Enjoy the Cylance

Today’s post is brought to you by the letter “P”.

Information security and antimalware solutions have vastly improved over the years. No matter how good the tools and techniques get, though, there is something fundamentally flawed with the entire approach to security. Cylance hopes to bring a culture shift to security that will change all of that. 

The first thing that comes to mind when I hear the word “presponse” is the movie Minority Report, with the prescient “precogs”. There is no crime in the Minority Report, because crimes are predicted and stopped before they occur. That is how Cylance would like to approach information security.

Stuart McClure, CEO and president of Cylance, explains, “The traditional approach to security products and services is fundamentally broken. It simply can’t address today’s advanced threats much less those just appearing on the horizon. We’re tired of focusing on the symptoms, it’s time to address the root cause and attack it. Aggressively.”

The Cylance website provides a couple examples to illustrate how the current state of security is a “successful failure.” It points out the almost fatal flaw that occurred on the Apollo 13 mission, and an incident that occurred on United Flight 811 on February 24, 1989–a flight that Stuart McClure was on–in which a critical failure caused the loss of nine lives, and almost brought the entire plane down. In both of those cases, ingenuity and perseverance prevented a total catastrophe, but the result was basically a “successful failure.” 

Our current information security model works essentially the same way. It has evolved to a point of relative equilibrium, where it feels like its working to some extent. But the whole thing is a “successful failure” that always has an initial moment of vulnerability, and always gives the attacker the first move. 

The Cylance website describes Presponse like this: “Security assessments will penetrate your network to find flaws and forensic response will reveal when those flaws have been exploited. Presponse blends the two together to be truly Predictive, Preventative and Pre-incident. After all, don’t you want to know HOW you’ll be compromised BEFORE it happens?

Some of that is pure marketing hype. As the Cylance website points out, the company is still involved in security assessments, penetration testing, and forensic response. There are lots of security vendors out there that perform those same functions. 

The big difference between Cylance and the traditional approach, and the thing that separates Cylance from most competitors more than the letter “P” and a few buzzwords, is math. Cylance is using big data concepts, and applying a mathematical algorithm to analyze and identify attacks before they occur rather than waiting for an attack to be reported and dissecting it after the fact.

Is Cylance the answer? Is it a new approach, with a new solution, or just another security vendor? Only time will truly tell, but I have met with Stuart and the Cylance team, and I can say that they believe their technology, and their approach are the cure for what’s broken in information security today. 

You can learn more about the products and services offered by Cylance on the website. You can download and try out CylanceDetect for free.