It was just a short time ago that Fortra came into being, as the new face of HelpSystems. Fortra is a company that combines a group of cybersecurity products and services into one portfolio. As with all acquisitions, many customers wondered what benefits this would bring to the Tripwire product line. We took the opportunity to speak with Fortra’s Principal Evangelist, Antonio Sanchez, who sheds light on how this acquisition delivers more value to all of our customers.
Antonio also spoke with us about some industry trends including cybersecurity insurance, third party supplier risk, and the good and bad aspects of artificial intelligence.
Tell us a little about Fortra.
Antonio Sanchez: The heritage of the company was to build a better IT for customers for 40 years under the name of HelpSystems. In the last few years, the company evolved to focus deliberately on security and automation. Today the portfolio includes solutions from industry leading product lines including Tripwire, Digital Guardian, PhishLabs, and Alert Logic. Those are some of the names that people might be most familiar with.
The company was looking for a name that's more synonymous with security and could become united under a single vision. We are an ally to our customers, helping solve their most complex problems. That's where it made sense to change the name to Fortra. In fact, at Fortra, we say we want to be your cybersecurity ally, and be a positive change in cybersecurity.
When we look at Fortra and all the product lines that comprise it, what benefits will that bring to existing, as well as new customers?
AS: If we go back 10 years, the industry was heavily focused on “best of breed,” and there was always a new problem to fix. Back then, there were more than 2,500 security vendors. Today, that number has nearly doubled because with new types of problems there are new security tools for those problems which organizations will add to their security stack. It's not uncommon for even smaller enterprises to have a few dozen security tools, and it's just a headache to manage. You have multiple security tools with overlapping capabilities, multiple renewal cycles, multiple contracts, and multiple vendors for support. You have to have somebody dedicated to keeping track of all of those. It causes a lot of complexity for the professionals responsible for the security posture of an organization.
Fortra’s focus is to create a stronger and simpler future for cybersecurity. We wanted to help organizations increase their security, as well as decreasing their operational burden. The joining of all of these acquisitions provide a number of different capabilities across the spectrum of multiple security controls, making it easier for organizations to manage fewer vendor relationships, fewer renewals, fewer support contracts, or support in general. We are tightly integrating the product lines to unlock new use cases, allowing customers to be able to solve complex security challenges from a single vendor.
We are already seeing some of the benefits in the short time that all of these companies came together. For example, we are combining Threat Intelligence programs which has resulted in improved efficacy and decreased false positives for email security and stopping domain spoofing. This brings tangible benefits to our customers, and those efficiencies are going to improve as we progress.
How are cyber attacks are changing, and what are some of the, the biggest threats that companies need to focus on?
AS: A lot of the latest threats are the same things that have been happening for years. The bad actors are still exploiting old vulnerabilities because they still exist on unpatched critical systems. When they make entry they typically move laterally until they find something of value at which point they will carry out their action on objective. For organizations to address the biggest threats they need to ensure their security strategy includes three components: Reduce the likelihood of an attack, identify an active attack, and reduce the impact of a successful attack. Vulnerability management and Penetration Testing go a long way to reducing your attack surface proactively. Integrity monitoring and network analysis can help identify if there are unwelcomed guests that have made their way into your environment.
There should also be an incident response plan to get back to normal operations as quickly as possible.
Fortra security solutions help in all three areas. Also, within the portfolio we have multiple leading Threat Intelligence programs which we are unifying. The unification will allow us to aggregate all of the feeds from all of the different sources, giving our clients greater insight into indicators of compromise and other anomalies faster, and with better efficacy. We’re also available to provide help to organizations that need mitigation guidance and planning.
Cyber insurance has become another way for organizations to protect themselves. What are some of considerations for organizations that want to explore cyber insurance policies?
AS: Cyber insurance has been around for more than 20 years but it’s become a hot topic in the past few. Essentially, it's liability insurance to help the organization reduce their financial risk in the event that they have a breach and expose Personally Identifiable Information (PII), or other data loss. Every year for the past several years, ransomware attacks have been on the rise. Ransomware payments have also been on the rise, causing cyber insurance companies to pay out a ton of money from incidents. This has caused cyber insurance premiums to rise and has also caused insurance companies to be more stringent and selective on coverage, as well imposing limits on their coverage. Nowadays you have to demonstrate a certain level of security hygiene with various before getting coverage.
How can Fortra actually translate into potential lower premiums, more coverage, and better cyber insurance for organizations?
AS: Being able to demonstrate your risk posture, and being able to show that you are taking steps to reduce your attack surface on a regular basis can increase insurability. Fortra’s products enable an organization to create reports that show progress over time. The reports are also evidentiary, since every organization has to be able to satisfy one or more compliance mandates. If a company’s security program is not as mature as it should be, we offer services that can help to identify where some areas of opportunity exist.
Most importantly, we know that there's no such thing as a hundred percent prevention. There's no such thing as eliminating risk completely. However, we have a portfolio that is more powerful together to help customers increase their security maturity and lower their operational burden.
Are there any best practices that you can advise to help companies manage their risk when working with third party suppliers?
AS: The challenge with third party suppliers is that an organization has to trust that those business partners are meeting your criteria to keep themselves secure and reduce risk, while also not introducing new risks in the process. Secure collaboration technology, awareness, and training are essential to maintain strong security across the supply chain. In the past few years, this has been addressed with increasing diligence. Some organizations require their business partners to respond to a questionnaire, with follow-up reviews to ensure that the partner is meeting the standards required by the host organization.
This year, Artificial Intelligence (AI) has taken a prominent position in many areas. What do you anticipate are some of the benefits, as well as the drawbacks to AI in cybersecurity?
AS: AI has been around for a long time in the cybersecurity industry. AI and Machine Learning (ML) have been used in many products to identify malicious activity faster and more efficiently. This means that there are fewer false positives in detection mechanisms. The cybercriminals have also taken advantage of AI as well. For example, AI has been used to create polymorphic malware, that is, malware that constantly mutates and tries to change its code and tries to disguise itself to evade detection. Similarly, AI can write a very convincing phishing email, without the traditional spelling and grammatical errors that we have all been trained to look for. That's a clue that's been eliminated. The threat actors will always leverage new technologies to improve their attacks and the industry will respond with new ways to detect and combat these threats. It’s the constant game of cat and mouse.
Thanks for taking the time to speak with us.
AS: You’re welcome.