AiThority Interview with Chris Hazelton, Director of Security Solutions at Lookout
Tell us about the exciting journey you’ve had in the security industry. How did you arrive at Lookout?
I’m a former Industry Analyst turned IT Security Solutions leader, having been in endpoint management and security for over 12 years. At Lookout, I lead the Security Solutions team, informing the market of the need for protection from phishing and mobile threats targeting the enterprise.
Before joining Lookout, I worked at BlackBerry supporting enterprise software and services, including BlackBerry UEM, Dynamics, and Cybersecurity services. Before that I was an Industry Analyst, leading the Enterprise Mobility practice at 451 Research where I authored over 500 reports on emerging mobile software and services impacting IT.
My first mobility role was at IDC as the worldwide Smartphone Analyst, researching emerging trends that impacted the design and use of smartphones in the enterprise.
What are the business challenges that Lookout solves?
Lookout secures the endpoints your employees use most – iOS and Android devices. According to Gartner, “by 2020, 90% of global enterprises will have implemented business processes that depend on a mobile device.” All enterprise services today support mobile users, and today’s employees demand mobile access to corporate data. The rise of Cloud productivity services like Google’s G Suite and Microsoft’s Office 365, means much of your business data on laptops is now on your employees’ work and personal smartphones.
Lookout provides a privacy-centric mobile security offering that identifies risk across the entire spectrum of threats. Lookout protects both corporate-liable and personal devices from app threats, device vulnerabilities, and network-based attacks. Stopping mobile phishing from any app on the device, Lookout protects your users as well as corporate data. We do not require users to be suspicious of threats, we protect users with every click or network request. At the same time, we protect user privacy as we do not send traffic through gateways that inspect your content.
It seems that phishing campaigns are targeting mobile devices specifically. Could you tell us why?
1 in 50 enterprise users are phished on mobile devices every day, making mobile phishing a massive problem on a small screen. On mobile, phishing threats can come from any app, both personal or for work. For this reason, the encounter rate for mobile phishing is very high in the enterprise. In Q4 of 2019, 15.8% of Lookout enterprise users globally encountered a phishing link on their mobile devices.
Phishing attacks on mobile devices have very high success rates because of how difficult it is to spot the tell-tale signs that people more easily recognize on a laptop or desktop PC screen. Smaller screens, the speed at which we operate with mobile devices, and that few users know how to preview a link on mobile before clicking on it, seriously impact the ability to identify a mobile phishing attack.
While IT architecture evolves around Cloud, Edge, and the IoT, how are mobile security measures shaping up in comparison?
Mobile security has to leverage the Cloud. The only way to deliver continuous security at scale is to leverage Cloud infrastructure. There are use cases where Lookout protections are in place when a device is unconnected. However, it’s only with assistance from the Cloud that threats can be detected in real-time, including stopping threats as they’re downloaded to the device.
Lookout is a Forbes Cloud 100 company for the 4th consecutive year and uses the power of the Cloud to immediately deliver protection from the latest mobile threats to tens of millions of devices around the world. We have a massive amount of data from more than 180 million devices and more than 100 million analyzed apps. Only the Cloud can bring this intelligence to bear.
Hear it from the expert: Do you think Endpoint security measures actually impact agility benchmarks in enterprise architecture? if yes, how?
Yes, particularly in mobile, security needs to be transparent. Users should not have to change how they use their devices to accommodate the detection of threats. At the same time, security should not impact device performance. Of particular concern in mobility is battery performance. Only Lookout has deployed mobile phishing protection at a significant scale to prove the approach we invented does not kill your battery. Security tools that route mobile traffic through web gateways can also negatively impact the user experience in addition to creating privacy issues.
There are widespread approaches to mobile security that involve silos, Mobile Application Management (MAM), or personas (Android Enterprise or Knox) for securing apps. These are effective in protecting the data and apps that reside within a container. However, they are often blind to the threats outside those containers, and unable to protect against threats that exist outside or across managed and unmanaged apps. Only mobile threat defense can protect the entire device to allow users to work how they want, and still use many of the apps they find most productive.
Could you help us with the most contemporary definition of Endpoint Security Management? How does it boost Post-Perimeter frameworks?
