Skip to content

Centrify’s New CEO Has A Compelling Vision For The Future Of Cybersecurity

Bottom Line: Flint Brenton’s vision for the future of Centrify and cybersecurity, in general, prioritizes the need for privileged access management to become core to the multi-cloud architectures and DevOps environments he sees pervading customers’ enterprises today.

Every new cybersecurity company CEO is writing their vision of the future by their decisions and the priorities they are based upon. From tech dominance to sales success, each CEO has their own long-term strategy and idea of what they and the company need to excel at to succeed.

Defining Cybersecurity As A Core Part Of DevOps

It is always fascinating to speak with new CEOs at cybersecurity companies and see what their vision for the company is after they’ve been there a few months. I recently had the opportunity to sit down and talk with Flint Brenton, who joined Centrify as President and CEO in July of this year. Flint leads the strategic direction and execution of the company’s vision drawing from an exceptional track record of accelerating growth through product innovation and sales execution. He recently served as president and CEO of CollabNet VersionOne, which pioneered the Value Stream Management market. He previously held president and CEO positions at AccelOps and Tidal Software and has successfully led engineering teams at NetIQ, Compaq, BMC Software, IBM and more.

Flint sees the needs of enterprise developers creating new apps using DevOps as pivotal to the future of Centrify, specifically and cybersecurity in general. A core part of those developers’ needs is securing privileged access management (PAM) in multi-cloud environments while supporting agile development. 

My interview with him provided five key insights into why cybersecurity will increasingly be defined by how well it can be incorporated into “DevSecOps,” and how Centrify’s vision for the future looks to capitalize on that demand and drive PAM into the DevOps pipeline to further automate built-in security practices:

  • Cybersecurity providers’ cloud-based architectural platforms will define the competitive landscape for the next several years in the industry. Since accepting the CEO role in July, Flint has been spending most of his time talking with customers to gain in-depth insights into their greatest challenges. He is hearing about the challenges customers face when attempting to make different cybersecurity vendors’ solutions work together and function in a multi-cloud architecture. “Having a clear architectural advantage where features can be added quickly is going to be key in cybersecurity for years to come,” he explained.
  • Any cybersecurity company’s vision needs to consider the speed at which infrastructure and workloads are moving from on-premise to the cloud – it’s faster than predicted. One of Centrify’s financial services customers in APAC is launching a virtual bank and wants the new venture to be entirely cloud-based. Like many Centrify customers, they are considering a multi-cloud architecture, including Amazon AWS, Google Cloud and Microsoft Azure. Flint explains they will need a security model and identity management controls that run in the cloud to accommodate their current and future computing plans. The FinTech is relying on Centrify to secure privileged access for administrators to its multi-cloud environment.
  • Viewing every enterprise customer as a software business first helps remove roadblocks to delivering more value faster. Cybersecurity companies need to consider how they can streamline DevOps and DevSecOps cycles by providing enterprise developers with new tools to integrate identity management efficiently. “The developer is now building identity management into apps and frequently those apps are built using container-based models and they are then deployed either into cloud, on-prem, or a combination of both,” Flint said.
  • Design in flexibility for the many different buying communities you’re trying to serve early on and continually monitor them to learn about what’s most valuable to them. DevOps leaders’ buying community is among the most self-sufficient, willing to download a trial, install it and buy it. Enterprise sales are more research and time-intensive. Flint observed that a company’s vision needs to encompass each buying community’s unique nature and be willing to extend platform-level features and DevOps tools if necessary.
  • Buy-in from the DevOps community will become increasingly important in cybersecurity in general and is a core part of Centrify’s vision. Prior to taking the helm at Centrify, Flint was the CEO of CollabNet VersionOne, where he helped define value stream management as a market standard. I asked him if he sees any parallels with value stream management’s success and the vision he has for Centrify. “The key with value stream management is to understand how developers wanted or needed to build software more successfully in the future. So you have to get the buy-in of the development community to include it in what they’re building, rather than making an appetite of adding it after it’s already been deployed. So I think that’s a major focus in the DevSecOps market. Make it part of what is built. Don’t allow it to become an afterthought,” Flint said. The future of cybersecurity will increasingly be defined by how easily Identity Access Management (IAM) and Privileged Access Management (PAM) can be designed at the beginning of DevOps and DevSecOps cycles.

Conclusion

What I find most compelling about his vision is how essential every person is to breaking apart complex cybersecurity problems and solving them. Flint’s vision of providing DevOps teams with the tools they need to design in identity access management is groundbreaking. No one is talking about design wins in this area of the market today.

Centrify is quickly turning into a company that actively seeks out their customers’ most difficult obstacles and uses them to challenge itself to grow and do excellent work. They are looking for cybersecurity leaders with cloud-based development skills, AI skills and automation skills who are up for the challenge.

83% Of Enterprises Transformed Their Cybersecurity In 2020

83% Of Enterprises Transformed Their Cybersecurity In 2020

  • 73% of enterprises (over 500 employees) accelerated their cloud migration plans to support the shift to remote working across their organizations due to the pandemic.
  • 81% of enterprises accelerated their IT modernization processes due to the pandemic.
  • 48% of all companies surveyed have accelerated their cloud migration plans, 49% have sped up their IT modernization plans because of Covid-19.
  • 32% of large-scale enterprises, over 500 employees, are implementing more automation using artificial intelligence-based tools this year.

These and many other insights are from a recent survey of IT leaders completed by CensusWide and sponsored by Centrify. The survey’s objectives on understanding how the dynamics of IT investments, operations and spending have shifted over the last six months. The study finds that the larger the enterprise, the more important it is to secure remote access to critical infrastructure to IT admin teams. Remote access and updating privacy policies and notices are two of the highest priorities for mid-size organizations to enterprises today. The methodology is based on interviews with 215 IT leaders located in the U.S.     

Key insights from the survey include the following:

  • The overwhelming majority of enterprises have transformed their cybersecurity approach over the last six months, with 83% of large-scale enterprises leading all organizations. It’s encouraging to see small and medium-sized businesses adjusting and improving their approach to cybersecurity. Reflecting how digitally-driven many small and medium businesses are, cybersecurity adjustments begin in organizations with 10 to 49 employees. 60% adjusted their cloud security postures as a result of distributed workforces. 

83% Of Enterprises Transformed Their Cybersecurity In 2020

  • 48% of all organizations had to accelerate cloud migration due to the pandemic, with larger enterprises leading the way. Enterprises with over 500 employees are the most likely to accelerate cloud migration plans due to the pandemic. 73.5% of enterprises with more than 500 employees accelerated cloud migration plans to support their employees’ remote working arrangements, leading all organization categories. This finding reflects how cloud-first the largest enterprises have become this year. It’s also consistent with many other surveys completed in 2020, reflecting how much the cloud has solidly won the enterprise. 
83% Of Enterprises Transformed Their Cybersecurity In 2020
  • 49% of all organizations and 81% of large-scale enterprises had to accelerate their IT modernization process due to the pandemic. For the largest enterprises, IT modernization equates to digitizing more processes using cloud-native services (59%), maintaining flexibility and security for a partially remote workforce (57%) and revisiting and adjusting their cybersecurity stacks (40%).
83% Of Enterprises Transformed Their Cybersecurity In 2020
  •  51% of enterprises with 500 employees or more are making remote, secure access their highest internal priority. In contrast, 27% of all organizations’ IT leaders say that providing secure, granular access to IT admin teams, outsourced IT and third-party vendors is a leading priority. The larger the enterprise, the more important remote access becomes. The survey also found organizations with 250 – 500 employees are most likely to purchase specific cybersecurity tools and applications to meet compliance requirements. 
83% Of Enterprises Transformed Their Cybersecurity In 2020

 

Conclusion & Wrap-Up  

IT leaders are quickly using the lessons learned from the pandemic as a crucible to strengthen cloud transformation and IT modernization strategies. One of every three IT leaders interviewed, 34%, say their budgets have increased during the pandemic. In large-scale enterprises with over 500 employees, 59% of IT leaders have seen their budgets increase.

