Securing cyberspace

BlackBerry’s CTO, Charles Eagan, speaks exclusively to Digital Bulletin about its reaction to COVID-19, the trends shaping the cybersecurity market, the integration of Cylance and much more

How has the COVID-19 crisis impacted BlackBerry’s wider technology initiatives and goals?

Because of our heritage of secure mobile communication, our initial focus was to help companies adapt quickly – especially those that might not have been ready to meet the demands of this new reality. We’re also intent on helping businesses navigate this challenging time, and supporting them with the right solutions to keep people and data safe at all times.

Our goals and strategy have not changed: we are still committed to connecting, securing, and managing every endpoint in the Internet of Things. Beyond a secure enterprise or secure building, we think about constructing critical infrastructure, securing utilities, providing automotive safety, and securing the consumer themselves.

Cyber attacks are on the up, many of them COVID-19 related – how can enterprises best protect themselves against attacks, especially whilst home working?

While it’s true that home has become the new enterprise, this shift has not been without security risks. For instance, one of the most frequent attacks we are seeing right now is phishing emails. With an increasing number of employees logging in from home, phishing attacks and more advanced threats are being increasingly deployed by malicious actors. The first thing an organisation can do is teach its staff how to look out for signs of malicious activity and how to react if they are suspicious. Applying zero trust to your inbox is key at all times.

Phishing attacks are also becoming more complex and cyber criminals realise that traditional security models – based on human input – are susceptible to attack during times of panic and high stress such as these.

This is where AI-based solutions can address the challenge. Through the ability to learn and adapt, AI solutions can dynamically react and adjust to an organisation’s – or individual employee’s – needs and risks. Solutions that leverage machine-learning can stop phishing attacks from being successful even when employees are distracted or tricked by specially crafted emails.

Security solutions need to leverage machine learning to provide analysis for the likes of millions of characteristics that identify a file as being malicious or benign, and then prevent the latter from executing on an endpoint. This innovative technique renders malware, ransomware, and zero-day attacks ineffective at machine speed.

Attackers take advantage of human nature, especially how we behave when receiving or accessing important information from sources we assume to be trusted. The potential to fall victim to a phishing attack is heightened right now. It is more crucial than ever that businesses have empowered teams while also making sure that they have the right tools in place to be protected.

Away from the virus, what are the main tech trends you are seeing in the IT security space at present?

The threat landscape is wider and more complex than ever. From an IT security technology perspective, we will see continued development of AI-based threat detection and prediction solutions. I cannot stress the importance of this enough: today’s cybersecurity threats are vast and incredibly smart, and many are employing AI themselves in a weaponised form. We are seeing more threats designed to evade traditional perimeter defences, which are invisible to the standard threat detection methods that rely on blacklists and malware signatures.

This is where AI is so important: intelligent technologies lie at the heart of the solution to rapid and new cyber attacks. These technologies help fuel automated and predictive threat detection, which can spot the signs of a threat before it infiltrates systems – it’s replacing the typical reactive response with a proactive one. AI-based cybersecurity solutions are not only capable of preventing known threats, but of predicting and preventing new threats before they have the chance to cause significant damage.

When you look back, how would you reflect on the job BlackBerry has done in pivoting its business to an enterprise software innovator?

In 2014, we began executing a strategy to focus on enterprise software. We saw an opportunity to leverage our expertise in mobile-first security and communications, and apply this to a broad set of endpoints, beyond BlackBerry smartphones. We recognised that the Internet of Things would transform industries, and that more information would be pushed to the edge. We also realised that these endpoints and the information would need to be connected, managed, and secured as the intelligent edge continues to develop and emerge.

BlackBerry is well positioned to leverage the strength of its brand, security expertise, and systems to make an impact on the Internet of Things. Identifying and pursuing the emerging category of billions of connected devices – and the massive market potential that comes with it – has been an exciting challenge.

We now have a more clear and developed software business, and we know that we have a unique security and privacy offering that speaks to definite needs in the marketplace. To me, there couldn’t be a better time to be here and I’m excited for what the future will bring.

What are some of BlackBerry’s major initiatives and programmes of work in the enterprise software security space?

In addition to offering our businesses additional assistance in implementing their own remote working programs, at no cost, we’re also focused on some more mid- to long-term initiatives in the enterprise security space.