For traditional endpoints like laptops and desktops, endpoint detection and response vendors have had full access to kernel extensions to detect and stop malware. OS vendors are looking to limit access to the kernel, and this is starting with macOS Catalina. Likely, Microsoft will also limit kernel access for security vendors in future versions of Windows.
Today’s endpoint security vendors will need to move from broad access to system information to a more constrained environment. This approach brings endpoint security more in line with how Mobile Threat Defense has always had to operate. Identifying vulnerabilities and threats with limited information from the kernel.
OS vendors will continue to strengthen their own security while walling off security vendors, limiting the value of some endpoint offerings, and moving the focus to above the kernel threats, including 3rd party apps and phishing.
BYOD and mobility-based workforce have been around for some time now. Yet, mobile security is yet to catch up with cyberattacks and perpetrators. What is hampering the progress?
There is a general lack of awareness that cybercriminals are targeting mobile users. According to Gartner, organizations will spend over $7 billion on endpoint security in 2020, but only $300 million (0.04%) of that will be for securing mobile endpoints.
Managing mobile devices is not securing your mobile devices. Many organizations think Mobile Device Management (MDM) is enough to protect users, but MDM does not stop phishing attacks or provide the ability to dynamically block third-party apps that share or store corporate data in insecure ways.
As OS vendors work to improve their security, there might be too much trust in native device security. While they are more secure than desktop platforms, they are not infallible. Every OS will have vulnerabilities that leave them open to exploit. In 2019, iOS had 156 security vulnerabilities, Android had 414, and Microsoft Windows 10 had 357.
COVID-19 has exposed mobile-related frauds. What kind of measures would Lookout propose in such a scenario?
The targets of opportunity are personal networks and personal devices used by remote workers to remain productive. The mass migration of users from heavily managed and monitored networks to commercial home internet networks and routers presents a large attack surface.
The use of personal mobile devices by remote workers means organizations need to set minimum security standards for these personal devices as they are used to communicate and connect to corporate data. This includes requiring the use of encryption and password/biometric protection, as well as banning the use of jailbroken or rooted devices.
The use of shared devices even among family members should also be limited or avoided as the installation of consumer services allow apps with poor data sharing and storage practices to run alongside government apps and services.
We know about the various Data Science applications merged with Cloud computing. Could you tell us how you bring these together at Lookout?
Lookout uses Artificial Intelligence to detect phishing and application threats early on, sometimes before these attacks even start.
With Lookout Phishing AI, we continuously scan the Internet looking for malicious websites. Phishing AI detects the early signals of phishing, protects end-users from visiting such sites as they come up, and alerts the targeted organizations.
Lookout App Threat AI automatically analyzes and identifies risky apps among the approximately 100,000 new and updated apps made available every day. These are new and updated versions of existing apps, which Lookout detects when they are made available across all mobile app stores around the world, as well as other sources, including those installed on any device protected by Lookout. To date, Lookout App Threat AI has analyzed more than 100 million apps.
Tag a person from the industry whose answers you would like to see here.
Tony Kueh – VP of Product Management at VMware.
Thank you, Chris! That was fun and hope to see you back on AiThority soon.
A former industry analyst at IDC and 451 Research, turned IT software Product Marketing leader, Chris Hazelton has been working in management and security for enterprise endpoints for over 10 years. At Lookout, he leads the product marketing team, informing the market of the need for protection from phishing and mobile threats targeting the enterprise. As an industry analyst, Chris led the Enterprise Mobility practice at 451 Research where he authored more than 500 reports on emerging mobile software and services impacting IT. While at IDC, Chris was the worldwide smartphone analyst, researching emerging trends in the mobile and wireless space that impacted the design and deployment of smartphones in enterprise and consumer markets.
Lookout is a cybersecurity company for the post-perimeter, cloud-first, mobile-first world. Powered by the largest dataset of mobile code in existence, the Lookout Security Cloud provides visibility into the entire spectrum of mobile risk. Lookout is trusted by hundreds of millions of individual users, enterprises and government agencies, and partners such as AT&T, Verizon, Vodafone, Microsoft, Apple, and others. Headquartered in San Francisco, Lookout has offices in Amsterdam, Boston, London, Sydney, Tokyo, Toronto, and Washington, D.C.