All organizations are also keeping their IT staff in place. 63% saw little to no impact on their teams, indicating that the majority of organizations will have both the budget and resources to maintain or grow their cybersecurity programs. 25% of IT leaders indicated that their company plans to keep their entire workforce 100% remote.

It’s encouraging to see IT leaders getting the support they need to achieve their cloud transformation and IT modernization initiatives going into next year. With every size of organization spending on cybersecurity tools, protecting cloud infrastructures needs to be a priority. Controlling administrative access risk in the cloud and DevOps is an excellent place to start with a comprehensive, modern Privileged Access Management solution. Leaders in this field, including Centrify, whose cloud-native architecture and flexible deployment and management options, deliver deep expertise in securing cloud environments.

Absolute’s CEO Christy Wyatt On The Future Of Endpoint Security

Absolute's CEO Christy Wyatt On The Future Of Endpoint Security

Removing any doubt endpoints are resilient, self-healing and secure is what matters most to cybersecurity leaders today. It has become the highest priority across education, enterprise, financial services and government organizations in 2020 and beyond. At the same time, CIOs and CISOs are recognizing that endpoint complexity itself is a vulnerability. Absolute’s 2020 State of Endpoint Resilience Report​  finds there are now 10.2 agents per endpoint installed, up from 9.8. Add to this how quickly software agents degrade across thousands of remote devices and the size of the challenge becomes clear. 

Absolute’s approach to delivering unified endpoint security using their Endpoint Resilience platform that creates a permanent digital tether to every endpoint in the enterprise is getting noticed by CIOs and CISOs. IT leaders say Absolute’s ability to provide greater visibility and control is what they need. Interested in learning more about how Absolute is helping customers taking on the many challenges of protecting the proliferating number of endpoints today and how the company sees the future, I recently spoke with Christy Wyatt, CEO. (You can see my discussion with her last year here.)

Under her leadership, Absolute’s revenues, customer retention and Net Income continue to grow. Total revenue in Q4-FY2020 was $27.2M, representing a year-over-year increase of 7%. Annual revenue in FY2020 was $104.7M, representing an increase of 6% over F2019. Absolute also attained a 14% year-over-year increase in Enterprise and Government revenue making this segment 68% of Total ARR on June 30, 2020.

Christy is one of the most brilliant, insightful leaders in cybersecurity today and her perspective on the future of endpoint security makes for a fascinating discussion. The following is my interview with her:  

Louis: When you look back over the last eight months, which decisions and strategies do you see as being pivotal to Absolute’s growth and the fact that you accomplished so much, so quickly?

Christy: That’s a great question and the first thing that jumps to mind is our decision that Endpoint Resilience needs to be its own category. This was kind of a new thing. Many people talk about finding bad guys and the need for identity and access management.. there is a lot of use of the fear factor. And as an industry, we kept thinking of different ways devices could be compromised and we kept adding more security controls to solve those problems.

The thesis we arrived at, here at Absolute, is, “Listen, more isn’t always better. Making sure that things are actually working in there when you need them, that’s what is more important.” Because when you spend a lot of money on solutions, or when you tell your board or your CEO that you have a particular control and are now safe from a specific kind of risk… you need to go to sleep at night knowing that that’s in fact true. There needs to be a foundational belief that there is something solid to stand on when bad things happen.

And so, much of what we did this past year was really focused on quantifying that rate of decay because we believe that it is a painful problem organizations are having. I think that we are making traction and the insights we continue to publish on the state of Endpoint Resilience is really helping with that.

Louis: On your last earnings call, you talked about undeletable endpoint security and how it caught on in the education market. Did you change your go-to-market strategy this quarter to show you could scale an enterprise-wide deployment with teachers and administrators?

Christy: What’s important to remember is that we’ve been in business 20 years and that we started in education – as the one-to-one laptop initiatives for school kids were just getting underway. Those devices were very expensive and so that is the first problem we worked to solve. If somebody got their hands on a student’s device, how do you build a security platform that can survive anything that happens to that device? That was the original design premise all those years ago. And so, we have deep experience in things like scalability and solving problems for the education market.

What we’ve been seeing n the education market over the last couple of years has really been that, while technology has been an enabler for students, they weren’t necessarily thinking about teachers and administrators. So the challenge that they’ve grappled with over the last few months, notably with the accelerated shift to remote learning, is figuring out how to be both a digital and remote organization all at once. A lot of their processes were not yet online and not every single individual was connected.

Because we have a long-standing relationship with this community, we have a lot of expertise in the providing the scale and stability that they need. It was relatively intuitive for us to step and say, “Listen, these are things we can help you with. Here’s the bigger picture of things we could be helping you with, as you’re still figuring out distance learning and how to mobilize students.” Because we’ve also while serving education, we’ve also been serving banks and governments – and our enterprise business has been growing quite nicely over the years as well.

And I think we’re going to see that continue, because even as schools are contemplating sending children back to school, nobody knows whether this is a long-term or short-term. The new term I’ve started using is operational agility… and I think it applies to enterprise as well as it goes to education. I don’t think we ever again get to take for granted location and physical proximity to employees or students or devices. It has become a critical KPI for most organizations going forward.

Louis: Excellent point. And with regard to enterprise and government sectors growing 14% annually, what did you see in the eight months of this year that led to the double-digit growth in those markets?

Christy: Very few organizations had ever really contemplated the question, “What would happen if everybody had to be remote at a moment’s notice?” While our enterprise business has been experiencing double-digit growth for quite a while now, the onset of the pandemic really accelerated that growth. There has been a shift in thinking, that working remotely is not just for a smaller population of road warriors and sales reps and executives. I’ve spoken with many organizations that would say having a permanent digital connection to a device is really important for the people who are on airplanes and in a taxi cabs. But, I have a large percentage of my population that has a device that really they only use at work. Maybe it’s a laptop, maybe it’s a desktop – but either way, 99% of the time they are here. Or the times that they’re not here, they can VPN in. And I think that’s really become the challenge, that we can’t make that assumption anymore.

A lot of customers are rethinking all of that right now, as they’re seeing that being a remote, digitally-led organization can actually fit within their business model. If they give employees the flexibility to do what they love, where they want to do it, they’ll have an edge. While this is something that’s been forced on us, as with many things, the more you practice, the better you get… and then at some point, it becomes a part of the company’s DNA. And you learn to trust that you’re going to be safe and secure, your data and your employees are going to be just fine, because you don’t lose connection with them just because you can’t see them.

Louis: I think trust is an accelerator and Absolute’s success with endpoint security shows how to enable it at scale across organizations. Now with 13,000 customers, Absolute’s approach to building trust is working well.

On the earnings call you gave guidance of $112M to $118M with between 7% to 13% growth defined by how accounting transactions are handled. Underneath those figures, what’s the customer segment or what’s the geographic segment that you believe will be the primary catalyst for that revenue growth?

