New infosec products of the week: October 23, 2020

Deepwatch Lens Score: SecOps maturity planning and benchmarking

Deepwatch Lens Score allows CISOs to quickly understand data source collection, active analytics, and what their Maturity Score is today and how to improve it. The powerful app is intuitive and delivers valuable data and insights to CISOs in a few minutes in the palm of their hand.

infosec products October 2020

Entrust launches direct-to-card solution for instant physical and mobile ID issuance

Sigma systems deliver a seamless user experience across the issuance process for desktop and mobile printing needs. It eliminates the frustrations of printer set-up with a modular design and an out-of-the-box implementation that takes less than 30 minutes for users to begin issuing identities.

infosec products October 2020

Splunk helps security teams modernize and unify their security operations in the cloud

Led by new, cloud-centric updates to Splunk Enterprise Security, Splunk Mission Control and the newly announced Splunk Mission Control Plug-In Framework, Splunk’s security operations suite enables Splunk customers to secure their cloud journey and solve their toughest cloud security challenges with data.

infosec products October 2020

Incognia launches fraud detection solution for QR code contactless payments

Incognia’s fraud detection solution for QR code contactless payments uses location behavioral biometrics to verify buyer’s and seller’s real-time and historical location behavior to protect against fake QR codes, account takeovers and use of fake synthetic identities during transactions.

infosec products October 2020

Are today’s organizations ready for the data age?

67% of business and IT managers expect the sheer quantity of data to grow nearly five times by 2025, a Splunk survey reveals.

data age

The research shows that leaders see the significant opportunity in this explosion of data and believe data is extremely or very valuable to their organization in terms of: overall success (81%), innovation (75%) and cybersecurity (78%).

81% of survey respondents believe data to be very or highly valuable yet 57% fear that the volume of data is growing faster than their organizations’ ability to keep up.

“The aata age is here. We can now quantify how data is taking center stage in industries around the world. As this new research demonstrates, organizations understand the value of data, but are overwhelmed by the task of adjusting to the many opportunities and threats this new reality presents,” said Doug Merritt, President and CEO, Splunk.

“There are boundless opportunities for organizations willing to quickly learn and adapt, embrace new technologies and harness the power of data.”

The data age has been accelerated by emerging technologies powered by, and contributing to, exponential data growth. Chief among these emerging technologies are Edge Computing, 5G networking, IoT, AI/ML, AR/VR and Blockchain.

It’s these very same technologies 49% of those surveyed expect to use to harness the power of data, but across technologies, on average, just 42% feel they have high levels of understanding of all six.

Data is valuable, and data anxiety is real

To thrive in this new age, every organization needs a complete view of its data — real-time insight, with the ability to take real-time action. But many organizations feel overwhelmed and unprepared. The study quantifies the emergence of a data age as well as the recognition that organizations have some work to do in order to use data effectively and be successful.

  • Data is extremely or very valuable to organizations in terms of: overall success (81%), innovation (75%) and cybersecurity (78%).
  • And yet, 66% of IT and business managers report that half or more of their organizations’ data is dark (untapped, unknown, unused) — a 10% increase over the previous year.
  • 57% say the volume of data is growing faster than their organizations’ ability to keep up.
  • 47% acknowledge their organizations will fall behind when faced with rapid data volume growth.

Some industries are more prepared than others

The study quantifies the emergence of a data age and the adoption of emerging technologies across industries, including:

  • Across industries, IoT has the most current users (but only 28%). 5G has the fewest and has the shortest implementation timeline at 2.6 years.
  • Confidence in understanding of 5G’s potential varies: 59% in France, 62% in China and only 24% in Japan.
  • For five of the six technologies, financial services leads in terms of current development of use cases. Retail comes second in most cases, though retailers lag notably in adoption of AI.
  • 62% of healthcare organizations say that half or more of their data is dark and that they struggle to manage and leverage data.
  • The public sector lags commercial organizations in adoption of emerging technologies.
  • Manufacturing leaders predict growth in data volume (78%) than in any other industry; 76% expect the value of data to continue to rise.

Some countries are more prepared than others

The study also found that countries seen as technology leaders, like the U.S. and China, are more likely to be optimistic about their ability to harness the opportunities of the data age.