For instance, at the RSA conference, we announced our BlackBerry Spark platform now features a unified endpoint security (UES) layer, which can work with BlackBerry UEM to deliver zero trust security. Leveraging many of Cylance’s technologies – including AI, machine learning and automation – BlackBerry Spark now offers improved cyberthreat prevention and remediation, and provides visibility across desktop, mobile, server, and other IoT (including automotive) endpoints.

BlackBerry Spark offers the broadest set of security capabilities and visibility covering users, devices, network, apps and data, as well as data management and data privacy. The components of BlackBerry Spark are designed to work seamlessly together to provide the highest level of security and management with a simpler, more productive user experience on any endpoint, from any location, over any network.

How has the company been able to integrate the capabilities of Cylance since the acquisition in late 2018, and how has the acquisition improved BlackBerry as a whole?

Effective March 1, 2020, we successfully integrated the entire Cylance organisation, including sales and R&D teams. The combination of BlackBerry and Cylance teams form the core of the BlackBerry Spark organisation. Now, as an AI-cybersecurity company, we have more ambition than ever to secure systems in the most proactive way possible.

We believe a unified team leads to broader customer coverage, a richer product road map, a clearer sales message, and most importantly, very differentiated offerings. We can see this integration in the BlackBerry Spark platform, which leverages Cylance-fuelled artificial intelligence, machine learning, and automation to provide improved cyber threat prevention and remediation.

The integration of Cylance’s technologies has not only improved BlackBerry’s established solutions, but it has also opened the door for the development of future solutions that are even more secure, sophisticated, and user-friendly.

Could you tell us a bit about BlackBerry Labs and how that programme is progressing?

As an innovation accelerator, BlackBerry Advanced Technology Development Labs is an intentional investment into the future of the company (which is how our estimates on personnel went from an initial staff of 20 to 120 individuals very quickly). We’ve handpicked the team to include experts in the embedded IoT space with diverse capabilities, including strong data science expertise.

Notably, we’re setting up hardware labs in Waterloo and Ottawa to be used by our teams, creating spaces dedicated to specific areas of focus and testing. Overall, most of the investment has been made already, but we’re still looking to build on this unit by partnering with six universities on active research and development. We’re quite proud of these initiatives and think they will greatly benefit our future roadmap.

Initially we’ve been focusing on the importance of integrating Cylance’s machine learning technology into BlackBerry’s product pipeline. However, it’s not just about creating an ecosystem of ML-based solutions, but rather smartly and strategically adopting ML into the work we’re accomplishing each day. My role is primarily helping to bridge the different teams and create this connectivity and cross-pollination between the various business units.

At CES, for instance, we unveiled an AI-based transportation solution geared towards OEMs and commercial fleets. This solution provides a holistic view of the security and health of a vehicle, and provides control over that security for a manufacturer or fleet manager. Born in BlackBerry Labs, the new offering marks the first time BlackBerry Cylance’s AI and ML technologies have been integrated with BlackBerry QNX solutions, which are currently powering upwards of 150 million vehicles on the road today.

How do you foresee the security sector developing over the next three to five years and what do you believe will be the technologies that define it?

The technologies that define the security sector over the coming years will depend upon the technologies being used by cybercriminals. Innovation must be continuous, as attackers continually search for new ways to carry out their nefarious actions. For instance, we’re expecting new attack strategies in existing, widely-used file formats – last year, we found malicious payloads residing in WAV audio files.

It’s difficult to tell how the tech world will spring back after the pandemic, but we hope to see organisations bounce back quickly, and continue to innovate in the IoT sector. New, exciting technologies will always come with new routes for attackers to infiltrate endpoints, so we must create technologies that protect against this. The cybersecurity sector must work together to secure everything, leaving no stone unturned.

This means we must continue to investigate threats both new and old, like the Remote Access Trojans sponsored by the Chinese state, which have been targeting Western intellectual property for almost 10 years.

Furthermore, we must continue to develop trusted endpoint protection and secure communications technologies that work across all industries. And we must predict the next cyber threats ahead of time, using predictive and intelligent technology. Machine-learning and AI are the way forward for cybersecurity, and we are working with our BlackBerry Labs team to develop these from the ground up.

Author

Back to top

SUBSCRIBE

SUBSCRIBE