Cybersecurity transformation is here, accelerating to the cloud for a post-pandemic world. A new era where businesses are less constrained by traditional network infrastructures and the edge is everywhere and everyone. Join Forcepoint CEO Manny Rivelo for insights into today’s emerging Unbound Enterprise that pushes controls to the user, understands the edge and thrives across diverse ecosystems.
- Hello and welcome to this fireside chat with Forcepoint CEO, Manny Rivelo. My name is Georgie Barrat, I'm a UK tech journalist and broadcaster, and today we're gonna really dig in to what the next era of cybersecurity looks like and how it will require a new way of thinking. We are calling it the unbound enterprise and Manny is here to deconstruct exactly what that means and what it's going to look like. Manny, a very warm welcome to you.
- Good to see you, Georgie. It's a pleasure being here with you today.
- Now this past year has really been eye-opening when it comes to cybersecurity. We've been navigating through such uncharted territory, but when it comes to cyber attacks specifically, some of the scale and aggression of them has just been unprecedented. I'd love to know from your perspective, how do you think the pandemic has really shone a spotlight on cybersecurity?
- Well, look, it's a fabulous question because we've gone through so much change over the course of the last 15 months or so. But the change that we're going through is really an acceleration. If you think about it over the last decade, the industry's been going through this digital transformation. The mobility movement has been afoot. Since the smartphone came out, more and more users have been untethered to the office, right? As they travel, they have access to their business applications, to their email, et cetera. The movement to applications in the cloud, whether we're using applications like salesforce.com or Workday as an example or SAP HANA has been afoot for a long time. The pandemic has really put that into warp speed because not only were we mobile some of the time, now we're mobile all the time. We're just in an environment where everybody is working from a different place that they work in the classic environment and they're accessing applications still on-prem or in the cloud or somewhere else. And really what that constitute is the classic perimeter, that office perimeter that we had to secure has completely changed. You could argue it's dead, right? And there needs to be a new perimeter that needs to get brought inside of the environment. And the amazing thing is when you see these changes in the industries, the hackers are always trying to stay one step ahead. They're always trying to exploit something in the change of the environment. And boy, have we seen a lot of change from the hacker community over the course of the last year. I'll give you some simple stats. Last year, there was about 46,000 phishing sites that were brought up per week going after the organization. That's unbelievable. And you're seeing ransomware attacks, like Acer had a ransomware attack of $50 million. But it's not just these big enterprises that are getting attacked. I'll tell you a personal story. I have a friend who called me approximately a month ago. They're a plastic surgeon. They're a very well-renowned plastic surgeon. He called me up because he's panicked that in his industry people are stealing the before/after pictures, the hackers are going after that and exfiltrating money out of organizations by stealing those before/after pictures. So it's not an enterprise problem. It is a broad problem in the industry. And the reality is to get in front of this problem, we have to think about it differently. We have a new perimeter that's closer to the edge, closer to where the user is, that we need to address as an overall industry.
- And while there has been sort of an increase in the number of threats, it also has been a very dynamic time for the cybersecurity industry, hasn't it?
- It has. I mean, like I said, the world is now, where's the user? The user's everywhere. Where are the applications? The applications are everywhere. There's gonna be a new norm. I think that norm will be a mixed norm. There's no question that they'll be individuals in the office, they'll be individuals working from home. Corporations have figured out how to be much more dynamic and productive in this world. And by the way, users are demanding it too. So the concept of how we need to position ourselves to be able to defend that environment is critical, and it truly is, because if we're gonna continue to digitize the world, the concept of cyber being in that world is key. We call this new world the unbound enterprise. It is the possibility of your applications being anywhere and your services being anywhere, right? So it is something that as an industry we got to wrap our hands around and be able to provide solutions for.
- So you say that this new era awaits, the era of the unbound enterprise. I think where many organizations struggle on their security journey is just having that clarity of their desired endpoint. You know, where do they actually want to get to? I would love to know sort of what's your utopian vision of how security should work? What transformations are we really starting to see in cyber?
- Yeah, it's a good question. So think about if I was to paint what's the utopian vision, it is one where we talk to our customers where they say I'm gonna have users on-prem, I'm gonna have users working from hotels, home, some are working actually from customer's environments, their environments, and I need to be able to provide the right set of security services. And by the way, a user is using applications that could be inside their private data center or inside the cloud. So how do I provide that framework with unified policy? So this concept of hybrid is very real still. I know we all talk about cloud first. There's no question that the growth is in cloud, but the concept of being able to provide a security framework that's hybrid is very real. And how you stitch the right services at the right place at the right time for the best user experience becomes very, very real. And we sometimes look at that and what we're trying to do is get left of a breach, left of a data exfiltration situation. What I mean by left is before it happens, how can we get there? And by the way, it's not an easy task, because if you just think about how fast the industry's moving, this digital transformation is being driven, there are over 100 million lines of new code annually that are being produced by enterprises and organizations out in the world. Every one of those can be a vulnerability breach that's out there. There's over 120 million malware variants that the hackers are bringing out that the security vendors need to kind of provide protection for it. And if you look at the stats, it says that by 2023, there'll be three times the number of endpoints. So that's more endpoints accessing more applications with more code, more points of attack. The attack surface is increasing. We have to get much better at that. One of the components that we're very excited about that we think is a critical component is how do you understand the behavior of a user? So it's not only how do I provide these services, these security services, but the security services classically have been a white list black list approach. It's either good to do something or it's bad to do something. The reality is you also need to understand the intent of a user, and what I mean by the intent of a user is what is the user doing? Users could be doing things unintentionally that could be malicious inside your environment, that could create a breach of some kind, that could create data exfiltration, or they might be actually trying to do that, right? So understanding the behavior and the intent of a user is critical, and if you could understand that and provide that context with the rest of the security services, you have better efficacy to be able to defend that situation and get left of that breach, get left of that exfiltration.
- And you have already touched upon the hybrid model, but would the same system be in place if organizations have a foot in the cloud and have a foot in the data center environment? What's the best path forward for them?
- We're gonna see this hybrid world. The key is how you orchestrate around that hybrid world. And to orchestrate around that hybrid world, the most important thing is that you don't have a two-headed policy, that you don't have a solution for your on-prem, a set of security solutions for your on-prem and a set of security solutions for the cloud. Because what ends up happening is then you have two management systems that you need to manage two different sets of infrastructure and two policies that you have to keep synchronized. It's important, Georgie, if you're in the office, that the policies that you're granted be very similar potentially in the policies that if you're traveling. They may vary a little bit, but they should be similar. It shouldn't be two systems, two organizations managing that. So the hybrid world needs the same security, whether you're on-prem or in the cloud, but the policy frame has to be integrated to make it simpler to do that as we move forward. So it obviously is a little bit more complex because we're bringing the legacy environment and the new, if you will, cloud environment and blending them together through common policy.
- Absolutely, and I mean ultimately, I guess, sort of the vision is using this risk adaptive security platform to really allow, to get into that proactive security rather than reactive security that you were speaking about.
- Yeah, absolutely. Look, it's a game changer. I'll give you a couple of examples. So as the CEO of Forcepoint, I'm entitled to see a lot of information. Let's say, for example, that I'm accessing that data and I'm doing something like I'm doing screen captures of that data. That may not be that out of the normal if I did that every day. The system should know you're behaving or not behaving in a normal pattern. But let's say I capture the whole customer record, every one of our customers through 1,000 screen captures, and my risk score should probably go up a little bit. It should raise a flag that this is not a normal behavior for Manny. And now let's say that I take that and I put it into a folder and I call it Manny's Best Hits, right? That may raise the risk score a little bit more. And then I take that folder and I encrypt that folder. As I'm doing that, the context of what I'm actually doing is out of the normal behavior. How do you apply that through the security policies you have and the security services you have to potentially restrict it or at minimum notify somebody? And if you could restrict it and actually automate the action, like what if I try to move that file now out to my box folder or my Microsoft folder out there? I may want to block that information and pick up a message on the screen saying not permitted. So this concept of being proactive and understanding the behavior of a user and the intent of a user with the security services allows you to provide more context and the results of that provide better policy.
- Absolutely. And these changes that you speak about are really exciting. I guess the bigger question is actually who is leading this transformation? Do you think there's actually an opportunity here for the industry to come together a little bit more to sort of forge that path forward?
- Yeah. The industry does need to come together, there's no question about that. Think about the challenges the customers have. No matter what customer you talk to, they will tell you they had 50, sometimes up to 100 security vendors. And they're trying to stich them together to create a security framework that's evolving at a very fast pace because the digital transformation is changing at a very fast pace and the attack surface is changing at a very fast pace. So it's a daunting task. We've been seeing in the industry for the last five years to a decade is the concept of bringing in those services, those security services, more into a unified platform. And obviously as a vendor, you could create that platform, but open it up through a set of APIs to let the partnership, the rest of the security ecosystem work with you to create a better framework. And we're seeing that. The most recent example of that is what we call, or the industry Gartner has coined as SASE, secure access services edge, which is predominantly an architecture. It's not a product, it's an architecture, how you stitch the services together in a much more dynamic way and how you can create that architecture to provide security services for this movement, this mobility, work from home cloud movement and be able to secure that environment and those traffic patterns like you did in the classic perimeter days. So yeah, it is something that is critical and it is accelerating inside the industry and something we need to do a better job all together at. We're excited about the opportunity. As we look at platforms we're building, we're trying to make sure that they're open and enable the ecosystem to thrive.
- Absolutely, so it sort of fits within this ecosystem of multiple people working together. Well Manny, that almost brings us to the end of this fireside chat. Have you any final thoughts you'd like to leave the audience at home with?
- Well, the most important thing is that I think we're in a journey here, right? And we refer to this as the unbound enterprise because we believe that it's gonna continue to unravel as we move forward. The industry is, there's no question about it, there's this digital transformation that's occurring. If you don't participate in it and the enhancements that are happening in that digital transformation, with things like machine learning and AI that are coming that are gonna continue to advance the way we do business and the way we interact among users and among users to business, B2B, B2C type of environments. It's important that people bring their security frameworks forward to be able to participate in this unleashing, if you will, of this unbound enterprise. Without it, you will get left behind because you won't have the technology innovation, and without the security being coupled to it, the cybersecurity that's required, you have the possibility of getting exposed or hacked or attacked, which has equal impact as an organization. So we're super excited at Forcepoint at what we're bringing to market and how the industry is developing to be able to really address the needs of the future and address the needs of this unbound enterprise.
- It really is such an exciting and dynamic time. And I think as you rightly said, if the industry can pull together to create this ecosystem that really empowers businesses instead of hindering them, then that's such an exciting thing because ultimately, as you said, cybersecurity is the key to giving businesses that competitive edge, that we'll really see they'll not only survive, but thrive. Manny, thank you so much for joining us today.
- Thank you, Georgie, pleasure being here.
- Well, thank you also to you at home for joining us. And if you'd like to continue any of these discussions or if you just wanna stay in touch, then you can find us over on Twitter. Our handles are @ForcepointSEC and @GeorgieBarrat. It's been such a pleasure to host this fireside chat and I hope you enjoy the rest of your time here at RSAC 2021.
Security Strategy & Architecture Technology Infrastructure & Operations
network security infrastructure security
Share With Your Community