Sramana Mitra: What is the competitive landscape around you? We do a lot of discussions in the cyber security space. Cyber security has always been one of the most active areas of innovation and entrepreneurship. There’s a tremendous number of vendors and tremendous amount of activity in every corner of the cyber security industry.
Could you help us understand the ecosystem around you? Who’s doing what and where exactly do you position yourself in that continuum?
Jeff Swearingen: I agree that there’s an awful lot of software companies doing an awful lot of different things. When it comes to privileged access for third-party remote support, you don’t need SecureLink. You can buy seven or eight different pieces of technology and string them together. For example, if you use a VPN, that can provide the platform that makes a physical connection.
Of course, you don’t just need a VPN. You need a way to authenticate a user. You can authenticate by a number of different ways. You can have two-factor authentication like RSA. That’s difficult with a third-party because you don’t employ the person that has the credentials. If you give me login to your VPN and you’ve authenticated me with a login and password, you don’t know if I got fired or not. I’ll leave that for now.
There’s credential management like CyberArk and several other that offer privileged access management. You need a network access control or identity access management layer that gives me access to everything I need and nothing I don’t. There’s a layer there. You need an audit layer which is super important in regulated industries. If a third-party logs into a casino and takes down the slot machine floor, that’s a really expensive event.
If you don’t have an audit layer working on those remote connections, it’s impossible to prove or disprove whether that technician rebooted the test server, the dev server, or the production server. There are many companies that offer auditing. There’s also desktop sharing.
I mentioned WebEx and LogMeIn. We include that as a part of the stack. We have other tools that do automation. We have tools that do systems monitoring and of course, the workflow wrapper around the whole thing that’s designed for this specific purpose of third-party remote access.
If you think about that as a vertical technology stack, those are the areas of competition we have. There are literally thousands of vendors that you can choose to pull from that stack of technologies for third-party remote access, or you could just buy from SecureLink.
Sramana Mitra: Let’s do the 30,000 foot level question. In your industry, what are the emerging trends? If you were starting a company today, what open problem would you go after?
Jeff Swearingen: It’s a great question. We think about it from the perspective of the entrepreneur versus the potential customer versus a hacker. If I’m a hacker, I’m interested in a different dataset than you might think. Ransom has been pretty popular because the return on investment is so high. I’d also be looking at medical records. We do a fair percentage of our business in healthcare.
The reason for that is the value of a full medical record might be 10 or more times valuable as a credit card. That surprises a lot of people. The reason for that is, with a stolen credit card, you might tank a gas whereas with a medical record, you might get a mortgage or a kidney, which is significantly more valuable. In the dark web, medical records sells for a much higher rate. Bridging from a hacker to a potential customer’s perspective, one of the weak points is the way that the attack surface has broadened greatly over time.
Everything used to be on-premise. You could just lock the front door and shut off the modem. Today, people have on-premise equipment. They’ve got cloud equipments. They’ve got different offices and data centers. The surface area is really difficult to defend. I’m going to throw out third-party remote access risk as a trend that I think is important. The reason for that is a lot of companies are focused on their employees and how they do remote access or how they connect to internet systems. That’s a very important thing to get right, but it’s not nearly as challenging as third parties.
The reason for that is multi-fold. One of them is that an employee might have access to a sales report or maybe a salary information. A vendor with a third-party admin credential can copy patient financial database to a USB stick. They could kill somebody on an operating table. They could take down a slot machine floor. They’re really powerful privileged access accounts.
Finally, what all enterprises should be thinking about is, for every internal user that has an admin account, you might need 10 to 30 times as many technicians from third-party vendors. The reason for that is a technology vendor might have 5,000 different individuals. You don’t employ them so you don’t know when they get hired. You don’t know when they get fired.