The largest information security and digital risk conference in the world, RSAC 2018, recently descended on the Moscone Center in San Francisco for a packed week on all things cyber security. It was a lively conference and many of the smartest experts in the industry came together to discuss how they see the landscape around information security and trust evolve.
As you would expect, the conference had as many ideas on how to protect valuable information and systems as there were vendors to solve the specific problems. This isn’t surprising considering that cybercrime (and protecting against it) is estimated to cost $6 trillion per year through 2021 – for a sense of scale, the total cost from natural disasters in the US in 2017 didn’t even reach $1 trillion. One trend was clear and that was how information security is accelerating as a top priority for enterprises. Here’s a summary of how OpenText™ displayed how our top priority aligns with the trends: we’re focused on enterprise information security.
Digital risk is a global problem with cybercriminals relentless in their efforts of trying to steal information from governments, corporations, nonprofits and, of course, consumers. We’re seeing a rising level of sophistication from these attackers – in 2017, the majority of breaches were file-less attacks utilizing Windows management tools, making such attacks even more difficult to prevent. The growing number of connected devices makes the surface area of digital risk greater than ever before.
Organizations spent over $86 billion in 2017 alone to protect their most valuable assets. Considering the scale and what’s at stake, companies might not be spending enough of their budgets on information security. With all the dollars spent, there were still more stolen or compromised records in 2017, than ever – almost 2.6 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase over 2016.
OpenText introduced their security perspective with a combination of forensic-grade endpoint security, enterprise-grade identity and access management (not just the kind for your employees to connect to cloud apps), and predictive analytics using machine learning and artificial intelligence. Why this approach? We understand the power of information and the responsibility of all companies to ensure that their information remains secure, private and not misused.
And with that, companies around the world are experiencing significant information security threats arise across devices within or connected to their ecosystem, as well as disturbing levels of traffic from hackers trying to gain access through compromised credentials. Additionally, the plethora of data being generated from these ecosystems is staggering and cyber security professionals are falling behind trying to manage it all. All signs point to these trends getting worse so it is devices, identities and access, and analytics that form the foundation of OpenText’s information security offering.
Secure devices and IoT
The way that endpoint security works is by monitoring the devices in your ecosystem and comparing them against threat instances. If your network and systems are breached, an alert is created to automatically validate the threat and then to triage the sub-network for evidence of other devices to which the threat may have spread laterally. As evidence of malware is uncovered, endpoint security technology can then be used to wipe the malware from infected hosts without the need to bring the systems down or even to reboot the device. Without this type of security, malware can stay hidden within your network on average for over 90 days and during this time, cybercriminals can move laterally seeking to exfiltrate sensitive data, elevate access privileges, and begin compromising credentials.
Identities are the bedrock
Unlike traditional identity and access management (IAM) providers, the kind you should consider for ecosystem security will enable enterprises to centrally manage the entire identity lifecycle of both internal and external people, systems and things, as well as their access to information and resources across the extended enterprise. This builds a trust system whereby users are repeatedly validated and only granted access to data when authorized, making it incredibly difficult for cybercriminals to gain unauthorized access. Compromised credentials are still one of the primary ways hackers gain access into a network. Additionally, the right IAM technology secures an ecosystem by providing identities for and managing access protocols of IoT devices, which is both an opportunity for companies to expand their operations but also a growing risk – the massive threat surface of IoT devices creates access points back into enterprise systems.
Protect this, analyze that
There are two distinct needs when it comes to information security: protecting a company’s sensitive data from data breaches; and managing and analyzing the data that is produced from a connected ecosystem of people, systems and devices. This is where machine learning and artificial intelligence help companies detect anomalies across an enormous surface area for threats. This approach does address both needs at the same time. There isn’t a human or security team on earth that can both analyze systems for breach as well as reasonably respond to data threats in real-time. To be clear, there are data scientists that are smart enough to do this, but I’m referring to the scale of these ecosystems and the response required where we need computers to be doing this for us.
Devices, identities and data
With more than 42,000 attendees at RSA, 17 keynote sessions, and 700 speakers, the 600 companies selling their solutions were likely to overlap in message and capabilities. To differentiate from a sea of the same, like many of you, OpenText believes that multiple aspects of information security need to be considered for a broad, holistic approach and we are only just getting started with a security solution designed for large, complex businesses.
A smart place to start? Protect your devices with OpenText™ EnCase™, a 2017 Gartner market-leading EDR solution. Operating on a single unified agent architecture, EnCase has been deployed on over 40M endpoints worldwide. A winner of SC Magazine’s 5 Star Review, and the only forensic security solution in the market. The message is clear: as stated by our CEO at our recent Innovation Tour, “we have an endpoint responsibility – both on and offline, both employees and across trading partners”.
The foundation for most digital transformation initiatives will start and end with digital identities. OpenText™ Covisint is the leading identity and access management platform that manages the digital identities of everything within and connected to your business ecosystem. With over 25 million identities under management and four billion annual transactions, Covisint identity and access management is purpose-built specifically for large, complex ecosystems, is already operating at scale, and has over two thousand customers and more than 212,000 connected organizations already relying on this platform. Identities are central to how CISOs address users, data, trust and authentication.
And this cannot be a serious conversation without a world-class enterprise analytics engine. OpenText™ Magellan™ is built on an open foundation that integrates with your existing stack and leverages best-in-class open source components to keep costs reasonable while ensuring it can scale to the highest levels. One of the best aspects of Magellan is that you can “future proof” the platform for your needs as this market continues to grow and develop. Magellan is a flexible, AI-powered analytics platform that combines open source machine learning with advanced analytics, enterprise-grade business intelligence, and the capabilities to acquire, merge, manage and analyze Big Data and Big Content stored across the enterprise – an invaluable, necessary tool for information security.
There is so much more
This is just the start, of course, and there is much more to holistic enterprise security than can be covered in a few days at RSA or in a few paragraphs in this blog. If you have specific questions how OpenText Security would work for you (and I hope you have questions, you should, this is complex and important stuff) then please contact us today.