Cisco's Martin Roesch on Security, the NSA and the IoT

marty-roeschIf there can be a positive aspect to the complex spaghetti of technology-enabled disruption that is everywhere today then it’s probably the security firms that are seeing it. The never-ending news of hacks, cracks and attempts to steal, deface, corrupt and compromise have led to a cybersecurity market worth tens of billions of dollars annually.

“There’s no shortage of opportunity in the security industry right now,” acknowledges Martin Roesch, the founder of SourceFire, acquired last year by Cisco where he is now chief security architect.

Roesch is talking by phone to me to promote Cisco ASA with FirePower Services, an attempt to forge together the latest firewall, intruder prevention and malware protection to make for a more pre-emptive, intelligent, automated approach to dealing with threats before, during and after events.

“This is very necessary,” he says. “Because of the emergence of the Internet of Things, mobility, cloud et cetera, security solutions have to be much more dynamic and scalable. Most platforms are manual loop systems and updating is only as good as the users of the system.”

Industry mergers and acquisitions remain susceptible to breakdowns, too often caused by cultural issues. However, the early signs of the Cisco-SourceFire marriage appear positive after what Rosech describes as a successful bedding-in period.

“That’s the complication, frequently: will the cultures be able to mesh and things like that,” Roesch agrees. “I think Cisco has done exactly what they needed to do to give this deal its best shot to be successful. We were trying to figure out how to put the teams together and in the spring and summer they really did come together and now they’re well knit. This is step one but it’s actually moving faster than we thought. I thought there’d be more bumps in the road.”

The already complex threats afflicting the security sector have, of course, been added to by the acts of various governments and their agencies in recent times. In May this year, Cisco CEO John Chambers sent an open letter to the US president complaining that its actions (which have included alleged tampering with Cisco kit) were having a damaging effect on international sales.   

“We basically said we’re a trustworthy vendor and our most important goal is to be a trustworthy vendor to our customers and partners, and Mr Chambers very publicly sent a letter to the president and said please don’t hurt our business,” Roesch recalls.

However, he was far from shocked by the waves of reports about espionage.

“I wasn’t surprised at all. When I got started in security I worked on that side of the world and knew what was possible. I was kind of surprised that people were surprised. Spies are gonna spy, right?”

He adds that Cisco does have initiatives under way to counter challenges to the integrity of its systems, ranging from tamper-evident seals on products to closely managing links in its supply chain, but he recognises that there is no panacea.

“That’s pretty much all any vendor can do: make it hard for people to break into our products,” he says.

More broadly, however, Roesch has his eye on a future where security products can be much smarter about identifying issues in context, what’s important, what needs to be communicated and so on.

“An intrusion detection engine allows you to ask questions,” he says. “You say: if you see this, let me know. That’s all an IDS does. So we’re trying to understand the larger questions. Insider hacking, government-sponsored stiff, script kiddies, they’re all doing similar things... Tempest and all that crazy stuff. We protect against the threats. There are things we know about and things we don’t know about. The problem we’re into now is we have lots and lots of technologies that try to stop you getting hacked in the first place [but some only] tell you about it and [some] do something about.”

Instead, Roesch says he wants to get to a point where the security software says “we already contained the problem and here’s how”:

“Contextualisation is a pretty simple idea: how meaningful is it and how much do I need to care? It can be done by people or by systems if they have the information.”

But there could be more trouble ahead and Roesch believes that having more and more smart objects under the Internet of Things might lead to another dimension in the security challenge unless people smarten up.

“It’s going to be like the early days of the web where people were charging into new markets and not really keeping an eye on the security side of the world. A great example was web browsers. It was more important to get features out so that led to a great amount of hacakability. People were moving so fast that security took a back seat. Until security becomes a frontline concern for everybody producing the Internet of Things, it’s definitely going to be a concern. I hope we don’t need a wake-up call to have people really start internalising these things.”


« Santiago Bilinkis: Applying Science to LatAm Startup Methods


C-Suite Career Advice: Nancy Treaster, SVP and GM, Verint Systems »
Martin Veitch

Martin Veitch is Contributing Editor for IDG Connect

  • twt
  • twt
  • Mail


Do you think your smartphone is making you a workaholic?