I am not sure if it’s coincidence or not, but just before this year’s Gartner Security & Risk Management Summit in National Harbor, MD, the US government suffered a massive data breach at the Office of Personnel Management. Just before last year’s summit, there were a few other major data breaches to hit the news. I’m not sure if the timing was intended to coincide with the summit, but there is nothing like current events to start conversations about data security.
During the course of the summit, a lot of attendees and analysts came to the Fasoo booth to understand the best ways to stop both insider threats and protect sensitive data from advanced persistent threats (APT) from hackers and other bad actors. Visitors were very impressed by how the Fasoo Data Security Framework can help them achieve those goals.
During the keynote on Monday, June 8, there was a focus on building resilient organizations that can withstand cyberattacks and continue to function. This was discussed in the context of enabling digital business using the latest technologies. The Internet of Things or IoT has become one of the hot buzzwords during the many security conferences this year and was also talked about extensively during the keynote. With more and more components of our businesses connected to networks, it is inevitable that devices and data will be compromised.
I found that many presentations during the summit painted pictures of the problem, but not many talked about solutions. During one presentation on Mobile Security Threats and Trends 2015, Gartner Analysts John Girard and Dionisio Zumerle did talk about using data-centric security to protect the information on mobile devices. With so much of our business lives happening on our phones and tablets, Gartner finally realizes that protecting the device is not solving the problem. You need to worry about securing the data.
During his keynote address on Tuesday, June 9, Chris Byrnes discussed “Cybersecurity Scenario 2020: The Impact of Digital Business on Security”. During that talk, Chris mentioned that the amount of data coming into our organizations in the next five years will increase by an order of magnitude of 3 to 10 times. Because of the IoT and all the connected devices we use to run our businesses, the information flow could be staggering. Trying to categorize and classify that data will be an almost impossible job, but one that should not be left to people. We need to rely on appropriate algorithms and machine learning to help us separate the wheat from the chaff.
Talking to attendees, I got a sense that most people are ready to seriously tackle data security vulnerabilities in their organizations. I spoke to CISOs and other security professionals who are very concerned about protecting sensitive files from unauthorized people inside their organizations.
One woman from a consumer goods company had sensitive designs and product information stolen and given to a competitor. She told me they have a lot of perimeter security solutions, but none of them stopped the theft.
I spoke to a gentleman from a government institution who needed to make sure that attorneys could safely share sensitive client information with authorized people, but that the information couldn’t be forwarded to a Gmail account for viewing outside the organization. He and I discussed using Fasoo Enterprise DRM as a way to easily meet his needs.
On Wednesday, June 10, Bill Blake, Fasoo USA President, and Ron Arden, Vice President and Chief Marketing Officer, presented ‘Closing the Threat Gap: A 21st Century Approach to Minimizing Risk!’ at a solution provider session. Bill focused on the problems of hackers, malicious insiders and privileged users stealing sensitive data and how there are gaps in the traditional perimeter defenses we rely on for protection. Ron talked about using data-centric security to protect sensitive information by controlling access and use at the data level through continuous encryption and persistent security policies. The session had over 150 people in it and many of them asked specific questions about securing information on mobile devices, providing offline access and how to kill access to files regardless of location.
Attendees at the session and at the booth were excited to see that Fasoo technology is very robust, balances security with usability and integrates with an organization’s existing infrastructure. I remember one person saying, “I was a little skeptical during your presentation, but convinced once I saw it in action.”