  • 90% of business leaders from China expect the value of data to grow. They are by far the most optimistic about the impact of emerging technologies, and they are getting ready. 83% of Chinese organizations are prepared, or are preparing, for rapid data growth compared to just 47% across all regions.
  • U.S. leaders are the second most confident in their ability to prepare for rapid data growth, with 59% indicating that they are at least somewhat confident.
  • In France, 59% of respondents say that no one in their organization is having conversations about the impact of the data age. Meanwhile, in Japan 67% say their organization is struggling to stay up to date, compared to the global average of 58%.
  • U.K. managers report relatively low current usage of emerging technologies but are optimistic about plans to use them in the future. For example, just 19% of U.K. respondents say they are currently using AI/ML technologies, but 58% say they will use them in the near future.

Splunk’s new APM solution unlocks real-time observability for cloud infrastructure

Splunk, provider of the Data-to-Everything Platform, announced the next release of SignalFx Microservices APM, the only application performance monitoring (APM) solution that provides customers complete observability into modern, cloud-native environments to produce meaningful business outcomes regardless of scale.

The new release of SignalFx Microservices APM combines the NoSample full-fidelity tracing, open standards based instrumentation, and artificial intelligence (AI)-driven directed troubleshooting from SignalFx and Omnition into a single best-in-class solution.

Customer expectations for seamless digital experiences are at an all-time high, and as more applications move to the cloud, software development and operations (SDO) performance become increasingly important to keep pace with these requirements.

SignalFx Microservices APM helps organizations as they embrace the cloud and microservices, and enable their DevOps teams to innovate faster, elevate customer experience, and future-proof their applications.

“As organizations make the shift from on-premises to hybrid and cloud-native environments, Splunk is the only company that can support any organization’s observability needs across all stages of their digital transformation,” said Rick Fitz, senior vice president and general manager, IT Markets, Splunk.

“In less than one year since acquiring SignalFx and Omnition, Splunk is already delivering an integrated solution that empowers organizations to leverage all their data to better manage complexity and create meaningful business outcomes in these cloud-native environments.”

“We deployed microservices alongside our traditional monolith with the goal of providing valuable features and products more rapidly to our customers. As we did, we quickly realized we needed better visibility into the transactions that occurred within this more complex architecture,” said Matt Coddington, Senior Director of Operations Engineering, Care.com.

“With SignalFx Microservices APM from Splunk, we had the tools to correlate application behavior with the metrics from our cloud infrastructure, allowing us to instantly see how customer transactions behave in our system and quickly resolve any issues that could impact customers.”

Development teams adopt microservices in order to innovate quickly, and many rely on open standards to build, connect and observe their infrastructure. Proprietary data collection is not built for modern cloud environments or how developers want to work today.

SignalFx Microservices APM supports lightweight, open source and open standards-based instrumentation that allows the most flexibility in capturing any organization’s data.

Splunk recently demonstrated its commitment to open source by deepening its relationship with the Cloud Native Computing Foundation (CNCF) by becoming a gold member.

Originally joining in 2017 as a silver member, Splunk is an active user of and contributor to several open source technologies. Additionally, through the Omnition acquisition, Splunk is a founding member and active contributor to the CNCF OpenTelemetry project.

Splunk advances observability into Kubernetes environments

Splunk further expanded its observability offerings with a major feature release in SignalFx Infrastructure Monitoring that increases DevOps teams’ productivity by bringing them even closer to their containerized data.

Kubernetes Navigator is a turn-key solution that provides an easy and intuitive way to understand and manage the performance of Kubernetes environments. AI-driven analytics automatically surfaces actionable recommendations to expedite triaging and troubleshooting.

A new seamless workflow integration between Kubernetes Navigator and Splunk Enterprise or Splunk Cloud eliminates context switching, provides granular insights, and accelerates root-cause analysis.

“The engineering team at ClearScore moves fast with over 500 releases a month across 200 microservices,” said Tim Richardson, Director of Engineering, ClearScore.

“Enhanced with the new functionality of Kubernetes Navigator, Splunk gives our engineering teams real-time visibility across our modern infrastructure, enabling them to stay agile and focused on our mission of making personal finance clearer, calmer and easier to understand for our 10 million users worldwide.”

With Kubernetes Navigator now generally available, DevOps teams can use SignalFx Infrastructure Monitoring to detect, troubleshoot and resolve cloud infrastructure performance issues faster than ever before.

How to begin tapping the full value of your data

By making better use of data, leading organizations had materially increased revenue and reduced operational costs, boosting profitability by an average of 12.5% of their total gross profit, according to a Splunk survey.

data strategy

The research study surveyed 1,350 senior business and IT decision-makers across eight industries in Australia, China, France, Germany, Japan, the UK and the US.

Results found that a more advanced data strategy was tied to improved outcomes including revenue growth, operational cost reduction, increased innovation, faster time to market, higher customer satisfaction and retention, and better, faster decision making across all industries and in all countries.