Christy: Perhaps a bit unusually for company our size, a large percentage of our revenue is actually North America-based. Our international markets have been some of the fastest growing segments for us. Our ecosystem of partners that we support – notably, the large PC and device manufacturers and their indirect channels – most of those are global entities and would like to support their customers in the same way internationally that they support them in North America. So one big focus for us is doing more selling and marketing globally, to meet this need.

I think the other big catalyst is going to be this shift to Resilience. We have a lot of customers who still rely on us for making sure they’re always connected to their devices and able to take preventative action – such as selectively wiping images or freezing a device, or geo-fencing a device from specific locations. While that’s certainly a critical set of capabilities, because we’re sitting in the hardware and sort of looking up at the software, we can help with this concept of self-healing. We can make sure that the critical controls you care about are truly working and protecting your employees.

A lot of the conversations we’re having, especially with new customers, are really focused on these capabilities. It’s not just, “How do I make sure I always know where my things are and that I can take action on them no matter where they are?” Instead, it’s “how do I use automated workflows to remediate risk? How do I have devices fix themselves so that my IT people don’t have to drown and help those calls?”

This concept of persistence and true self-healing that’s rooted in the hardware, I think is really, really powerful.. and the value of that really starts to become apparent when we’re in a world that looks like this. So I think those are some big focus areas for us as we go in the next year.

Louis: I like that one point you made on the earnings call about intelligence efforts, providing more data in a more interactive way for customers. I thought that that was really insightful and I think relevant to what you’ve been saying throughout our discussion. How do you help customers see themselves in a new way with new metrics, more interactively, more intuitively with greater insight?

Christy:  It’s a different view for us and it’s something I’m very excited about. When it comes to a new product, I focus on, “What’s the question the customer’s going to be asking? What’s the problem they’re trying to solve?” And from there, “How do I package that up neatly so that they click on a button and get a report and it solves all of their problems?” But that’s not the world we live in today, especially when you have so many moving parts and things are continuously changing.

So it’s a different design philosophy when we say to the team, “You actually have no idea what question the customer is going to ask. Your job is to create tools that allow them to ask any question they have and then help them define the answer, either using our tool or using our data in some other tool.” At the end of the day, that’s how they get closer to the truth about what’s going on within their organization… and how they gain the ability to make better decisions.

Louis: Absolutely, that’s key to creating a culture that can continues to innovate and with Absolute’s focus on helping customers attain greater autonomous endpoint resiliency, it’s proving to be a strong catalyst for future growth too.

What’s New In Gartner’s Hype Cycle For AI, 2020

What's New In Gartner's Hype Cycle For AI, 2020
AI is starting to deliver on its potential and its benefits for businesses are becoming a reality.

  • 47% of artificial intelligence (AI) investments were unchanged since the start of the pandemic and 30% of organizations plan to increase their AI investments, according to a recent Gartner poll.
  • 30% of CEOs own AI initiatives in their organizations and regularly redefine resources, reporting structures and systems to ensure success.
  • AI projects continue to accelerate this year in healthcare, bioscience, manufacturing, financial services and supply chain sectors despite greater economic & social uncertainty.
  • Five new technology categories are included in this year’s Hype Cycle for AI, including small data, generative AI, composite AI, responsible AI and things as customers.

These and many other new insights are from the Gartner Hype Cycle for Artificial Intelligence, 2020, published on July 27th of this year and provided in the recent article, 2 Megatrends Dominate the Gartner Hype Cycle for Artificial Intelligence, 2020.  Two dominant themes emerge from the combination of 30 diverse AI technologies in this year’s Hype Cycle. The first theme is the democratization or broader adoption of AI across organizations. The greater the democratization of AI, the greater the importance of developers and DevOps to create enterprise-grade applications. The second theme is the industrialization of AI platforms. Reusability, scalability, safety and responsible use of AI and AI governance are the catalysts contributing to the second theme.  The Gartner Hype Cycle for Artificial Intelligence, 2020, is shown below:

What's New In Gartner's Hype Cycle For AI, 2020
Smarter with Gartner, 2 Megatrends Dominate the Gartner Hype Cycle for Artificial Intelligence, 2020.

Details Of What’s New In Gartner’s Hype Cycle for Artificial Intelligence, 2020

  • Chatbots are projected to see over a 100% increase in their adoption rates in the next two to five years and are the leading AI use cases in enterprises today.  Gartner revised the bots’ penetration rate from a range of 5% to 20% last year to 20% to 50% this year. Gartner points to chatbot’s successful adoption as the face of AI today and the technology’s contributions to streamlining automated, touchless customer interactions aimed at keeping customers and employees safe. Bot vendors to watch include Amazon Web Services (AWS), Cognigy, Google, IBM, Microsoft, NTT DOCOMO, Oracle, Rasa and Rulai.
  • GPU Accelerators are the nearest-term technology to mainstream adoption and are predicted to deliver a high level of benefit according to Gartner’s’ Priority Matrix for AI, 2020. Gartner predicts GPU Accelerators will see a 100% improvement in adoption in two to five years, increasing from 5% to 20% adoption last year to 20% to 50% this year. Gartner advises its clients that GPU-accelerated Computing can deliver extreme performance for highly parallel compute-intensive workloads in HPC, DNN training and inferencing. GPU computing is also available as a cloud service. According to the Hype Cycle, it may be economical for applications where utilization is low, but the urgency of completion is high.
  • AI-based minimum viable products and accelerated AI development cycles are replacing pilot projects due to the pandemic across Gartner’s client base. Before the pandemic, pilot projects’ success or failure was, for the most part, dependent on if a project had an executive sponsor and how much influence they had. Gartner clients are wisely moving to minimum viable product and accelerating AI development to get results quickly in the pandemic. Gartner recommends projects involving Natural Language Processing (NLP), machine learning, chatbots and computer vision to be prioritized above other AI initiatives. They’re also recommending organizations look at insight engines’ potential to deliver value across a business.
  • Artificial General Intelligence (AGI) lacks commercial viability today and organizations need to focus instead on more narrowly focused AI use cases to get results for their business. Gartner warns there’s a lot of hype surrounding AGI and organizations would be best to ignore vendors’ claims of having commercial-grade products or platforms ready today with this technology. A better AI deployment strategy is to consider the full scope of technologies on the Hype Cycle and choose those delivering proven financial value to the organizations adopting them.
  • Small Data is now a category in the Hype Cycle for AI for the first time. Gartner defines this technology as a series of techniques that enable organizations to manage production models that are more resilient and adapt to major world events like the pandemic or future disruptions. These techniques are ideal for AI problems where there are no big datasets available.
  • Generative AI is the second new technology category added to this year’s Hype Cycle for the first time. It’s defined as various machine learning (ML) methods that learn a representation of artifacts from the data and generate brand-new, completely original, realistic artifacts that preserve a likeness to the training data, not repeat it.
  • Gartner sees potential for Composite AI helping its enterprise clients and has included it as the third new category in this year’s Hype Cycle. Composite AI refers to the combined application of different AI techniques to improve learning efficiency, increase the level of “common sense,” and ultimately to much more efficiently solve a wider range of business problems.
  • Concentrating on the ethical and social aspects of AI, Gartner recently defined the category Responsible AI as an umbrella term that’s included as the fourth category in the Hype Cycle for AI. Responsible AI is defined as a strategic term that encompasses the many aspects of making the right business and ethical choices when adopting AI that organizations often address independently. These include business and societal value, risk, trust, transparency, fairness, bias mitigation, explainability, accountability, safety, privacy and regulatory compliance.
  • The exponential gains in accuracy, price/performance, low power consumption and Internet of Things sensors that collect AI model data have to lead to a new category called Things as Customers, as the fifth new category this year.  Gartner defines things as Customers as a smart device or machine or that obtains goods or services in exchange for payment. Examples include virtual personal assistants, smart appliances, connected cars and IoT-enabled factory equipment.
  • Thirteen technologies have either been removed, re-classified, or moved to other Hype Cycles compared to last year.  Gartner has chosen to remove VPA-enabled wireless speakers from all Hype Cycles this year. AI developer toolkits are now part of the AI developer and teaching kits category. AI PaaS is now part of AI cloud services. Gartner chose to move AI-related C&SI services, AutoML, Explainable AI (also now part of the Responsible AI category in 2020), graph analytics and Reinforcement Learning to the Hype Cycle for Data Science and Machine Learning, 2020. Conversational User Interfaces, Speech Recognition and Virtual Assistants are now part of the Hype Cycle for Natural Language Technologies, 2020. Gartner has also chosen to move Quantum computing to the Hype Cycle for Compute Infrastructure, 2020. Robotic process automation software is now removed from the Hype Cycle for AI, as Gartner mentions the technology in several other Hype Cycles.

