Eric Leblond, CTO of Stamus Networks: It’s time to promote the defenders
May 2022 by Marc Jacob
On the occasion of FIC 2022, Stamus Networks will showcase the latest iteration of Stamus Security Platform which is a network threat detection system. Thanks to its innovations, which are partly based on artificial intelligence-type technologies, it reduces investigation times. For Eric Leblond, CTO of Stamus Networks, one of the key principles at Stamus Networks is the promotion of defenders.
Global Security Mag: What will be your news at the International Cybersecurity Forum 2022?
Eric Leblond : We are announcing and demonstrating for the first time the latest iteration of our Stamus Security Platform which is a network-based threat detection and response system. By combining feedback from our customers and the results of our own research and development, we have improved the threat detection capabilities of the solution while reducing the time required for investigation.
Global Security Mag: What are the strong points of the solutions that you are going to present on this occasion?
Eric Leblond : The latest version of Stamus Security Platform implements new detection methods using artificial intelligence technologies. The primary challenge created when AI is used in threat detection is that they typically provide opaque results for the user. We have therefore developed these functionalities with a strong internal constraint: the results must be quickly analyzable and verifiable by our customers. This is essential in a field where the talent shortage is significant.
Similarly, our solution supports multiple use cases that adapt to the experience level of the personnel using it. A novice analyst, for example, will find information presented with clear and succinct explanation about the threats found on the network while an experienced analyst is given the tools to perform a more in-depth investigation . The results of this investigation can then be incorporated by the experienced analyst into an automation which can, in turn, help the less-experienced analyst more easily contribute to future investigations.
Global Security Mag: How should technologies evolve to counter these threats?
Eric Leblond : In this era of ransomware, it has become clear that organizations must detect compromises before they paralyze the information systems. So, it is a never-ending race against time pitting run by organizations that are often understaffed. This induces incredible stress on security teams and often leads to burnout or career change. Management has an important role to play and can help by creating a positive environment and defining appropriate processes that prepare them for the long term. But defense technologies can help, too. They must evolve in ways that provide more automation in threat detection and response in ways that manage the information flow in ways that limit the stress on the security teams.
Global Security Mag: Since the beginning of the year, have you noticed the rise of new cyber threats?
Eric Leblond : We have not really seen an increase in new threats. ransomware remains a significant threat, and the professionalism of the actors behind the cyber-threats continues to progress. Unfortunately, the same goes for their resilience. We have, for example, witnessed the return of Emotet, which appeared to have been dismantled last year during a large-scale operation carried out by the security forces of several countries.
Global Security Mag: In your opinion, what place can humans have to reinforce the defense strategy to be deployed?
Eric Leblond : I see two aspects to this question. On the one hand, humans are the most common entry point during compromises. Phishing by email remains the most frequently-used technique, making humans the critical vulnerability. So security training and awareness for the entire organization is absolutely necessary.
On the other hand, humans will be the best orchestrators of the defense of information systems for the foreseeable future. The human alone has the unique set of skills to determine when it’s appropriate to press the red button and trigger a response that may shut down a system or network segment. The modeling of an attack and an automated response are always fallible because there are often outside factors that cannot be incorporated into the system but that will be clear when evaluated by humans. ISo it will continue to be necessary to place humans at the center of any detection and response strategy while being mindful that their capacities have limits.
The human capacity to process raw information in real time is weak relative to computers. Therefore, technology solutions must strive to offer analyzed, distilled, and packaged data for human consumption. This will reduce the stress and empower cyber defenders.
Global Security Mag: There has been a shortage of talent for years, what actions can cybersecurity players take to attract new talent?
Eric Leblond : At Stamus Networks, one of our core principles is the celebration of defenders. Too often, the cybersecurity industry and the media elevate the attacker into a modern hero, a human David against the technological Goliath. This is reassuring: humans would always be able to stand up to threatening and dominating technology. Today, with the prevalence ofMalware as a Service, it is more of a clash of technologies, a new version of the projectile against the armor. And here, bad intentions are often on the side of the projectile.
At Stamus Networks, we think it’s time to celebrate and honor the defender. The defender’s work is noble, complex, and should be recognized as such. By changing the narrative, we can help make careers in cyber defense much more attractive.
Global Security Mag: What message would you like to convey to CISOs?
Eric Leblond : I’ll start with “thank you” and “good luck.” We know how difficult this job can be, and we work relentlessly to help CISOs and their teams by offering solutions designed to dramatically reduce detection time while simultaneously reducing the pressure on their teams.
– More Information: email@example.com ou Steve Patton VP of Sales EMEA firstname.lastname@example.org