Forcepoint, one of the best startup security focused I met, presented its concepts at TFD16 in Austin. Richard Ford, Chief Scientist (one of the most “creative” Chiefs ever heard 😉) stated this: Security has failed.
Actually, traditional one has. The tasks performed by an AV, a.e., is to divide good and bad things. But what about all that’s in the middle? It’s much more than the sum of good and bad, some sort of not so good, but not bad enough stuff.
In the awesome world of the cloud where build up a bunch of server is just a matter of providing a credit card instead of traditional Datacenter well-defended, oddly security is a very critical aspect.
He presented a graphic. Very few slides, but a very explicative graphic:
The evolution of security starts at a threat-centric position, where AV, FW and secure Web GW are the tools: any of them is focusing on the possible threat coming from the “bad guys” outside; moving to a data.centric environment, this means nomore walking beside the data guarding for any threat, but instead walking “through” the data to protect – this is the case of a NGFW, analysing the content, and email gateways protecting the environment before a threat could arrive inside.
Still in the same environment, but with a higher effectiveness there are DLP (data loss prevention) preventing any accidental leak of data and CASB (Cloud Access Security Broker) to be discussed further on. Last evolution, at the highest peak of effectiveness, is the risk adaptive: in this area UEBA (User Enhanced Behaviour Analysis) dominates. Invisible, it prioritizes actions, it doesn’t think for me, it just let me see clearer and points me which could threats collecting analytics on my behaviour.
Behaviour – so close to privacy: the point is that baking privacy into behaviour to protect identities is very important. Using behaviour for protection implies dealing with privacy.
In my opinion, the key for forcepoint to have success, is to find the right way to manage behaviour and privacy: the first without the second isn’t effective, viceversa – it’s invasive. A right balance, a kind of “security for security”.
All the tools before mentioned, from the AV to UEBA are provided by F.P. with a strong consideration on privacy, the so called “Human Point System”. And these tools shouldn’t be taken alone, the best efficiency is gained with all of them working together, as a chain of security.