APJ Interview News Security

Success of Cybersecurity is Good for Everyone as the Analogy says Rising Tide Lifts all Ships

With Covid-19, Digital Transformation has become the major project for all CIOs and CISOs and Cybersecurity has become the first point of consideration too. Today, SASE based solutions are also becoming the technology of choice for the Cyber Security. Enterprise IT World had a frank discussion with Nick Savvides, Strategic Business Director, APAC, Forcepoint about the entire market dynamics and advantage of Forcepoint. 

Which verticals and technologies have been driving the current market? Of course, cloud is one around which everything is evolving.

There has been a real change in the way we approach building applications over the last five years. It started 10 years ago with the cloud becoming common and the last five years, it is really become amplified because it is not just about the adoption of cloud services but also it is a whole mentality. And today, every business is a technology business. It is only going to become more and more dependent on technology. And the adoption of cloud has done a lot to accelerate the transformation of businesses because not only it gave us this elastic compute, but it gave us a new way of thinking about solving problems. I can just use an API from here. My cloud vendor doesn’t have that API. But other person has built this I’ll just use that API, which has introduced a whole new way of Thinking about the way we build applications. Thinking about the way we build applications. The way that we do things. And if you combine that with the ubiquity of high-speed broadband, t has completely transformed what we expect from our organizations and what our users expect from organizations. 

The wide scalability of broadband combined with the mindset of building cloud applications has completely transformed the way we design and build services. It has had a flow in it the way we design networks. And these old architectural styles of networks are no longer as relevant or as strong from both an outcomes perspective but also significantly from the security perspective, because one of the things that I really think that’s changing is that as we move more and more business into digitally transformed space, it changes our risk profiles. So, we’re no longer looking at organizational risk silos, we’re looking at a digital risk that cuts across those silos. And, when you think from risk perspective, it changes, not just what you want to do, but it changes the way you approach it, because what it means is security has to be fundamental to each piece of those organizational risk silos, because if it is fundamental one can build controls against that digital risk and you can mitigate that digital risk so security is also changing from being a back of house function to being a front of house function.  End uses and consumers, whether they are businesses or people in their homes, care about security now. So an analyst inside an organization who is building a new banking product for a financial institution or designing that product for them security has to be fundamental and it has to be foundational piece – that cuts across all of the digital silos, that they normally have to worry about. 

So is a lot of change from not only an architectural perspective, but from a mindset perspective and now a digital risk perspective. So, all of these things are rally changing every industry – it does not matter if it is government services, BFSI, or healthcare or resources. Every single one of those is going through some sort of digital transformation that is touching every aspect of their business. 

Three years ago, when I met the CIO of a construction company, he said I have trouble getting funding from the board for security. Now security is fundamental for that organization. 

Are these companies spending enough dollar on security?

I think we’ve seen an increase in technology spending during the pandemic.  People are cautious and looking at short term investment. They are bringing the projects forward because digitisations have been the saviour of many industries through this pandemic. On a micro level, if I give you an example, here in my hometown, there is a pub, which serves meals. They had no online presence beforehand. You had to go in and sit down order your food. The pandemic came and they were shot down since March. So, all of a sudden, they have gone online. They have taken this small business and digitized that. I can see that you home order a meal provide the registration number of your car. They see the registration number of my car and bring my meal out to me to come home. This is the example of a small business spending money on technology or their survival. And on the other side, the big businesses who have gone with online presence, finding it the only way they have got that money is coming through. You know, it might have been only 10% of sales at the start of the pandemic, but it is 100% now. 

What is your vision around new solutions and products’ roadmap?

When I joined Forcepoint I thought that the vision of the organization is very clear and it sat well with the modern outlook. The way that a modern network would be built. And I thought to myself, if I were building a company, if I were the CIO, or the CISO of an organization and I was looking for a three-year journey of horizon – one and horizon two type of activities; Forcepoint would be a vendor that I would talk to. 

We were well into this journey before the pandemic. We had decided last year that we have these great products we have got amazing DLP technology, user activity monitoring technology and probably the world leader in Insider Threat capabilities along without our web protection – CASB. 

But the modern architecture doesn’t really suit to try and take these things and stitch them together. So, we are going to go on a journey where we have these as cloud delivered offerings that operate on the edge of the network. That edge could be in the cloud, in someone’s data center or could be at somebody’s home. We were already pivoting down that way. Then the pandemic happened, and it proved our business model. As I was saying that transition of five years is being compressed down. Our offerings now are more relevant to the market than ever. So, this architecture that we settled on take from the Gartner’s SASE model (Secure Access Service Edge) as well as from Foresters Zero Trust model. We combine these concepts to build out our new offerings. So we can deliver a 100% SASE product today that extends enterprises security controls into the cloud, which means that a user, whether they are in a building, in an office on a managed machine or whether they are at home on an unmanaged uncontrolled personal computer, the same level of protection is offered to the user through the company’s data because we sit in between the users and the data. So we launched our first part of our SASE offering, which we call our Cloud Security Gateway that really brings to get those advanced functions that we have around Data Loss Prevention, CASB, Web Protection, etc. and puts them together in the single unified offering. Now we are launching the second part of that we call private access that takes our award-winning Next Generation Firewall to run inside somebody’s data center and putting that into the cloud. 

