Rising menace of security threats is creating the urgent need to ensure cyber security solutions across the Banking, Financial Services and Insurance (BFSI) domain. In order to ensure complete safety of data and maintain credibility all the banks – big and small are ensuring the use of advanced technologies, says Harshil Doshi, Strategic Security Solutions Consultant, Forcepoint India, in conversation with Harshal Yashwant Desai of Elets News Network (ENN).
Please tell us about your organisation?
Forcepoint is a global leader in cyber security focusing on protecting organistions most important assets i.e. its critical business data and users. Forcepoint was formed in January 2016 as the combination of Raytheon Cyber Products, Websense and Intel Stonesoft. Its mission is to transform cybersecurity by focusing on what matters most: understanding people’s intent as they interact with critical data and intellectual property wherever it resides. It is a privately held company. Our Human Point System enable companies to empower employees with unobstructed access to confidential data while protecting intellectual property and simplifying compliance.
How do you view the current trends in cyber security domain? What role is your brand portraying in this regard?
If you take a look at cyber security as a domain, customers have been very focused towards solving the threat related issues using technology to secure digital infrastructure. This is the reason, over the years, cyber security budgets have increased multi-fold, and according to Gartner estimates, worldwide spending on information security is expected to reach $90 billion in 2017 – making it a huge industry. Despite all these investments, the cyber security attacks have only increased. There are almost 750 cyber security vendors across the globe offering more than 2000 technology solutions, but the risk factor however has not come down. There is a new start-up every day in the Silicon Valley offering some niche technology to a particular point problem. Is it really solving our problems? And the answer seems to be a ‘NO.’ Technology is always evolving, however, ‘human beings’ are the only ‘constant’.
So, unless we address this factor, unless we understand the human behaviour – whether as an employee, as a customer, as a partner, as a business person – it may be difficult for us to protect our systems. Understanding human behaviour actually leads to understanding the intent of employees as they interact with critical data, what their motives are and once we understand that the technologies are already in place to protect a probable security breach from happening
This is where Forcepoint comes into the picture. We protect the points where human beings interact with data and network. We focus on understanding the rhythm of the people and flow of data to respond to risks in real time. It is completely a new dimension to how we address issues pertaining to cyber security. We are uniquely positioned in the market as we offer a human point system that is oriented towards insider threat detection and analytics, cloud-based user and application protection, next-gen network protection, data security and systems visibility. It’s a new approach to cybersecurity.
What are your target areas and your clientele base?
Industries have been impacted by the digital transformation such as Information Technology (IT)/ IT enabled services (ITeS), Banking and Finance, Telecom, Manufacturing, Retail, Pharmaceuticals are some of the sectors that would need protection from emerging cyber attacks. Government is another focus area for us. Government has laid it major focus on using technology to deliver its services to citizens and using technology to conduct its business. It is focussing on building new data centers, executing e-governance programmes and smart cities initiatives, which means that they are going to not only collect, store but even process lot of sensitive data.
How do you analyse the present day BFSI Sector in terms of cyber security?
BFSI is one of the sectors that are adopting cyber security solutions very swiftly. In order to ensure complete safety of data and maintain credibility, all the banks – big and small are ensuring the use of advanced technologies. Besides, regular audits from regulatory bodies also encourage banks to ensure all their systems and security measures are in place. We all know about Frank Abagnale. How – back in the 1960s -he cheated the American banks of almost $ 30 million by printing fake cheques. He is now a Consultant to Federal Bureau of Investigation (FBI) to detect banking frauds. According to Frank in every fraud that he has ever investigated there was always an insider who was involved. So, no matter how advanced technology we implement, if we do not understand the behaviour of end users, it will be very difficult for us to catch up with these cyber security threats. And since everything has gone digital, we don’t have time to understand who is thinking what, what is any user’s intent. The visibility of human behaviour has actually gone down. What Forcepoint does is bring back the visibility into human behaviour and along with technology adoption helps in combating cyber attacks.
What is your modus operandi?
Forcepoint has been a leading player in understanding some part of human behaviour as far as their internet access, their email access or their behaviour on data is concerned. By combining our technologies as human point system and along with the introduction of new technologies such as user and entity behaviour and analytics with underlying algorithms like volumetric analysis, base lining and others, we are elevating the customer’s security portfolio from detective to predictive. Now organisations with our data and insider threat portfolio will be able to suggest if somebody is going to do something wrong accidentally or maliciously based on their behaviour.
Tell us about your cloud-based user and application.
I think cloud today has become a reality. Even highly regulated industries like banks have started adopting cloud in a big manner and but the problem with cloud is that it opens up everything and it is not restricted access anymore. So, we can access drop box or one drive application from our mobile phones sitting at my home. Further, we can download, upload, and share the data. As part of our human-centric approach to security, Forcepoint CASB helps eliminate those blind spots by giving you visibility into – and control over – your users’ devices and cloud apps, letting you understand the rhythm of your people and the flow of your data.
Would you like to share any other information with our readers?
I think one area that we would urge enterprise to focus is the human point at the intersection of people with systems and critical data. Often people seem to think the employee is the bad guy which can happen in a few cases but quite often the employee is just a vehicle. He’s going to be that person who’s lured to click on something and something happens and it’s going to compromise company data. At the same time, he’s also compromising himself.
The idea is to make it easy and frictionless for people to work, but at the same time keep information secure. By understanding the way people work, security systems can detect people doing things they shouldn’t be doing, either because they are malicious or because somebody is exploiting them. Then the organisation can protect its data as well as its employees.