How An AI Platform Is Matching Employees And Opportunities

How An AI Platform Is Matching Employees And Opportunities

Instead of relying on data-driven signals of past accomplishments, Eightfold.ai is using AI to discover the innate capabilities of people and matching them to new opportunities in their own companies.

Bottom Line: Eightfold.ai’s innovative approach of combining their own AI and virtual hackathons to create and launch new additions to their Project Marketplace rapidly is a model enterprises need to consider emulating.

Eightfold.ai was founded with the mission that there is a right career for everyone in the world. Since its founding in 2016, Eightfold.ai’s Talent Intelligence Platform continues to see rapid global growth, attracting customers across four continents and 25 countries, supporting 15 languages with users in 110 countries. Their Talent Intelligence Platform is built to assist enterprises with Talent Acquisition and Management holistically.

What’s noteworthy about Eightfold.ai’s approach is how they have successfully created a platform that aggregates all available data on people across an enterprise – from applicants to alumni – to create a comprehensive Talent Network. Instead of relying on data-driven signals of past accomplishments, Eightfold.ai is using AI to discover the innate capabilities of people and matching them to new opportunities in their own companies. Eightfold’s AI and machine learning algorithms are continuously learning from enterprise and individual performance to better predict role, performance and career options for employees based on capabilities.

How Eightfold Sets A Quick Pace Innovating Their Marketplace

Recently Eightfold.ai announced Project Marketplace, an AI-based solution for enterprises that align employees seeking new opportunities and companies’ need to reskill and upskill their employees with capabilities that line up well with new business imperatives. Eightfold wanted to provide employees with opportunities to gain new skills through experiential learning, network with their colleagues, join project teams and also attain the satisfaction of helping flatten the unemployment curve outside. Project Marketplace helps employers find hidden talent, improve retention strategies and gain new knowledge of who has specific capabilities and skills. The following is a screen from the Marketplace that provides employees the flexibility of browsing all projects their unique capabilities qualify them for:

How An AI Platform Is Matching Employees And Opportunities

Employees select a project of interest and are immediately shown how strong of a match they are with the open position. Eightfold provides insights into relevant skills that an employee already has, why they are a strong match and the rest of the project team members – often a carrot in itself. Keeping focused on expanding employee’s capabilities, Eightfold also provides guidance of which skills an employee will learn. The following is an example of what an open project positions looks like:

How An AI Platform Is Matching Employees And Opportunities

How An AI Platform Is Matching Employees And Opportunities

Employee applicants can also view all the projects they currently have open from the My Projects view shown below:

How An AI Platform Is Matching Employees And Opportunities

Project Marketplace is the win/win every employee has yearned for as they start to feel less challenged in their current position and start looking for a new one, often outside their companies. I recently spoke with Ashutosh Garg, CEO and Co-Founder and Kamal Ahluwalia, Eightfold’s President, to see how they successfully ran a virtual hackathon across three continents to keep the Marketplace platform fresh with new features and responsive to the market.

How to Run A Virtual Hackathon

Starting with the hackathon, Eightfold relied on its own Talent Intelligence Platform to define the teams across all three continents, based on their employees’ combined mix of capabilities. Ashutosh, Kamal and the senior management team defined three goals of the hackathon:

  1. Solve problems customers are asking about with solutions that are not on the roadmap yet.
  2. Accelerate time to value for customers with new approaches no one has thought of before.
  3. Find new features and unique strengths that further strengthen the company’s mission of finding the right career for everyone in the world.

It’s fascinating to see how AI, cybersecurity and revenue management software companies continue to innovate at a fast pace delivering complex apps with everyone being remote. I asked Ashutosh how he and his management team approached the challenge of having a hackathon spanning three continents deliver results. Here’s what I learned from our discussion and these lessons are directly applicable to any virtual hackathon today:

  1. Define the hackathon’s purpose clearly and link it to the company mission, explaining what’s at stake for customers, employees and the millions of people looking for work today – all served by the Talent Intelligence Platform broadening its base of features.
  2. Realize that what you are building during the hackathon will help set some employees free from stagnating skills allowing them to be more employable with their new capabilities.
  3. The hackathon is a chance to master new skills through experiential learning, further strengthening their capabilities as well. And often learning from some of the experts in the company by joining their teams.
  4. Reward risk-taking and new innovative ideas that initially appear to be edge cases, but can potentially be game changers for customers.

I’ve been interviewing CEOs from startups to established enterprise software companies about how they kept innovation alive during the lockdown. CEOs have mentioned agile development, extensive use of Slack channels and daily virtual stand-ups. Ashutosh Garg is the only one to mention how putting intrinsic motivation into practice, along with these core techniques, binds hackathon teams together fast. Dan Pink’s classic TED Talk, The Puzzle of Motivation, explains intrinsic motivators briefly and it’s clear they have implications on a hackathon succeeding or not.

Measuring Results Of the Hackathon

Within a weekend, Project Marketplace revealed several new rock stars amongst the Eightfold hackathon teams. Instead of doing side projects for people who had time on their hands, this Hackathon was about making Eightfold’s everyday projects better and faster. Their best Engineers and Services team members took a step back, re-looked at the current approaches and competed with each other to find better and innovative ways. And they all voted for the most popular projects and solutions – ultimate reward in gaining the respect of your peers. As well as the most “prolific coder” for those who couldn’t resist working on multiple teams.

Conclusion

Remote work is creating daunting challenges for individuals at home as well as for companies. Business models need to change and innovation cannot take a back seat while most companies have employees working from home for the foreseeable future. Running a hackathon during a global lockdown and making it deliver valuable new insights and features that benefit customers now is achievable as Eightfold’s track record shows. Project marketplace may prove to be a useful ally for employees and companies looking to stay true to their mission and help each other grow – even in a pandemic. This will create better job security, a culture of continuous learning, loyalty and more jobs. AI will change how we look at our work – and this is a great example of inspiring innovation.

