Forcepoint delivers integrated behavior-based security solutions, that have been perfectly adapted to suit the industrial environment, specifically, products that provide more visibility into the potential threats, says Harshil Doshi, Strategic Security Solutions Head, Forcepoint, in conversation with Elets News Network (ENN).
Forcepoint is driven by an understanding of human behavior and intent. How do you focus on this ideology?
Forcepoint is one of the largest cybersecurity companies globally and in India. Over the last six-seven years, enterprises and government agencies have spent around a trillion dollar in maintaining cybersecurity. But despite this, 100 per cent security has not been achieved and organisations still face risks day-in and day-out. One gets to hear about so many cyberattacks occurring almost every day across the world despite increased investments in cybersecurity.
Three years ago, we thought of reimagining cybersecurity and decided to explore the factors responsible for the rising number of cyber attacks. After interacting with a lot of our customers, partners, cybersecurity analysts, and many more, we realised that the technology investment is right there and so are the regulations but the missing factor was people. Humans, in general, are the weakest link in the cybersecurity chain. While a machine is instructed to accomplish a task, things start to fall apart when a human takes a wrong decision – intentionally or unintentionally.
With the advent of new technologies like artificial intelligence and machine learning, you can now get a good insight into human behavior and its interaction with critical data. By creating a “normal” baseline behavior and monitoring any anomaly in that behavior – for e.g. a disgruntled employee may look to steal company’s critical data or an employee’s digital identity is stolen– today’s cyber attacks could be contained.
At Forcepoint, we look at people’s behavior to understand which employees pose the greatest risk of data exfiltration. This could lead us to detect and predict cyber, business or financial frauds and apply specific controls so as to contain its occurrence. This is the whole motto where Forcepoint started building a human point system where behavioural analytics is at the core of our solutions, taking inputs from various systems, profiles and users, and assigning a risk score to each individual.
The risk score is dynamic and keeps changing depending upon users’ actions and its variance from their “normal” behaviour. The dynamic scoring mechanism offers a significant advantage over traditional security. The automated nature of our solution helps relieve the burden on security analysts who would otherwise be overwhelmed sifting through endless red flags and security alerts. This is the future of cybersecurity.
Technology innovations are not just transforming the BFSI sector but it is also expanding the risk quotient. How are you expanding your offerings in alignment to this?
There is a prevalent perspective in the cybersecurity industry that the bad guys are always ahead of the good guys. Our police or law enforcement agencies work under a certain regulatory framework but the bad guys are not bound by any such framework and are only guided by bad intent. Bad guys are always innovating cyber attacks without any restriction while we are always trying to block them. We are not innovating at the speed of the bad guys and this is where the human centric approach to cybersecurity becomes significant. Whilst the gap in technology can be bridged, if you do not understand the intent of an insider, no matter how many locks you put, your network is still going to get compromised.
The insider risk is one of the focus areas that we ask our customers to look at. If you start focusing on your own employees and partners, you will be able to protect yourself much better.
We are trying to address that one vulnerability that the bad guys are focusing on. The challenge is of staying ahead.
How do you address the challenges pertaining to Critical Infrastructure Security through your solutions?
In an era of increasing internet connectivity and growing number of endpoints, the global threat scenario is worrying. The increasing attack surface compounded with the ineffective approach to cybersecurity further raises the vulnerability.
We have decades of experience in securing high-assurance critical infrastructure environments, such as manufacturing, energy, defense industrial base, and government facilities. Our approach to cybersecurity within critical infrastructure provides the end-user an option to quickly move from visibility to control with Forcepoint NGFW and Forcepoint Data Guard to provide robust network defense and secure segmented network communications. Leveraging defense-grade approaches which are used by top government agencies, customers can deploy a variety of solutions for highly sensitive areas like nuclear and power generation, or meet simple DMZ and remote access requirements.
Furthermore, the Forcepoint pedigree of understanding insider threats, or how actors behave once inside an environment to compromise system operations, gives us a unique viewpoint to address ICS challenges where they are the most vulnerable—the human point of interaction with systems and data.
Tell us about your future innovations and offerings with respect to Critical Infrastructure. How does Forcepoint cater to the emerging critical infrastructure needs from endpoints to networks to cloud?
Our research predicts that going forward, there will be wide scale attacks on industrial Internet of Things (IoT) through use of cloud infrastructure and an over reliance of Artificial Intelligence (AI) in Cyber security systems. We find that businesses are navigating through an unpredictable industrial space, while trying to leverage cloud data services. Attacks such as NotPetya demonstrated vulnerability and exposed the security challenges faced in the industrial sector.
Initially, we plan to focus our efforts on organisations that use Industrial Control Systems (ICS) such as energy, oil, gas and critical manufacturing. Connecting operational technology (OT) to ICS and supervisory control and data acquisition (SCADA) to the information technology network provides new flexible methods of functionality, cost savings and transparency, to efficiently utilise the meta data and conclusions of data analytics.
Our focus is on delivering integrated behavior-based security solutions, that have been perfectly adapted to suit the industrial environment, specifically, products that provide more visibility into the potential threats facing ICS. Additionally, given the rapid digital transformation underway, we provide solutions for a secure segmentation, therein securing cloud environments. These capabilities will be powered by Forcepoint Next Generation Firewall (NGFW), which is a product designed specifically to detect exploitation attempts, block malware and defect evasion techniques across physical, virtual and cloud systems. Also, the Forcepoint Data Guard solution allows for smooth data transfer between OT and IT networks, ensuring that only required data sets and commands go through. Forcepoint’s tailored offerings have been proven time and again to manage high risk connections and deliver the most sensitive data protection for national critical infrastructure.
Forcepoint offers solutions in terms of Global Government Security. How different is India in this regard?
Forcepoint, being a global cyber security player, understands specific requirements governments across the globe have, in terms of data sovereignty, localization, air gapped networks and content localization, etc. We are uniquely positioned to address these needs with our global data centers footprint.
India, among the fastest developing large economies of the world, is unique in its own way – the government in the recent past has taken various tangible and long-term steps to digitize the delivery of various government services. Digital India, Digital Wallet, United Payments Interface (UPI), Aadhar, Goods and Services Tax Network, and BharatNet are testament of this massive digital transformation and automation. Forcepoint has deep expertise in addressing cyber security needs of protecting personally identifiable information, protecting the digital perimeters of various government bodies and also protecting their air gapped networks through our portfolio of products including data loss prevention, next generation firewall and data guard.
Forcepoint already protects many State Wide Area Networks (SWANs) and smart cities apart from various state and central government agencies from data theft, unsecure browsing, and phishing threats to ensure the digital services provided by the government are secure till the last mile. While we are taking the right steps, we have a long way to go to match up to the developed economies of the world and Forcepoint is fully equipped to help the central and state governments in India to secure their journey through this digital transformation.