“In behavioral analytics, we have domain expertise in data protection, firewall, user monitoring, Gateway and CASB. We are consolidating all of these into our offerings, which is why I welcome the pressure from the competition.”

Nick Savvides, Strategic Business Director, APAC, Forcepoint

So now as a user you have got firewall as a service. It means your home user is not just being protected by their router connected to the ISP but also protected by a full Next Generation Firewall stack in the cloud. And we’ve got private access and Zero Trust networking access going back into the organization.

So, that’s the complete SASE zero trust vision around that. The second thing that we’re doing is, well, we’ve got this fantastic Insider Threat user activity monitoring capability today with two products – Forcepoint Insider Threat and Fore Behavioral Analytics. But these have been the domains of only the largest enterprises in the world because they require a complex program of work to understand to operationalize. So, it is the only regulated industries – typically financials, government, defense etc. utilize these technologies. But the same problem exists everywhere. So, what we are doing is we’re just about to launch what we call our Dynamic User Protection offering that takes those capabilities and democratizes them – puts them in the cloud and allows any organization to do that. What I see our great differentiator is going into next year into 2021 is taking the user activity and risk profiling and then driving Not just data protection actions that we do today but network protection actions that we can do in our SASE edge. This is what I call SASE Plus. It is what our chief product officer Nico Popp calls it the SASE of the fourth kinds. 

It’s really pivoting not just to SASE but what I’m calling behavior based networking behavior and based data access so that only the right people, have the right access at the right times to the right data and only when they’re behaving appropriately. And that is what is our vision. 

What is the differentiation of Forcepoint SASE offering?

If you just think about SASE, it is just the networking model. It is putting stuff at the edge of the cloud. What is different here is that we are instrumenting to understand the behavior. When you are instrumented to understand behavior, you start to collect all the signals. These might be human behavioral signals, device behavioral signals or threat signals. But either way it’s instrumented and we’re collecting them. Now the collection pieces is ease and you’ll ask anyone who is runs a scene, getting your logs into your scene is probably the easy part. Turning logs into action is the hard part. So how do you connect going from events to insights to action, because ultimately collecting data in instrumented something doesn’t make a difference or doesn’t matter if you can’t convert that to action. So, the action piece is where we’re focused on. Right now, a lot of SOCs run for customers dependent on a lot of manual processes. You have systems generating logs, then you have to investigate it and verified by an analyst and then decides what’s going to happen. Our model is different. We are using a lot of AI and ML to scale this. We have dynamic responses. I will give you a dynamic example that proves the vision. You have users who are at home and are utilizing a whole bunch of corporate services they are going through the SASE service edge – all of the SASE protections are there including Web Gateway to protect them against the web born threats, remote browser isolation for advanced threats sand boxing for very advanced threats, Next-Gen Firewall for those advanced networking threats, but I still cannot investigate what that person is doing. That is the SASE. I have a policy that says, I’m going to restrict this person from sending this email or using this content in this way. That is great! That is what CASB and DLP does today. But if I just have rules, I always end up investigating things after they have happened. So, our model to make a move before the incident. It takes those signals and have an action that occurs before the event occurs – whether it is malicious or unintentional. Imagine a user at home using their computer going through a SASE cloud. If it is just SASE you’re not going to stop that person from inadvertently sharing data. If it is Forcepoint vision of SASE where we’ve put in our human analytics underneath our machine learning and AI that is observing what the user is doing and then gains insights and says, this user is posing a higher risk than the normal and automatically restricts them from doing certain actions. You have gone from waiting for something to happen to predicting something has happened and preventing it. But further as that uses risk goes up, it introduces the ability to do coaching. A lot of people make mistakes when they are busy or when they don’t know what to do when they aren’t aware of the threats. So, imagine a scenario where I have predicted that this user is presenting a risk to the organization. When he is performing the action, I am now going to pop up a message which ways, ‘this is a violation of policy, are you sure you want to go through with this. We have this virtuous cycle of this of not only just predicting a bad event, but also identifying and prioritizing coaching and training for users who are most at risk of causing a bad event. Now that that’s the true power there. We are now moving back in time and we are saying we can predict the bad event from occurring. 

