As more attention is paid to the issues revolving privacy and breach notification, it becomes increasingly important for people to understand what data they have. Therefore, data mapping, according to Gant Redmon, Program Director of Cyber Security and Privacy, IBM Resilient, is the foundation of complying with today’s strict privacy laws. In his words, it’s about knowing “What [data] you have, where is it, who has access to it, how does it flow. If you don’t know that, you can’t protect it because you put different protections based on the sensitivity of data. [For example,] the dry cleaner has to protect data differently from my bank”.
Gant made the comment in response to the increasing regularity of high-profile data breaches that affect millions of people around the world, including the ASEAN region. How companies in this region can learn from their peers in the EU who have implemented processes for GDPR compliance has been one of the biggest privacy topics of discussion of the past year.
Gant was in Kuala Lumpur as one of the speakers at the 30th Annual FIRST Conference, where he delivered his findings on a paper titled: “What Was In That Data?” His session was focused on what incident responders can expect to be able to provide their organisation with under regulations like the GDPR, how they can work with the legal and C-Suite teams to stay ahead of any GDPR-related penalties, as well as what companies can do to shift the focus on their IT resources on detection and prevention to response and remediation. As the GDPR has a global reach, he also gave an overview of the impact GDPR will have on organisations that are not compliant.
Gant joined Resilient before it became part of IBM two years ago. In fact, he was one of the earliest members of the company and when he first joined Resilient, there really wasn’t a market for incident response software. “I was employee number seven at Resilient. There are now 256 people in Resilient, inside of IBM. And of course, there are something like 4,000 people in IBM Security and 400 thousand people in IBM. So we went a long way from seven to 400 thousand,” he said.
What Resilient does is exactly that, they provide software for the incident responder. Gant explained further, “IBM Resilient sits inside IBM Security, so we work with a lot of the other offerings. For example, QRadar is the security incident event manager. You have Trusteer, which is security for financial institutions. You have Guardium. Guardium allows you to understand where your data is and what’s going on with it.” However, those products did not have a common dashboard. So when IBM acquired Resilient, they were looking for something to make all the other products work together for the incident responder.
“So we sell to large companies all over the world. We sell to people who have incidents because all corporations do, especially the highly regulated ones – the ones that have the more valuable property, financial and health. Technology companies as well. There are lots of others, but those three seem to be larger targets than other customers,” he explained.
As the organisations have to deal with hundreds, if not thousands of incidents each year, it’s highly important for them to be able to collect, organise and disseminate information quickly and efficiently in order to figure out which of the incidents need to be escalated to the whole team. Companies today need to always be prepared to respond to cyber threats and the Resilient incident response platform serves to help them effectively orchestrate their response.