Innovation is deeply rooted in our industry – driven by the attackers who are constantly evolving their techniques and the security industry working against them.
I’ve seen the innovation first hand. At RSA, we built a business on our foundation in authentication and encryption to become a leader in several of the most important information security technologies, including security analytics, identity, and Governance, Risk & Compliance. RSA Security grew from $25 million in 1995 to over $1 billion when I retired as Executive Chairman in 2015.
More recently, I’ve seen innovation through my role at Rally Ventures and as a board member of companies like Bugcrowd, Cylance, and AtHoc – each driving important change in the industry.
Today, I’m pleased to announce that I’m joining Phantom’s Advisory Board to help evolve our industry’s approach to another important challenge – perhaps the biggest we’ve ever faced in security.
We simply don’t have enough security professionals to cover all of the open positions that exist today. Estimates show a shortage of between 1 and 2 million qualified professionals. Worse, we’ve now been building point products for more than three decades and can count over 1,400 security vendors in the market today. As much as I worry about technology being eclipsed, I worry more about how we keep adding control after control without looking at the problem holistically. I talk to CSO’s and CISO’s all the time and their common refrain is, “I can’t absorb another product!”. Meanwhile, the hackers continue to innovate, and the time we need to address breaches continues to increase.
The only way to address this challenge is with true defense in depth. We need to eliminate the tired old categories of endpoint, network, identity management etc. and start looking at solving the problem in a way that helps us create defense in depth. How, by thinking about defense in terms of several discreet layers: preventing attacks before they’re launched; detecting attacks if we can’t prevent them; preventing intrusions when we spot the attack; detecting intrusions when we can’t prevent them and responding to intrusions to prevent loss or disruption if we have been breached. The key to the success of this approach will be automation. In the past, people dismissed it as a non-viable solution for fear of automating false positives and potentially disrupting a commercial application or a key element of the infrastructure. That view is quickly changing because we just don’t have the security professionals to cover all the companies and vulnerabilities that exist in our infrastructures.
Companies adopting automation are already seeing results. Tasks that routinely consumed hours or longer, can be completed in seconds with automation. Equally important is the improved accuracy and consistency in their processes as the same data is gathered for every security alert, and every alert is investigated the same way, every time.
The team at Phantom is leading the way in the emerging security automation and orchestration space. Their purpose-built platform is already helping organizations drive efficiency and consistency in the SOC, leveraging existing and newer innovative security investments. Two of my investing tenets, as I consider security startup business plans, are to look for companies that add value to customers’ existing security technology infrastructure and make their SOC’s more cost effective. Phantom delivers on both counts, technically and extends their capability, qualitatively, with their community-based approach. We are, indeed, stronger together. From the Playbooks needed to automate security to the Apps required to integrate technologies seamlessly to one another, the Phantom community is coming together to develop and share the tools needed to address this critical challenge (Join the Phantom Community).
I’m excited to work with the Phantom team. They’re not just solving the latest problem; I believe Phantom is helping to redefine security.