By: Dylan James AVP, Nasdaq
Twitter: @spokedylan https://twitter.com/spokedylan
Dylan James: I’m here with Pedro Abreu, Chief Strategy Officer at ForeScout and Adam Bosnian, Executive VP of Global Business Development with CyberArk. Pedro, let’s just jump right into it: talk a little bit about your partnership with CyberArk and what that means to you, and then Adam we’d love to hear from you.
Pedro Abreu: ForeScout’s mission is to give companies visibility to everything they have in their network. But to really attribute value to that information that we’re getting, you need to be able to share with partners. This is one of the reasons we’ve been partnering with CyberArk. I would describe CyberArk as one of the most strategic relationships we have. It’s very symbiotic. Through ForeScout, companies can discover devices that have privileged credentials. CyberArk being the leading provider of privileged credential management, we are able to pass that information to CyberArk to take control of those devices. But in return, we can leverage all the credentials that CyberArk is currently managing for millions of devices out there and actually use that to be able to get visibility and management to all the devices that the company already knows they have. So, it’s a very symbiotic relationship, it’s something we’ve been working on for a couple years and it’s been pretty exciting.
Adam Bosnian: I couldn’t agree more with what Pedro just said. We feel very strongly that there’s no one approach, no one solution, no one vendor that solves today’s security problems. Never mind all those that we’re going to face in the future. We started our partnering program three years ago under the auspices of “security is a team game.” We wanted to put a call-to-action out into the vendor community and say we have a responsibility to work better together out of the box on day one and together with the vendors, as well as with the resellers and with the customers, we want to work together against our common enemy: the attacker. That’s what our slogan “security is a team game” is all about. And it’s one of the main reasons why I really value our relationship and the partnership that we have with ForeScout. CyberArk does privileged account security, managing the power access to all the most important applications, devices, solutions in the environment. But you can only secure that power access if you know that it exists. And that’s one of the key elements we’ve worked on together, where we do discovery on our own but we’re not a discovery company. By leveraging the discovery expertise and data that ForeScout has, we’re able to bring privileged account security wider and deeper in an organization. That really helps to secure that organization and puts a real value onto that “security is a team game” concept.
Dylan: What’s the one thing that organizations can do today to have a stronger security posture?
Adam: It’s going to sound a little canned, but know what you own. You have to know what you have. When you look at the breaches that happen out there, invariably it comes from a vector that the company wasn’t aware of. I didn’t know that web server was hooked up, I didn’t know that database existed. You need to know what you have. And the way you know what you have is you do constant discovery throughout that environment. Of everything within that environment. Not just that database, not just that application, but the cameras that are out there, the printers that are out there. What was the attack that happened recently? They used a temperature gauge in the casino to get entry into the casino. A temperature gauge for a fish tank! You need to know what’s on the network and then you need to secure it. So, discover, discover, discover.
Pedro: Absolutely. After you’ve laid the foundation, the next step you want to put in is the ability to start automating processes across different tools that you’ve invested in as your foundational tools in your environment. They shouldn’t be point-to-point integrations but true orchestrations across multiple tools that 1- help you discover the things faster, 2- share that information broadly with all the tools that customers are investing in in their environment and 3- accelerate the time to response. That response could be varied, it could be through us on the network taking the device out of the network, it could be through CyberArk by changing the credential privileges, it could be any other tools that we integrate with and build into the security fabric. So that’s the second layer on top of knowing what you have.
Dylan: Let’s talk a little bit about Artificial Intelligence (AI) and machine learning. We talk about that in my business, in the capital markets, and how it affects markets all over the world. But in cybersecurity, and what you’re thinking about from a strategy perspective, how does AI and machine learning come in to play?
Pedro: Following the financial markets, an analyst that said data is the new oil of the new economy. And machine learning was the new combustion engine. I really believe that. I think that’s transformational for the industries in general. If I focus on that analogy, I think ForeScout is the oil rig because artificial intelligence depends on high-quality data. Rich, contextual data. And that’s what ForeScout can bring to that equation: quality data that’s real-time, immediate, very contextual and very rich. We’re looking at AI with a lot of excitement. We’re applying it ourselves but we’re also going to partner with a lot of people who are applying those techniques. But they need the data to be able to do it efficiently.
Adam: To that point, I think the orchestration conversation and the machine learning/AI conversation go together. We have a perfect, strata analytics capability where we take in data from all over the place to try to understand what a privileged user is doing, identify if that privileged user is doing something anomalous, etc. So applying all those types of analytical tools to that. Once we find that, what we want to do is communicate that out to the other vendors, part of the “security is a team game.” One of the integrations we have with ForeScout is providing that to ForeScout so ForeScout can say, “Based on that, I’m going to take this device, or these devices, off the network.” CyberArk helps to find it, ForeScout is able to take it off, and now we’re able to move forward. It’s those two things together: find/fix/recover.
Dylan: That’s the future. Now let’s get in the “wayback” machine. If you were to look back 10 years, what’s the single biggest change, in your mind, in the cybersecurity industry?
Adam: Ten years ago, identity was an operational technology. How do I get someone up and running, easier, faster, better, and it was operational speed and efficiency? Security was firewalls and anti-virus. Today, identity and security are connected. You need to know who or what is doing what within that environment, figure out whether that makes sense or not, and take action. I think identity and security coming together is one of the biggest changes we’ve seen in the last 10 years.
Pedro: Ten years ago, there was no iPhone. There was no iPad. Companies thought they only needed to secure a device that their IT department bought, configured and gave to the user, and only allowed that user to use that device. Job done. The world has changed tremendously in 10 years. Today’s IoT devices are actually things you cannot manage using a traditional approach by adding a security agent to the device. A lot of today’s device security solutions have been built around the idea of placing an agent on the device. That’s not scalable, it doesn’t work in IoT, we need a new approach to that security. Agentless security is imperative. You’re trying to protect today’s evolved security landscape that didn’t exist 10 years ago.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.