eweekchat

Can I answer for Scott/McAfee? : )

(edited)

@brucekornfeld heheh sure

A6. We have a new feature, called Delphix Live--a magic mount point that enables all the data automation and compliance of the platform.

If you have not checked out our new Insights product you should, as a former CISO, I would have loved to have had this tool's dashboard on my office screen all day.

A6. Also, with our focus on programmable data infrastructure, we're increasingly used to wire data into toolchains for SRE, DevOps, CI/CD, and AI/ML.

A6: At StorMagic, we're seeing increased demand from our edge customers (retails stores, manufacturing sites, smart cities) where storage and security are an even bigger problem than before. They all struggle with protecting/securing data at these small sites.

A6. We now protect and ensure compliance for data in Salesforce.com, especially for UAT environments.

See? This is the way I get news sources!

A6. And our continuous and immutable time machine is a superior ransomware solution being used by many industry leading enterprises to close data gaps and enable data observability.

@brucekornfeld You are absolutely right, they have a big challenge with a very distributed environment with at very heterogenous hardware stack.

A6: We recently installed at an auto parts manufacturer that needed to manage encryption keys from these tiny little sensors that they sell to car manufacturers.

A6. In 2020, the increased dependence on digital operations drove incredible demand for Delphix, which pushed us into significantly faster growth AND profitability.

@ScottHowitt And these smaller, remote sites have been easy for the central IT/Security teams to ignore........but no longer.

A4. Data immutability is now here for containers. You can capture full history of data in an immutable time machine and also mask/de-identify data before provisioning to new containers.

A4: Containers are happening and moving fast - hypervisors will be a thing of the past at some point. Container-based security becomes really important. (and file, network, cloud will all need to be part of the container solution).

@jedidiahyueh Containers and security never saw eye-to-eye in the past. A lot has improved since those early days.

There are advantages to using something and destroying it when you are done with it and that is much easier to do in the cloud. We struggled to do this in Data Centers. The cost of keeping things in the cloud is a deterrent for the old "save everything" mentality.

A4. Agree. Security generally lags innovation.

A4: Redhat/IBM recently announced the acquisition of Stackrox - everyone is thinking along the same lines.

@ScottHowitt Yep. Many people are misled by the cost of access and egress in cloud services.

@jedidiahyueh That is an interesting approach. Have you seen this in practice? How hard was it to implement?

@brucekornfeld What does Stackrox bring to IBM/Red Hat's huge cadre of products?

You certainly have to be thoughtful, lift and shift principles will not save you money. You have to totally rethink how your infrastructure and data adjacency works.

@scotthowitt A4. Just need a mount point and the rest is automated.

Seems like Redhat needed a quick way to shore-up their security strategy for containers/Kubernetes - apparently - security isn't a top focus area for Kubernetes either. Its a wide open playing field for many and will drive more innovation (and acquisitions).

To me it has to be credential focus many of the hackers are not hacking but just logging in

A5: Software that enables organizations to adopt Zero-Trust architectures. These solutions are really starting to take hold and become more prevalent in the industry.

Q5. Data will become increasingly programmable for DataOps and SecOps use cases. Better integrations across tools can reduce risk and improve recoverability.

The market for SASE and EDR continues to grow, but I am also seeing some really interesting ML/AI tools come out. They early ones seemed to be a lot of hype but there are now some that really seem to be emerging that have merit.

@furrier Are they still hackers if they're just logging in?!

@furrier Hi, JF! So yo're talking about insider access with bad intentions?

@brucekornfeld And it has to be true zero trust. I am seeing too many architects still building admin level access into environments. It really goes against the fundamental principles of ZTA.

Agreed, REALLY trust no one - even admins.

But I would love to see us get away from what you know and have authentication only based on what you are and what you have.

@brucekornfeld I only know this because I used to be a television critic, but there used to be a TV show "Who Do You Trust." Johnny Carson was the host. No, I don't remember seeing it, but it appears that NOBODY is perfectly trustworthy anymore.

Hey, Frank Abagnale eventually went to work for the good guys!

A3: Secure the endpoints with encryption and Zero-Trust technologies like biometrics. Implement proper security policies. Treat cybersecurity as a business decision not just an afterthought.

A3. As access points proliferate at the edge, it's even more important to safeguard the target data in core systems and environments. Masking and de-identification can reduce the total data at risk by 80%+.

@jedidiahyueh Masking I get, but can you define de-identification for us, Jed?

A3. Have to assume the perimeter will be breached. So defenses inside the data are paramount.

It will get harder to secure the device itself. You are going to have to watch the behavior as people are accessing your assets and data. You want to get out of the way when the data is not important and insert yourself when the behavior is not as expected.

A3. De-identification is removing the personally identifiable information and replacing it with data that still maintains referential integrity but does not have risk.

(edited)

@ScottHowitt Interesting and agreed. Do you know of tools available that can help?

@brucekornfeld There are great SASE tools out there that will help watch the behavior of moving in and out of your cloud and SaaS products. TIP tools are also getting better at plugging into tools that will analyze them and predict for your environment.

Technology is moving so fast you can no longer learn what you need to solely from a book. You need to collaborate with others outside your enterprise to keep yourself up to date.

A3. Totally agree.

A3: Completely agree. This is exactly what makes security professional's jobs so hard!

Yep, it has alway been about defense in depth and adapting to changing models

A3. Even then we can't stop a hostile nation state from corrupting bad actors that are hired or are granted access.

A1: The biggest thing this points out is: "be careful of your supply chain"

Where before we may have been less vigilant about watching out CI/CD pipelines were set-up, we may have to dig deep to ensure security is built in the process. We also need deep assurance of code signing processes for sensitive products.

A1: I know its hard to do and to enforce - but educating all employees about cybersecurity hygiene (not opening suspicious emails, etc...) is paramount

@ScottHowitt Agreed, Scott. There are plenty of security technologies available to help - but training and processes are equally (or more) important.

@ScottHowitt Isn't se urity being built into the silicon and hardware and processes a lot more, now that we know it's effective?

We are seeing that some, but a lot of time they can also be updated to keep up with the latest trends and that embedded code can still have vulnerabilities