Cybersecurity Needs To Be Both Reactive and Proactive

by Aron Raj, CSA Journalist

Tangible and intangible costs are the two types of costs businesses face in a cybersecurity breach. The amount of time and energy organisations spend to communicate with their customers and reestablish trust, as well as the impact on the brand, are all costs.

Tom Corn, Senior Vice President and GM of Security Products of VMware, said that most businesses react the same way to a breach, which is why VMware questioned if there should be a different approach. When CTOs are asked about their security strategies by the board, the primary focus is not on how systems are protected but more on the risks they have to contend with.

Tom Corn, Senior Vice President and GM of Security Products of VMware

“Security should be considered a risk management exercise. Security organisations are not just technologist but need to understand the business as well.”

He added that most organisations would want more security services. But at the same time, they would want to invest in fewer products. Security organisations would need to find a way to collaborate together to move from incident response to continuous response. Simply put, there should be an ecosystem of partners whereby security is able to interoperate.

And this is where Tom said VMware could excel. If you look at the various security products out there, at most times, breaches happen because there is a misuse of these products. More importantly, Tom pointed out that security is a silo in most organisations, where else an attacker will start on user devices.

“Cybersecurity needs to be both reactive and proactive, and VMWare is in a position to do that without the need for a security vendor. We have a unique position as we sit between infrastructure and applications.”

This allows VMware to have unique visibility on the context of the application itself. The future of security, as Tom puts it, is all about understanding application and data. This will transform how risks are reduced and the importance of how attacks are analysed.

There is a common language problem when it comes to cybersecurity. The network only speaks with the network while infrastructures speak compute. VMware allows the common language to exist in the form of applications. And this is how VMware is bringing security into the console. It will use its position on different points to create analytics and to have insights. (Note: this is also why VMware acquired Carbon Black.)

VMware AppDefense protects applications and workloads. It is different from traditional cybersecurity methods. It is a combination of ML workloads from all over the world and uses vendor information to give a formulated and maintained view on this. HCI is always watching for vulnerabilities. It looks for real exploits, and how hard they are for an attacker to implement.

Eventually, this will transform how cybersecurity is done. In a separate interview, Sanjay Poonen, VMware COO, said VMware is already credible in cybersecurity in the network with VMware NSX. The other areas in cybersecurity are where Carbon Black comes in. He explained that the strongest points of Carbon Black are its AI-powered data lake, smart agent and cloud-native architecture.

While other providers and companies are building on AI and Machine Learning, VMware is not a player in this. Instead, Sanjay said VMware uses the tech and leverages it, which was why the acquisition of Carbon Black made more sense. From there on, all VMware has to do is implement Carbon Black in its offerings, and it will have a holistic reactive and proactive cybersecurity system.

As Sanjay puts it, “The power of Carbon Black is not just AI. It’s the data they collect. The company with the most data in cybersecurity will ultimately win because you will be able to see patterns of the attackers.”

You might also like
Most comment
share us your thought

0 Comment Log in or register to post comments