With RSA and AGC Partners’ Information Security and Tech Growth Conference around the corner, and another Fidelis Customer Advisory Board gathering about to commence, I have been thinking about what we at Fidelis have experienced over the last several months in a world where breaches and the discovery of new threats have become daily occurrences.
Will all of this cyber activity escalate further? I don’t know. But I do think what we are experiencing is the new normal. Fundamentally, what we have today is a security industry with a dizzying array of products and a lot of super smart people trying to match wits with sophisticated adversaries who are often supported by criminal organizations or nation-states. And I don’t think there is a winner in this battle. In fact, it feels more like the start of a never-ending war.
With this new state comes a new reality -- an adversary who wants to get in will find a way to do it, eventually. This means it’s no longer just about preventing an organization from being attacked. Prevention efforts should and will continue, but the spotlight has shifted to the speed of detection, containment, response and recovery. Customers have come around to this – they are rebalancing IT security spend with increased investment in comprehensive monitoring, incident response and remediation. The investment community has voiced its understanding of this need as well, as evidenced by the money flowing to new companies with this focus, and the increase in M&A activity as companies whose solutions are primarily for keeping threats out of the network expand their portfolios.
Think of it this way. Only a short time ago, enterprises were looking to build the highest wall or the widest moat. Today, security posture is measured in the ability to minimize the time an advanced threat has to move about inside the network undetected, minimize what it is able to steal, and remediate for the next attempted intrusion.
I know this is going to be the main topic of conversation among our Customer Advisory Board this weekend, and I expect we’re going to hear a lot more about this at RSA. I also think we’re going to be seeing more industry moves aimed at minimizing the time from breach to detection to recovery.
Eighteen months ago we joined forces with General Dynamics for exactly this purpose. We already had many years under our belt helping companies and federal agencies thwart very stealthy, very complex cyberattacks. And it was clear to us that the tighter we could make the connection between our technology that could discover malware, viruses and other advanced threats, breach services and threat intelligence, the faster we could help customers move from detection of an attack to incident response, forensic investigation and, ultimately remediation and recovery. We made this vision a reality when we became General Dynamics Fidelis Cybersecurity Solutions.
Since then, we have witnessed the sheer power that results from the tight coupling of technology, services and a team of people who, after more than 3,500 breach investigations, have essentially seen it all. And the value to our customers is clear – we bring everything required to discover threats that may have infiltrated their network, to watch a threat’s movement to determine its purpose and origination, to keep the threat from taking critical information if it has already seized the target, and to ensure the least amount of information is removed the threat is already in the process of taking it.
‘Time is of the essence’ might be a cliché, but I would argue it has become one of the most important aspects in mounting a strong defense against advanced threats. And our experience has proven that the best way to beat the clock (or in this case, the adversary) is to augment technology that provides comprehensive visibility with people who really understand threats and who really understand networks.
I’m very much looking forward to the next 10 days, and all of the conversations I will be privileged to have with the great thought leaders in the security space – and you can certainly expect me to share my perspective on the discussions.