 

What’s New In Gartner’s Hype Cycle For Endpoint Security, 2020

What’s New In Gartner’s Hype Cycle For Endpoint Security, 2020

  • Remote working’s rapid growth is making endpoint security an urgent priority for all organizations today.
  • Cloud-first deployment strategies dominate the innovations on this year’s Hype Cycle for Endpoint Security.
  • Zero Trust Security (ZTNA) is gaining adoption in enterprises who realize identities are the new security perimeter of their business.
  • By 2024, at least 40% of enterprises will have strategies for adopting Secure Access Service Edge (SASE) up from less than 1% at year-end 2018.

These and many other new insights are from Gartner Hype Cycle for Endpoint Security, 2020 published earlier this year and the recent announcement, Gartner Says Bring Your Own PC Security Will Transform Businesses within the Next Five Years. Gartner’s definition of Hype Cycles includes five phases of a technology’s lifecycle and is explained here.  There are 20 technologies on this year’s Hype Cycle for Endpoint Security. The proliferation of endpoint attacks, the rapid surge in remote working, ransomware, fileless and phishing attacks are together, creating new opportunities for vendors to fast-track innovation. Cloud has become the platform of choice for organizations adopting endpoint security today, as evidenced by the Hype Cycle’s many references to cloud-first deployment strategies.  The Gartner Hype Cycle for Endpoint Security, 2020, is shown below:

What’s New In Gartner’s Hype Cycle For Endpoint Security, 2020

 

Details Of What’s New In Gartner’s Hype Cycle for Endpoint Security, 2020

  • Five technologies are on the Hype Cycle for the first time reflecting remote working’s rapid growth and the growing severity and sophistication of endpoint attacks. Unified Endpoint Security, Extended Detection and Response, Business E-Mail Compromise Protection, BYOPC Security and Secure Access Service Edge (SASE) are the five technologies added this year. Many organizations are grappling with how to equip their remote workforces with systems, devices and smartphones, with many reverting to have employees use their own. Bring your PC (BYOPC) has become so dominant so fast that Gartner replaced BYOD on this year’s Hype Cycle with the new term. Gartner sees BYOPC as one of the most vulnerable threat surfaces every business has today. Employees’ devices accessing valuable data and applications continues to accelerate without safeguards in place across many organizations.
  • Extended detection and response (XDR) are on the Hype Cycle for the first time, reflecting the trend of vendor consolidation across cybersecurity spending today. Gartner defines XDR as a vendor-specific, threat detection and incident response tool that unifies multiple security products into a security operations system. XDR and its potential to reduce the total cost and complexity of cybersecurity infrastructures is a dominant theme throughout this year’s Hype Cycle. XDR vendors are claiming that their integrated portfolios of detection and response applications deliver greater accuracy and prevention than stand-alone systems, driving down Total Cost of Ownership (TCO) and increasing productivity. Key vendors in XDR include Cisco, FireEye, Fortinet, McAfee, Microsoft, Palo Alto Networks, Sophos, Symantec and Trend Micro.
  • Business email compromise (BEC) protection is on the Hype Cycle for the first time this year. Phishing attacks cost businesses $1.8B in 2019, according to the FBI, underscoring the need for better security in the area of business email. Gartner defines business email compromise (BEC) protection as a series of solutions that detect and filter malicious emails that fraudulently impersonate business associates to misdirect funds or data. There have been many instances of business email compromise attacks focused on C-level executives, hoping that a fraudulent directive from them to subordinates leads to thousands of dollars being transferred to outside accounts or being sent in gift cards. Gartner found that fraudulent invoices accounted for 39% of such attacks in 2018, posing an internal risk to organizations and reputation risk.
  • Unified Endpoint Security (UES) is being driven by IT organizations’ demand for having a single security console for all security events. Gartner notes that successful vendors in UES will be those that can demonstrate significant productivity gains from the integration of security and operations and those that can rapidly process large amounts of data to detect previously unknown threats. CIOs and CISOs are looking for a way to integrate UES and Unified Endpoint Management (UEM), so their teams can have a single, comprehensive real-time console of all devices that provides alerts of any security events. The goal is to adjust security policies across all devices. Absolute’s approach to leveraging their unique persistence, resilience and intelligence capabilities are worth watching. Their approach delivers unified endpoint security by relying on their Endpoint Resilience platform that includes a permanent digital tether to every endpoint in the enterprise. By having an undeletable digital thread to every device, Absolute is enabling self-healing, greater visibility and control. Based on conversations with their customers in Education and Healthcare, Absolute’s unique approach gives IT complete visibility into where every device is at all times and what each device configuration looks like in real-time.
  • Unified Endpoint Management (UEM) is expanding rapidly beyond managing PCs and mobile devices to provide greater insights from endpoint analytics and deeper integration Identity and Access Management. Gartner notes interest in UEM remains strong and use-case-driven across their client base. UEM’s many benefits, including streamlining continuous OS updates across multiple mobile platforms, enabling device management regardless of the connection and having an architecture capable of supporting a wide range of devices and operating systems are why enterprises are looking to expand their adoption of UEM. Another major benefit enterprises mention is automating Internet-based patching, policy, configuration management. UEM leaders include MobileIron, whose platform reflects industry leadership with its advanced unified endpoint management (UEM) capabilities. MobileIron provides customers with additional security solutions integrated to their UEM platform, including passwordless multi-factor authentication (Zero Sign-On) and mobile threat defense (MTD). MTD is noteworthy for its success at MobileIron customers who need to validate devices at scale, establish user context, verify network connections, then detect and remediate threats.
  •  Gartner says ten technologies were either removed or replaced in the Hype Cycle because they’ve evolved into features of broader technologies or have developed into tools that address more than security. The ten technologies include protected browsers, DLP for mobile devices, managed detection and response, user and entity behavior analytics, IoT security, content collaboration platforms, mobile identity, user authentication, trusted environments and BYOD being replaced by BYOPC.

 

Why Digital Transformation Always Needs To Start With Customers First

Why Digital Transformation Always Needs To Start With Customers First

Customers’ expectations, preferences, changing patterns in how and why they purchase need to be the core of any digital transformation effort.

Customers’ expectations, preferences, changing patterns in how and why they purchase need to be the core of any digital transformation effort. With it, digital transformation projects flourish and take on a life of their own. Without it, I’ve seen digital transformation projects become myopic, narrowly focused, substituting internal metric gains for measures that matter most to customers.

Digital Maturity Drives Revenue

Anyone who has worked on a digital transformation project quickly sees how the most digitally mature organizations can turn their investments in transformation into revenue by overwhelming customers with value. Initiatives that put customers first can serve to generate greater confidence among C-level executives and board members, leading to more funding. This is because business cases for customer-centric digital transformation projects are easier to create, more defensible and best of all, point to revenue gains and cost reductions.

Deloitte Insights’ recent survey uncovering the connection between digital maturity and financial performance accurately reflects the true state of customer-centric digital transformation. The article explains how the more digitally mature an organization is, the more achievable gains are in diversity and inclusion, Corporate Social Responsibility (CSR), customer satisfaction, product quality, gross margin and long-term financial performance. Deloitte’s latest study finds a strong correlation between the digital maturity of an enterprise and its net revenue and net profit margin. The following graphic makes clear how valuable pursuing digital maturity is, with customers being at the center of all transformation efforts. This contributes to greater net revenue and net profit margin growth:

A fascinating point regarding Deloitte Insights’ research is the correlation it uncovered between an organization’s digital transformation maturity and the benefits they gain in efficiency, revenue growth, product/service quality, customer satisfaction and employee engagement. They found a hierarchy of pivots successful enterprises make to keep pursuing more agile, adaptive organizational structures combined with business model adaptability, all driven by customer-driven innovation. The most digitally mature organizations can adopt new frameworks that prioritize market responsiveness, customer-centricity and have analytics and data-driven culture with actionable insights embedded in their DNA.

