investing and supporting cybersecurity and threat intelligence programs at universities, and other avenues. According to Lynch, “We won’t close our skills gap overnight, but by working together to collectively promote and advocate for a career in cybersecurity, the closer we will get.” We look forward to solving the cyber skills shortage together and driving innovation with diversity and inclusion.

Looking for a career in cybersecurity? Join our team.

The post The 2019 Job Seeker & The Cybersecurity Skills Shortage appeared first on McAfee Blogs.

Don’t Hesitate When Transforming Your Business

Transformation is a popular buzz word in the tech industry. The market is full of companies promising to be the change your business needs to help it transform into the best player in its category. Many companies that have been around for a decade or more believe they’ve already transformed their business numerous times to keep up with the latest technology trends, while newer companies tend to practice business transformation daily to stay competitive. But is business transformation really needed? The answer is yes! However, transformation is an evolutionary process and won’t happen overnight. Organizations need to think about the future and embrace the fact they need to constantly change and move forward.

Transformation is Continuous

A disruptive and groundbreaking company will continually transform alongside its customers, adopting new applications and policies around the cloud, BYOD and more. As these items evolve, companies are confronted with the challenges and risks of change, including securing new endpoints on devices or in the cloud.

As companies evolve and transform to keep up with the latest IT trends, overlooking the security of company data is a common misstep. A recent study by leading IT analyst firm Frost & Sullivan revealed that 83% of APAC organizations don’t think about cybersecurity while embarking on digital transformation projects. Although 72% of the organizations conduct regular breach assessment to protect themselves against cyberattacks, 55% of them were at risk.

A Plan of Action

Companies are predicted to spend $1.7 trillion on digital transformation by the end of 2019, a 42% increase from 2017, according to IDC. With IT budgets at nearly their highest point, it’s time to rethink your transformation strategy and make security a priority.

The cloud is transforming the enterprise, and as a market leader, McAfee is transforming the way businesses secure data in the cloud. We transform the nature of security itself with SaaS (security-as-a-service) consumption models. By partnering with us, organizations can transform confidently, leveraging security solutions purpose-built with transformation in mind, including those that secure every segment of the cloud and heterogenous device environments. McAfee cloud security solutions extend your security from device to cloud with data visibility, data loss prevention, and advanced threat protection on a platform that supports an open ecosystem. Our goal is to make the most secure environment for your business from device to cloud.

As you start your transformation journey, consider the following questions:

  • How is your organization aligned? What are your organization’s goals?
  • What are the biggest/most important strategic initiatives your company has over the next two to four years?
  • What are your current major IT initiatives? Security initiatives? Cloud initiatives?

Looking to transform your business with McAfee? We’re here to help. Use the resources below for more information.

The post Don’t Hesitate When Transforming Your Business appeared first on McAfee Blogs.