Thought Leaders in Cyber Security: Manoj Leelanivas, CEO of Cyphort (Part 3)

Sramana Mitra: Let’s do another couple of examples like this. You said your main differentiation and where you’re innovating the most is in unearthing threats that are unknown to the enterprise. I’m trying to understand what kinds of threats are unknown to the enterprise that your work has helped you figure out.

Manoj Leelanivas: Definitely, the threats unknown is the most important thing. The second part of it, which is probably interesting for you, is that in this modern world, we definitely want to have a solution that is very easy to deploy. We were talking about differentiation, I want to cover how it is a differentiator.

Sramana Mitra: Ease of use, as a differentiator, is not interesting to talk about. We will not extract any insight out of that differentiation. >>>

Thought Leaders in Cyber Security: Manoj Leelanivas, CEO of Cyphort (Part 2)

Sramana Mitra: Let me see if I got what you said. The real differentiator is, you focus on threats that are unknown to the enterprise and you’re saying that you’re the only or one of the few companies that are capable of unearthing threats that are not already known by the enterprise.

Manoj Leelanivas: Correct. If you look at the journey, majority of the companies focus on threats you already know. There were a couple of companies over the last five years, most notably FireEye, that started looking at threats you don’t know, but their focus was on things coming from the perimeter. We changed the game completely by focusing on the enterprise as a whole and providing a complete picture on a single pane of glass. If you look at a large retailer which got breached, there’s nothing you could do at the perimeter. In web and email, there was nothing.

The breach happened because it was an unguarded system that was attacked. >>>

Thought Leaders in Cyber Security: Manoj Leelanivas, CEO of Cyphort (Part 1)

In the crowded world of Cyber Security, where is the true innovation? Manoj throws light on an esoteric area of undiscovered threats and how they are handled by Cyphort.

Sramana Mitra: Let’s start by introducing our audience to yourself as well as to Cyphort.

Manoj Leelanivas: I’m the President and CEO of Cyphort. I started off my professional career at Cisco about 20 years ago. I was part of the team that started Juniper Networks. I was with Juniper for a long time. I had different roles at Juniper. I ran all of engineering and all the product management groups. Then I created a software business for Johnson, our CEO, which grew to be $150 million business. I ran sales for a year and a half. One fine morning, I said, “It’s time for me to create a new startup.” I’ve done the large company and I just wanted to do something different. That’s my journey to Cyphort. >>>

Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta (Part 3)

Pat Donnellan: In the UK, there is a directive issued by the Bank of England which stipulates that on an annual basis, each licensed financial service organization operating in the UK is subject to a cyber analytics audit where a live malware is injected into the network of the financial services organization. The audit was determined on how that organization responds to that particular live threat. We operationalize how the financial services organization deals with that. There are pending legislations that stipulate an extension of what the UK is planning where enormous buying is being proposed for financial services organization who do not have, in essence, control over their network and are unable to effectively respond to malware threats.

Sramana Mitra: Talk to me about the industry in general. You’ve already started talking to some extent about the industry in general. Talk to me about what are the open problems. Where do you encourage entrepreneurs to look for problems to solve in the cyber security space? More specifically, in the areas you monitor more closely than others. >>>

Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta (Part 2)

Pat Donnellan: The third part, which is a subset of the real-time product, is that we have built a Hadoop engine that enables the storage of what we’re gathering so that if there is an event – an incident response required – around a particular time, a particular network, a particular region, and a particular set of IP addresses, we can enable you to forensically zone back prior policy of storage to that particular set of circumstances. Again, looking at the real-time movements over a specific period of time.

More recently, we’ve added the capability of taking the threat intelligence libraries of known bad actors and being able to test in conjunction with our product in real-time whether or not your enterprise is now exposed to a particular bad actor. Whether you have within your organization a functioning device that has been zombied, that is the third strand of what we do. We crawl the network akin to how Google crawls across a multitude of databases to gather information. We crawl recursively, right out to the edge of the network and beyond, if required, to enable you to continuously understand your network. We make sense of that. We enable you to prioritize with our Hadoop engine the five things that are priority policy. >>>

Thought Leaders in Cyber Security: Pat Donnellan, CEO of Lumeta (Part 1)

A different snapshot into the Cyber Security world… can the vulnerability management providers actually see the entire network?

Sramana Mitra: Let’s start with introducing our audience to yourself as well as to Lumeta.

Pat Donnellan: First of all, let me introduce Lumeta. Lumeta is a New Jersey-based company in the cyber security space. The software was originally conceived within the environment of Bell Labs to facilitate the US government DOD to understand, at that point, the Internet. It was originally conceived as a scanning and mapping tool to identify devices and IP addresses on a worldwide basis. That was the original concept. It evolved when a number of investors that put a lot of money into it to build it out. I, along with a number of other individual investors, bought the business just over two years ago. In essence, we bought it on the premise that the future of cyber security centered on real-time as opposed to continuous.

There’s a big distinction there. Real-time network situational awareness – meaning in enterprises and government agencies, the basic premise of Lumeta is without our product, you do not understand your network. You have a 15% to 20% visibility gap in devices, networks, IP addresses, and >>>

Thought Leaders in Cyber Security: Neal Creighton, CEO of CounterTack (Part 5)

Sramana Mitra: That actually brings me to the open opportunity question. This is more about going up to the 30,000 foot level of what’s happening in the industry. Do vendors who sell to multiple international authorities have the technology available to them if you were to share data with them to be able to trace it back to the actual criminals and take action?

Neal Creighton: Our technology is very automated in how we design it. We don’t like to have a lot of people doing manual inputs into it. However, the kind of work that you’re talking about really does require some forensics investigation over time. Many nation states have people working in this area to figure out attribution. A lot of times, we can figure those things out. The difficulty is however lies in how we respond. I think we’re all struggling with it.

Sramana Mitra: But it’s not up to you to respond. This gets into criminal law and order territory. It’s not up to private companies or citizens to respond to criminal behaviors. That is for governments and law authorities to act on it. >>>

Thought Leaders in Cyber Security: Neal Creighton, CEO of CounterTack (Part 3)

Sramana Mitra: Next, let’s talk about some of your customers. In your work with them, what kinds of threats are you able to protect them from? Get a little bit more granular and bit more technical.

Neal Creighton: We have customers all over the world. We sold products to a couple of thousands and we have three products. At the end of the day, we’re trying to stop the types of attacks you’re reading about in the newspapers. Let’s go through some use cases. One use case is an insider threat use case. We’ve all heard about Snowden and the NSA and understand that insiders can have access to very valuable information. One of our customers is a large multinational firm from which its data was being taken. They didn’t know who was doing it but it was costing them. It was costing them a huge amount of money. We were able to put our technology in. >>>