Mastering Data & Removing Roadblocks Are Key To Driving Customer Value

The two highest-payoff areas for accelerating digital maturity and achieving its many benefits are mastering data and creating more intelligent workflows. Deloitte Insights’ research team looked at the seven most effective digital pivots enterprises can make to become more digitally mature. The pivots that paid off the best as measured by revenue, margin, customer satisfaction, product/service quality and employee engagement combined data mastery and improving intelligent workflows. The following graphic shows how 51% of revenue growth can be explained by these two factors alone and 49% of improved customer satisfaction.

Data mastery and intelligent workflows are among the easiest areas to measure and include in a business case for digital transformation projects aimed at delivering a transcendent customer experience. Choosing to excel on the dimension of customer-centric data mastery gives enterprises the insights they need to create their unique omnichannel platforms. Adding in intelligent workflows that give customers the freedom to buy how, where and when they choose across any digital platform is the cornerstone of entirely new digital business models today. Capturing the voice of the customer and combining data mastery and intelligent workflows to gain an accurate, true 360-degree view of customers is invaluable for every aspect of go-to-market strategies.

Achieving Digital Maturity Requires A Framework

Enterprises that have customer centricity and a data-driven mindset are the most likely to succeed with a digital transformation initiative. As the Deloitte Insights study inferred, the most digitally mature organizations are continually adapting to customer and market dynamics. They’re prioritizing market responsiveness, striving to improve customer-centricity and have data-driven cultures with actionable insights as part of their DNA. Enterprises who see new digital business model opportunities and act on them capitalize on these three areas of organizational strength. They’re also able to combine their data mastery and intelligent workflows to identify areas of competitive opportunity to help them excel for their customers.

Consider how cybersecurity is now part of any customer experience, for good and bad. Multi-factor Authentication (MFA) and many other forms of identity verification secure customer transactions, yet they can also cause dissatisfaction. For any digitally mature enterprise, integrating cybersecurity into their existing framework is a challenge. The growth of new frameworks designed to empower greater customer-centricity, agility and actionable insights across every facet of a business is a fascinating area of watch.

One of the more interesting is BMC’s Autonomous Digital Enterprise (ADE) framework, which is shown below. Mapping Deloitte Insights’ top investment priorities for the next 12 months across all digital maturity levels to the ADE framework shows why frameworks like BMC’s are gaining adoption, particularly as organizations look to run and reinvent themselves with new digital business models built around AI/ML capabilities. The following graphic provides insights into how Deloitte’s top investment priorities are integral to BMC’s Autonomous Digital Enterprise Framework and its many contributions to the success of new digital business growth.

Conclusion

Quantifying the impact of having a customer-centric digital transformation strategy has proved elusive until recently. Deloitte Insights’ research shows how digital maturity enables greater gains from customer-centric digital transformation efforts. What’s fascinating about their research is how the progression of digital pivots leads to improved margin, revenue, customer satisfaction, diversity and inclusion and product quality gains. Equally interesting is the growing utility of frameworks like BMC’s, which are designed to enable long-standing enterprises to seamlessly embrace new digital business models, so they can flex and change with the world around them.

 

 

Where AIOps Is Delivering Results Today

Where AIOps Is Delivering Results Today

Bottom Line: Capitalizing on AI and machine learning’s inherent strengths to create contextual intelligence in real-time, LogicMonitor’s early warning and failure prevention systems reflect where AIOps is delivering results today.

LogicMonitor’s track record of making solid contributions to their customers’ ability to bring greater accuracy, insight, and precision into monitoring all IT assets is emerging as a de facto industry standard. Recently I was speaking with a startup offering Hosted Managed Services of a variety of manufacturing applications, and the must-have in their services strategy is LogicMonitor LM Intelligence. LogicMonitor’s AIOps platform is powered by LM Intelligence, enabling customers’ businesses to gain early warning into potential trouble spots in IT operations stability and reliability. LogicMonitor does the hard work for you with automated alert thresholds, AI-powered early warning capabilities, customizable escalation chains, workflows, and more.

Engineers who are working at the Hosted Managed Services provider I recently spoke with say LM Intelligence is the best use case of AI and machine learning to provide real-time alerts, contextual insights, discover new patterns in data, and make automation achievable. The following is an example of the LM Intelligence dashboard:

Where AIOps Is Delivering Results Today

How LogicMonitor’s Architecture Supports AIOps

One of the core strengths LogicMonitor continues to build on is integration, which they see as essential to their ability to excel at providing AIOps support for their customers. Their architecture is shown below. By providing real-time integration to public cloud platforms, combined with control over the entire IT infrastructure structure along with over 2,000 integrations from network to cloud, LogicMonitor excels at unifying diverse IT environments into a single, cohesive AIOps-based intelligence system.  The LogicMonitor platform collects cloud data through our cloud collectors. These collectors retrieve metrics such as the cloud provider health and billing information by making API calls to the cloud services. The collector is a Windows Service or background process that is installed in a virtual machine. This collector then pulls metrics from the different devices using a variety of different methods, including SNMP, WMI, perf Mon JMX, APIs, and scripts.

Where AIOps Is Delivering Results Today

Using AIOps To Monitor, Analyze, Automate

LogicMonitor has created an architecture that’s well-suited to support the three dominant dimensions of AIOps, including Monitoring, Analytics (AIOps), and Automating. Their product and services strategies in the past have reflected a strong focus on Monitoring. The logic of prioritizing Monitoring as a product strategy area was to provide the AI and machine learning models with enough data to train on so they could identify anomalies in data patterns faster. Their 2018/2019 major releases in the Monitor area reflect how the unique strength they have of capturing and making use of any IT asset that can deliver a signal is paying off. Key Monitor developers recently include the following:

  • Kubernetes Monitoring
  • Service Insight
  • Topology
  • Remote Sessions
  • Netflow
  • Configuration Monitoring
  • Public Cloud Monitoring
  • Applications Monitoring

LogicMonitor’s core strengths in AIOps are in the Anomaly Detection and Early Warning System areas of their product strategy. Their rapid advances in the Early Warning System development show where AIOps is delivering solid results today. Supporting the Early Warning System, there are Dynamic Thresholds and Root Cause Analysis based on Dependencies as well.

The Automate area of their product strategy shows strong potential for future growth, with the ServiceNow integration having upside potential. Today Alert Chaining and Workflow support integrations to Ansible, Terraform, Slack, Microsoft, Teama, Putter, Terraform, OpsGenie, and others.

Conclusion

LogicMonitor’s platform handles 300B metrics on any given day and up to 10B a month, with over 28K collectors deployed integrated with approximately 1.4M devices being monitored. Putting AI and machine learning to work, interpreting the massive amount of data the platform captures every day to fine-tune their Early Warning and Failure Prevention Systems, is one of the most innovative approaches to AIOps today. Their AIOps Early Warning System is using machine learning Algorithms to fine-tune Root Cause Analysis and Dynamic Thresholds continually. AIOps Log Intelligence is also accessing the data to complete Automatic Log Anomaly Detection, Infrastructure change detection, and Log Volume Reduction to Signal analysis.