What I tell the CISOs is that the difference between our vision and every other SASE vision is that we are adding human intelligence and it has to be driven by machine learning and artificial intelligence otherwise, it doesn’t scale because you get all these signals you can’t make sense of it. You have to have data scientists, you have to have people understand human psychology, you have to have people who understand workflows. These are the resource which do not come ease and cheap. We do that on behalf of the customers. That’s the real secret sauce for us.

Can elaborate a little bit on SASE solutions being adopted from various business point of view. 

The industries and verticals that are moving to SASE is faster than others are probably the retail and financial sector because they have a lot of branches.

It is also happening with the manufacturing where they have got diverse manufacturers. I don’t think it is industry specific. It’s more the way the business operates because even in healthcare, where are chains of doctors, surgeries and pathology labs, they’re all going down that path too. Even in government services they are sending their people to work in regional centers and work from home.

There is a huge contraction of budget for CISO/CIO, how are you helping?

As I said before, the pandemic has placed an existential threat to business and businesses have had to deal with much lower revenues coming through the doors, whether you’re an oil company or a retailer. How do you deal with that and that budget problem? 

To deal with the situation, we have two approaches. Firstly, with our model, we have put together very, very compelling pricing that is unified. Because we are delivering outcomes to the customer, we can say to a customer “you currently today have five or six different technologies from different vendors, and you are getting a level of efficacy which is not ideal. Not only can we improve your level of efficacy but better business outcome by consolidating with Forcepoint. So you consolidate multiple vendors, multiple costs and multiple contracts into a single offering or buying program that we have called Forcepoint Advantage Buying program earlier this year that really allowed organizations to drive exceptional value out of a purchasing”. 

The second piece is the opportunity costs. So, when you’re calculating your opportunity cost of if I don’t do this, what am I not going to get. It is really been a pivot of investments. Organizations are saying, well, I’m going to put on hold, doing the refit of this building. If I can get my users working from home and trying to keep money flowing through the front door because I know that buildings are going to be open. So, we’ve seen that change as well within organizations. So a lot of what I do is work with CIOs and CISOs to understand the budget pressures and work with them, not just to have Forcepoint put together an offering for them to save them money but also how they can work with their own board and their own leaders to make cybersecurity a piece of their transformational projects. So, they’re not being funded separately. So, when the organization says we have to pivot being digital online Cyber Security is funded as part of that, not as an afterthought, where it’s funded separately. It’s part of that transformation project. I do a lot of that working with organizations to work with their boards and their executives to build to build out how we can model those costs. If they can’t do that, they can’t run their business. So modelling opportunity cost is a big one. So, the first part is operational costs on using Forcepoint Advantage and delivering as a cloud service. And then secondly, examining the opportunity costs and working with CISOs to do that. And I’d say that’s been fairly successful so far.

If you look at the ecosystem what are the competitive advantage of Forcepoint SASE solution?

I go to RSA conference every year. I remember, people used to say end point security is dead. When I walk around and see there are 700 exhibitors selling end point security. Now everyone is trying to sell their SASE story. It is a good thing. First of all, the success of cybersecurity is good for everyone. There is an old analogy – Rising Tide Lifts all Ships. And we are one of those ships. It’s better for the business, consumers and citizens that people take cyber security more seriously. But why would someone pick a technology like force point over every other crowded voice in the space. I answer is that ‘we are a company that is solely focused on this mission’.

‘We are a security pure play company that focuses on user and data protection. That’s all we do, we’re not selling productivity tools, we’re not selling infrastructure, we’re not selling all these other things that are distractions, which means we can do this very, very well. Not only can we do this very well we can invest heavily in this space to maintain our competitive edge. 

Now we know we are under significant competitive pressure and what’s great about a company like Forcepoint is because we have focus, we can focus on improving and staying ahead and being the vendor of choice for the organizations. We have the size of nearly 3000 people. We have the investment, technology and uniqueness in our offering. 

One or the other have expertise in one space. For example, it might be web gateways. Great! You might have a great Web Gateway. We’ve got a gateway too. But going from doing a Web Gateway to doing insider threat and understanding human behavior, it is a very big gap. And we do all of those pieces, really, really well. What I like about Forcepoint is that we have expertise in all of these areas on the vision, we are not stretching ourselves from one position to go to another. We are consolidating our existing excellent offerings into these cloud model. 

In behavioral analytics, we have domain expertise in data protection, firewall, user monitoring, Gateway and CASB. We are consolidating all of these into that offering, which is why I think we will we. I welcome the pressure from the competition.

Related posts

Kingston Technology boosts server performance of Italy’s leading Data Centre company, Aruba.it


Check Point Software’s Mid-Year Security Report Reveals a 29% Increase in Cyber-attacks Against Organizations Globally


Babuk: Did they Bite off More than they Could Chew when they Aimed to Encrypt VM and *nix Systems?