3 days ago
Positive Technologies Makes Cyber Wars Smarter
Home » Interview Of The Week » Cyber Wars Just Got Smarter, So Did Positive Technologies
At the Positive Hack Day Fest, we had the opportunity to speak with Alexey Andreev, Chief Technology Officer of Positive Technologies, a global cybersecurity solutions provider. The event brought together cybersecurity professionals, vendors, and government representatives to explore innovations, exchange ideas, and experience live simulations of attacks and defenses in a real-world-like environment.
How has the cybersecurity threat landscape evolved over the past 3 to 5 years?
The cyber landscape has dramatically changed, especially compared to 3 or 4 years ago. Several factors contributed to this: Increased Attack Frequency and Sophistication – Geopolitical tensions have escalated the number and complexity of attacks globally. AI-Powered Attacks – Adversaries are leveraging AI and large language models (LLMs) to orchestrate more calculated and intelligent attacks. These tools help them gather intelligence, conduct reconnaissance, and simulate vulnerabilities before launching an attack. Cloud and Infrastructure Changes – With cloud technologies becoming mainstream, attackers have shifted focus to exploit hybrid environments, APIs, and remote access systems.
How is Positive Technologies leveraging AI and ML to detect and respond to these evolving threats?
Even before LLMs became widely available, we used deep learning to power our behavioral analytic detection systems. These tools can identify anomalous or malicious processes in real time with high precision and low false positives, without requiring human intervention.
Now, with the rise of large language models, we are enhancing our systems to act more like copilots or autopilots for security operations centers (SOCs). We've invested heavily in GPU-powered clusters to support these AI models, allowing real-time analysis and decision-making. Our hybrid systems combine rule-based expertise with deep learning and LLMs to create intelligent, adaptive defenses.
What about cloud transformation, how are your solutions adapting to it?
We've made significant strides in making our solutions fully compatible with both public and private cloud environments. Our focus is on ensuring that customers can operate securely without sacrificing performance or violating data localization laws. This flexibility is critical for modern businesses.
With GDPR and other regulations in place, how do you ensure compliance while maintaining operational agility?
Our technology is built with compliance at its core. Clients can operate our products without transmitting any data outside their environment. All data is localized, it stays within the customer's data centers or country-specific perimeter.
This approach allows clients to comply with GDPR and other regulations without hindering their operational agility. Our role is to ensure our products support this framework by design.
Let's talk about zero trust architecture. How critical is it to modern cybersecurity?
Zero trust is absolutely critical, especially in today's interconnected world. However, implementing it is not simple. Legacy systems weren't designed with zero trust principles like access on demand and least privilege in mind.
Moreover, human factors make it difficult. People resist restrictions, and infrastructure redesign takes time and resources. So, while zero trust is powerful, it's not a silver bullet. It must be part of a broader strategy, combined with user awareness, strong authentication, and continuous monitoring.
What strategies do you recommend for ransomware resilience?
Ransomware remains a high-impact threat, despite many organizations taking preventive measures. Just last year, we partnered with VirusBlockAda, a Belarusian cybersecurity firm known for its role in analyzing the Stuxnet worm, to develop a next-generation endpoint protection solution.
This solution is specifically designed to combat ransomware using a blend of behavioral analytics, deep learning, and memory forensics. It's a significant evolution from traditional antivirus tools and is tailored for modern threat scenarios.
Are ransomware attacks in the Middle East increasing or decreasing based on your recent reports?
While I can't provide the exact figures offhand, our most recent reports indicate that ransomware remains a persistent threat in the Middle East. The region is rapidly digitizing, which presents new opportunities for attackers. This is why we're actively expanding in the region and working with local stakeholders to bolster cyber resilience.
Finally, what's next for Positive Technologies? Any innovations on the horizon?
Our most exciting development is around autopilot cybersecurity systems. These systems will enable security teams to automate threat detection, response, and even remediation, a leap toward fully autonomous SOCs.
We are also exploring generative AI for real-time threat simulation, automatic report generation, and contextual threat intelligence, which could revolutionize how cybersecurity professionals work.