The data-to-everything journey

In addition to analyzing how organizations are saving money and growing revenue with data, the study assessed respondents’ different stages of data maturity based on criteria such as the prevalence of modern analytics tools and skill sets and the effectiveness of the organization at operationalizing its data.

Respondents were grouped into three data maturity categories:

  • Stage 1: Data Deliberator – Organizations that are in the early phase of their data strategy implementation.
  • Stage 2: Data Adopter – Organizations that are making good use of their data, but still have room for improvement.
  • Stage 3: Data Innovator – Organizations which place the strongest strategic emphasis on data and have an advanced strategy in place to extract business value.

The study found that an organization’s stage of data use impacts its ability to not only glean insights from its data, but to convert these insights into concrete, data-driven decision-making and real-time action. All organizations reported benefits from better data use, but Data Innovators achieved considerably higher key business and economic benefits.

Relative to the Data Deliberators surveyed, Data Innovators have added 83% more revenue to their topline and 66% more profit to their bottom line in the past 12 months. The study found Data Innovators to be more likely to have a data-obsessed company culture and employ AI technologies for data analysis by acting on their data more frequently.

In addition, the study found that 97% of Data Innovators meet or exceed their customer retention targets, with the majority (60%) having actually outstripped their goals.

Meanwhile, 93% feel they tend to make better, faster decisions than competitors; while 91% believe that their organization is in a strong position to compete and succeed in its markets over the next few years.

However, across industries and countries, less than 11% of organizations have reached the stage of Data Innovator, demonstrating that nearly 90% still have room for improvement.

Organizations embracing data are primed to lead the next generation of business

The study quantifies the economic impact resulting from an organization’s better data use, with significant findings across eight major industries, including:

  • 89% of financial firms agree that the intelligent use of data and analytics is increasingly becoming the only source of differentiation in the financial industry.
  • 65% of technology firms have increased revenue through better use of their data assets.
  • 60% of retail firms have increased revenue through better use of their data assets.
  • 88% of healthcare and life sciences firms agree that advancements in data analysis and correlation of different data sets will have as big an impact on health outcomes as other medical advancements.
  • 55% of manufacturing and resources firms have increased revenue through better use of their data assets.
  • 93% of traditional communications and media companies agree that they must use data to reinvent their services or be disrupted by alternative entertainment offerings.
  • 52% of public sector agencies have reduced their cost of operations through better use of their data assets.
  • 51% of higher education institutions used data to provide better and more proactive protection from cyber threats.

Organizations who utilize data outperform their global peers

The study also surfaced trends related to data utilization maturity by country:

  • 53% of UK organizations have progressed beyond Stage 1 data utilization maturity status; tied for 3rd out of the seven countries included in this survey.
  • UK organizations were most likely to say they have improved product/service quality as a result of better data utilization. 73% reported improved product and/or service quality compared with a global average of 67%.
  • Relative to organizations in other countries, they are also most likely to report improved employee efficiency and/or productivity as an additional benefit of better data discovery and use. 65% reported increased employee efficiency and/or productivity, compared with a global average of 60%.
  • Among respondents attributing an increase in top-line revenues to improved data utilization, UK organizations report an average 12-month revenue gain of 3.97%; the second-highest increase among all countries surveyed. The highest increase was in China, with 4.05%.

Cybersecurity is a board level issue: 3 CISOs tell why

As a venture capital investor who was previously a Chief Information Security Officer, I have noticed an interesting phenomenon: although cybersecurity makes the news often and is top of mind for consumers and business customers, it doesn’t always get the attention it deserves by the board of directors.

cybersecurity board level

Misconceptions and knowledge gaps increase this distance between security and oversight. How can boards dive deeper into the world of security and overcome the entry barriers to collaboration? Seeking advice, I reached out to prominent security leaders: Joel Fulton, the former CISO of Splunk; Jeff Trudeau, the CSO of Credit Karma; and Yassir Abousselham, the former CSO of Okta and the newly appointed CISO of Splunk. Here are their tips for board members.

Recognize security as both a business risk and an opportunity

First and foremost, it is imperative for the board to appreciate the impact that information security can have on the business. Boards should treat security as a top business risk as well as a top business opportunity. Major security events can have a significant impact on revenue, brand, and even lead to catastrophic results.

Abousselham elaborates: “In an era where organizations are handling large amounts of sensitive information and governments are actively pushing more stringent privacy laws, data breaches have serious ramifications for the organization, its customers, and partners.”