 

 

 

5 Ways Machine Learning Can Thwart Phishing Attacks

5 Ways Machine Learning Can Thwart Phishing Attacks

Mobile devices are popular with hackers because they’re designed for quick responses based on minimal contextual information. Verizon’s 2020 Data Breach Investigations Report (DBIR) found that hackers are succeeding with integrated email, SMS and link-based attacks across social media aimed at stealing passwords and privileged access credentials. And with a growing number of breaches originating on mobile devices according to Verizon’s Mobile Security Index 2020, combined with 83% of all social media visits in the United States are on mobile devices according to Merkle’s Digital Marketing Report Q4 2019, applying machine learning to harden mobile threat defense deserves to be on any CISOs’ priority list today.

How Machine Learning Is Helping To Thwart Phishing Attacks

Google’s use of machine learning to thwart the skyrocketing number of phishing attacks occurring during the Covid-19 pandemic provides insights into the scale of these threats. On a typical day, G-Mail blocks 100 million phishing emails. During a typical week in April of this year, Google’s G-Mail Security team saw 18M daily malware and phishing emails related to Covid-19. Google’s machine learning models are evolving to understand and filter phishing threats, successfully blocking more than 99.9% of spam, phishing and malware from reaching G-Mail users. Microsoft thwarts billions of phishing attempts a year on Office365 alone by relying on heuristics, detonation and machine learning strengthened by Microsoft Threat Protection Services.

42% of the U.S. labor force is now working from home, according to a recent study by the Stanford Institute for Economic Policy Research (SIEPR). The majority of those working from home are in professional, technical and managerial roles who rely on multiple mobile devices to get their work done. The proliferating number of threat surfaces all businesses have to contend with today is the perfect use case for thwarting phishing attempts at scale.

What’s needed is a machine learning engine capable of analyzing and interpreting system data in real-time to identify malicious behavior. Using supervised machine learning algorithms that factor in device detection, location, user behavior patterns and more to anticipate and thwart phishing attacks is what’s needed today. It’s a given that any machine learning engine and its supporting platform needs to be cloud-based, capable of scaling to analyze millions of data points. Building the cloud platform on high-performing computing clusters is a must-have, as is the ability to iterative machine learning models on the fly, in milliseconds, to keep learning new patterns of potential phishing breaches. The resulting architecture would be able to learn over time and reside on the device recursively. Protecting every endpoint if it’s connected to WiFi or a network or not is a key design goal that needs to be accomplished as well. MobileIron recently launched one of the most forward-thinking approaches to solving this challenge and its architecture is shown below:

5 Ways Machine Learning Can Thwart Phishing Attacks

Five Ways Machine Learning Can Thwart Phishing Attacks 

The one point of failure machine learning-based anti-phishing apps continue to have is lack of adoption. CIOs and CISOs I’ve spoken with know there is a gap between endpoints secured and the total endpoint population. No one knows for sure how big that gap is because new mobile endpoints get added daily. The best solution to closing the gap is by enabling on-device machine learning protection. The following are five ways machine learning can thwart phishing attacks using an on-device approach:

1.    Have machine learning algorithms resident on every mobile device to detect threats in real-time even when a device is offline.  Creating mobile apps that include supervised machine learning algorithms that can assess a potential phishing risk in less than a second is what’s needed. Angular, Python, Java, native JavaScript and C++ are efficient programming languages to provide detection and remediation, so ongoing visibility into any malicious threat across all Android and iOS mobile devices can be tracked, providing detailed analyses of phishing patterns. The following is an example of how this could be accomplished:

5 Ways Machine Learning Can Thwart Phishing Attacks

2.    Using machine learning to glean new insights out of the massive amount of data and organizations’ entire population of mobile devices creates a must-have.  There are machine learning-based systems capable of scanning across an enterprise of connected endpoints today. What’s needed is an enterprise-level approach to seeing all devices, even those disconnected from the network.

3.    Machine learning algorithms can help strengthen the security on every mobile device, making them suitable as employees’ IDs, alleviating the need for easily-hackable passwords. According to Verizon, stolen passwords cause 81% of data breaches and 86% of security leaders would do away with passwords, if they could, according to a recent IDG Research survey. Hardening endpoint security to the mobile device level needs to be part of any organizations’ Zero Trust Security initiative today. The good news is machine learning algorithms can thwart hacking attempts that get in the way making mobile devise employees’ IDs, streamlining system access to the resources they need to get work done while staying secure.

4.    Keeping enterprise-wide cybersecurity efforts focused takes more than after-the-fact analytics and metrics; what’s needed is look-ahead predictive modeling based machine learning data captured at the device endpoint.  The future of endpoint resiliency and cybersecurity needs to start at the device level. Capturing data at the device level in real-time and using it to train algorithms, combined with phishing URL lookup, and Zero Sign-On (ZSO) and a designed-in Zero Trust approach to security are essential for thwarting the increasingly sophisticated breach attempts happening today.

5.    Cybersecurity strategies and the CISOs leading them will increasingly be evaluated on how well they anticipate and excel at compliance and threat deterrence, making machine learning indispensable to accomplishing these tasks. CISOs and their teams say compliance is another area of unknowns they need greater predictive, quantified insights into. No one wants to do a compliance or security audit manually today as the lack of staff due to stay-at-home orders makes it nearly impossible and no one wants to jeopardize employee’s health to get it done.  CISOs and teams of security architects also need to put as many impediments in front of threat actors as possible to deter them, because the threat actor only has to be successful one time, while the CISO/security architect have to be correct 100% of the time. The answer is to combine real-time endpoint monitoring and machine learning to thwart threat actors while achieving greater compliance.

Conclusion

For machine learning to reach its full potential at blocking phishing attempts today and more advanced threats tomorrow, every device needs to have the ability to know if an email, text or SMS message, instant message, or social media post is a phishing attempt or not. Achieving this at the device level is possible today, as MobileIron’s recently announced cloud-based Mobile Threat Defense architecture illustrates. What’s needed is a further build-out of machine learning-based platforms that can adapt fast to new threats while protecting devices that are sporadically connected to a company’s network.

Machine learning has long been able to provide threat assessment scores as well. What’s needed today is greater insights into how risk scores relate to compliance. Also, there needs to be a greater focus on how machine learning, risk scores, IT infrastructure and the always-growing base of mobile devices can be audited. A key goal that needs to be achieved is having compliance actions and threat notifications performed on the device to shorten the “kill chain” and improve data loss prevention.

Answers To Today’s Toughest Endpoint Security Questions In The Enterprise

Answers To Today's Toughest Endpoint Security Questions In The Enterprise

  • Enterprises who are increasing the average number of endpoint security agents from 9.8 last year to 10.2 today aren’t achieving the endpoint resilience they need because more software agents create more conflicts, leaving each endpoint exposed to a potential breach.
  • 1 in 3 enterprise devices is being used with a non-compliant VPN, further increasing the risk of a breach.
  • 60% of breaches can be linked to a vulnerability where a patch was available, but not applied. Windows 10 devices in enterprises are, on average, 95 days behind on patches.

CIOs, CISOs and cybersecurity teams say autonomous endpoint security is the most challenging area they need to strengthen in their cybersecurity strategy today. Software agents degrade faster than expected and conflict with each other, leaving endpoints exposed. Absolute’s 2020 State of Endpoint Resilience Report quantifies the current state of autonomous endpoint security, the scope of challenges CISOs face today and how elusive endpoint resiliency is to achieve with software agents. It’s an insightful read if you’re interested in autonomous endpoint security.