Bridge the technical gaps

Contrary to popular belief, security leaders believe that domain expertise is not a prerequisite to making smart security decisions. Instead of focusing on every technical bit and byte, Trudeau suggests the conversation should concentrate on understanding the risks and ensuring they are properly addressed.

Yet, even on a macro level, security concepts might be difficult to fully understand, so a short and dedicated security training for the board can come in handy. It’s also key to remember that it’s not only the board members who may feel like fish out of water. The CISO, too, can get intimidated and might over-rely on the comfort and familiarity of technical details.

To mitigate the differences, Abousselham offers to foster a synergic discussion by framing risks and mitigations in business terms. Fulton proposes focusing on the Venn overlap of the security program’s weaknesses and the board’s strengths (like governance and strategy). This enables the board to interact with security as they do with other domains, empowering the CISO with wise counsel, and letting both view clearly the current situation and the paths to success.

Ask the right questions

The board should operate on the notion that absolute security does not exist. The best way to assess your security program is often by focusing on and drilling down into the economic trade-offs.

Fulton’s suggested economic questions include: Are you applying your scarce resources, people, and time to the correct problems? Next, drill deep to understand the security leader’s rationale and thinking: How do you know you’re right? What evidence would indicate you’re wrong? and How can we find that evidence?

The board’s questions should also serve as a vehicle for both the CISO and Directors to think more strategically about security. As the technological environment has evolved tremendously in recent years, it is important to step outside the traditional realm of compliance and assess the potential catastrophic consequences of security deficiencies. For example, Trudeau proposes including questions like: Could what happened at this other company happen to us? What would be the damages from such threat materializing in our company?

Evaluate the effectiveness of the security program

The group offers structured approaches to synthetizing information and reaching conclusions about the security program. Abousselham recommends a top-down method: “Confirm that the CISO has a good grasp of security and compliance risks. Then validate that the CISO’s vision and strategies support the direction of the company and desired risk posture. Further, get comfortable with the CISO’s ability to execute, including the adequacy of the organizational structure, technical capabilities, funding, and ability to hire and retain talent. Lastly, because incidents are bound to happen, evaluate the ability to detect and respond to security compromises”.

Fulton advocates that the board seek to help the CISO with possible blind spots, looking to validate the security strategy and initiatives with questions like: Where are you intentionally reducing focus? Why is that decision the best decision in this company, environment, and vertical? In your areas of highest investment, what does “secure enough” look like?

Certainly, no evaluation will be complete without metrics that measure the progress and maturity of the security program. Fulton suggest boards inquire on how the program is measured and how the CISO knows the measures are valid and reliable. Abousselham offers focusing on objective risk measures with metrics to show progress against a baseline such as NIST CSF; and adopting no more than ten key metrics that summarize the state of the security program and its business influence.

When measuring the security program’s effectiveness, it is crucial to consider that it is tied to the CISO’s ability to influence the organization. The security leader’s ability to execute is very much dependent on the reporting structure.

According to Trudeau, reporting to the wrong executive could pose challenges for the security program and hinder its effectiveness. In addition, it is important to validate the CISO’s cross-functional operation. Most security practices and controls are implemented, operated, and maintained by employees without “security” in their title. Consequently, a CISO must be respected and influential outside her own organization.

Communicate in the right format and cadence

A good rule of thumb is for boards to meet the CISO at least once a year. Abousselham explains that some companies adopt a cadence of two updates per year, to the board and the audit committee. Boards might also ask the CISO for more frequent or ad hoc updates if the perceived risk is higher than the acceptable threshold.

Additionally, informal and off-schedule meetings improve relationships and information sharing simply by the reduction in formality. Fulton believes these keep strategy aligned and could be invaluable during actual or tabletop incident walk-throughs. However, boards should be careful to not overdo it as too frequent meetings can be inefficient, Trudeau warns.

With security becoming increasingly important, some organizations have created security committees to ensure independent oversight of security risk. The security leaders don’t believe it’s necessary in most cases, since it might be distracting. If a company is forming a security committee, Abousselham explains that committee members should be independent and with proper domain expertise to formulate and report an accurate opinion of the security risk posture to the board.

Conclusion

Fostering collaboration between the board and the CISO benefits both groups and the company as a whole. However, it’s not always easy and growing pains are to be expected. While everyone may share the same objective of seeing the company succeed, they often differ in their agendas and approaches.

The good news is that asking the right questions, conquering communication gaps, measuring progress and treating security as a business risk will set the board up for success in improving the company’s security standing.