Endpoint Security Leads CISOs’ Priorities In 2020

With their entire companies working remotely, CIOs and CISOs I’ve spoken with say autonomous endpoint security is now among their top three priorities today. Cutting through the endpoint software clutter and turning autonomous endpoint security into a strength is the goal. CISOs are getting frustrated with spending millions of dollars among themselves only to find out their endpoints are unprotected due to software conflicts and degradation.  Interested in learning more, I spoke with Steven Spadaccini, Vice President, Sales Engineering at Absolute Software and one of the most knowledgeable autonomous endpoint cybersecurity experts I’ve ever met. Our conversation delved into numerous cybersecurity challenges enterprise CIOs and CISOs are facing today. My interview with him is below:

The Seven Toughest Questions the C-Suite Is Asking About Endpoint Security

Louis: Thank you for your time today. I have seven questions from CIOs, CISOs and their teams regarding endpoint security. Let’s get started with their first one. What happens if an endpoint is compromised, how do you recover, encrypt, or delete its data?

Steven:  It’s a challenge using software agents, both security and/or management, to do this as each agents’ tools and features often conflict with each other, making a comprised endpoints’ condition worse while making it virtually impossible to recover, encrypt, delete and replace data. The most proven approach working for enterprises today is to pursue an endpoint resilience strategy. At the center of this strategy is creating a root of trust in the hardware and re-establishes communication and control of a device through an unbreakable digital tether. I’m defining Endpoint Resilience as an autonomous endpoint security strategy that ensures connectivity, visibility and control are achieved and maintained no matter what is happening at the OS or application level. Taking this approach empowers devices to recover automatically from any state to a secure operational state without user intervention. Trust is at the center of every endpoint discussion today as CIOs, CISOs and their teams want the assurance every endpoint will be able to heal itself and keep functioning

Louis: Do endpoint software security solutions fail when you lose access to the endpoint, or is the device still protected at the local level?

Steven: When they’re only protected by software agents, they fail all the time. What’s important for CISOs to think about today is how they can lead their organizations to excel at automated endpoint hygiene. It’s about achieving a stronger endpoint security posture in the face of growing threats. Losing access to an endpoint doesn’t have to end badly; you can still have options to protect every device. It’s time for enterprises to start taking a more resilient-driven mindset and strategy to protecting every endpoint – focus on eliminating dark endpoints. One of the most proven ways to do that is to have endpoint security embedded to the BIOS level every day. That way, each device is still protected to the local level. Using geolocation, it’s possible to “see” a device when it comes online and promptly brick it if it’s been lost or stolen.

Louis: How can our cybersecurity team ensure compliance that all cybersecurity software is active and running on all endpoints?

Steven: Compliance is an area where having an undeletable tether pays off in a big way. Knowing what’s going on from a software configuration and endpoint security agent standpoint – basically the entire software build of a given endpoint – is the most proven way I’ve seen CISOs keep their inventory of devices in compliance. What CISOs and their teams need is the ability to see endpoints in near real-time and predict which ones are most likely to fail at compliance. Using a cloud-based or SaaS console to track compliance down to the BIOS level removes all uncertainty of compliance. Enterprises doing this today stay in compliance with HIPAA, GDPR, PCI, SOX and other compliance requirements at scale. It’s important also to consider how security automation and orchestration kicks on to instantly resolve violations by revising security controls and configurations, restoring anti-malware, or even freezing the device or isolating it from data access. Persistent visibility and control give organizations what they need to be audit-ready at every moment.

Having that level of visibility makes it easy to brick a device. Cybersecurity teams using Absolute’s Persistence platform can lead to humorous results for IT teams, who call the bricking option a “fun button as they watch hackers continually try to reload new images and right after they’re done, re-brick the device again. One CIO told the story of how their laptops had been given to a service provider who was supposed to destroy them to stay in compliance with the Health Insurance Portability and Accountability Act (HIPAA) and one had been resold on the black market, ending up in a 3rd world nation. As the hacker attempted to rebuild the machine, the security team watched as each new image was loaded at which time they would promptly brick the machine. After 19 tries, the hacker gave up and called the image rebuild “brick me.”

Louis: With everyone working remote today, how can we know, with confidence where a given endpoint device is at a moments’ notice?

Steven: That’s another use case where having an undeletable tether pays off in two powerful ways: enabling autonomous endpoint security and real-time asset management. You can know with 100% confidence where a given endpoint device is in real-time so long as the device is connected to a permanent digital tether . Even if the device isn’t reachable by your own corporate network it’s possible to locate it using the technologies and techniques mentioned earlier. CIOs sleep better at night knowing every device is accounted for and if one gets lost or stolen, their teams can brick it in seconds.

Louis: How can our IT and cybersecurity teams know all cybersecurity applications are active and protecting the endpoint?

Steven: By taking a more aggressive approach to endpoint hygiene, it’s possible to know every application, system configuration and attributes of user data on the device. It’s important not to grow complacent and assume the gold image IT uses to configure every new or recycled laptop is accurate. One CIO was adamant they had nine software agents on every endpoint, but Absolute’s Resilience platform found 16, saving the enterprise from potential security gaps. The gold image is an enterprise IT team was using had inadvertently captured only a subset of the total number of software endpoints active on their networks. Absolute’s Resilience offering and Persistence technology enabled the CIO to discover gaps in endpoint security the team didn’t know existed before.

Louis: How can we restrict the geolocations of every endpoint?

Steven: This is an area that’s innovating quickly in response to the needs enterprises have to track and manage assets across countries and regions. IP tracking alone isn’t as effective as the newer techniques, including GPS tracking, Wi-Fi triangulation, with both integrated into the Google Maps API. Enterprises whose business relies on Personal Identifiable Information (PII) is especially interested in and adopting these technologies today. Apria Healthcare is currently using geofencing for endpoint security and asset management. They have laptops in use today across Indonesia, the Philippines and India. Given the confidential nature of the data on those devices and compliance with local government data protection laws, each laptop needs to stay in the country they’re assigned to. Geofencing gives Apria the power to freeze any device that gets outside of its region within seconds, averting costly fines and potential breaches.

Louis: How can our IT team immediately validate an endpoint for vulnerabilities in software and hardware?

Steven: The quickest way is to design in audit-ready compliance as a core part of any endpoint resilience initiative. Endpoint resilience to the BIOS level makes it possible to audit devices and find vulnerabilities in real-time, enabling self-healing of mission-critical security applications regardless of complexity. The goal of immediately validating endpoints for current security posture needs to be a core part of any automated endpoint hygiene strategy. It’s possible to do this across platforms while being OS-agnostic yet still accessible to over 500M endpoint devices, deployed across Microsoft Windows, macOS via a Mac Agent and Chrome platforms.

Conclusion

Knowing if their autonomous endpoint security and enterprise-wide cybersecurity strategies are working or not is what keeps CIOs up the most at night. One CISO confided to me that 70% of the attempted breaches to his organization are happening in areas he and his team already knew were vulnerable to attack. Bad actors are getting very good at finding the weakest links of an enterprises’ cyber defenses fast. They’re able to look at the configuration of endpoints, see which software agents are installed, research known conflicts and exploit them to gain access to corporate networks. All this is happening 24/7 to enterprises today. Needing greater resilient, persistent connections to every device, CISOs are looking at how they can achieve greater resilience on every endpoint. Capitalizing on an undeletable tether to track the location of the device, ensure the device and the apps on that device have self-healing capabilities and gain valuable asset management data  – these are a few of the many benefits they’re after.

%d bloggers like this: