Forcepoint's Ajay Dubey on the potential of human-centric cybersecurity

Forcepoint's Ajay Dubey on the potential of human-centric cybersecurity
Ajay Dubey, Forcepoint's national manager of partners and alliances.
25 May, 2018

Forcepoint, which provides cybersecurity solutions, has been advocating a new approach to tackling cyber threats. While its peers work towards automated solutions to combat various threats from evolving technology infrastructure, Forcepoint has made humans a key element in its strategy by understanding their intent as they interact with data.

Previously known as Websense, Forcepoint is owned by US defence contractor Raytheon and counts large Indian enterprises such as Wipro, HCL, Tech Mahindra, and Infosys among its clients.

In an interview with TechCircle, Forcepoint's national manager of partners and alliances, Ajay Dubey, said the firm is focusing on securing all points of interaction between users and data, and also evaluated the country's cybersecurity preparedness.

Edited excerpts:

As the country undergoes a digital transformation, we are interacting with more data, more frequently. What does the Indian scenario look like in terms of enterprise cybersecurity?

India as a country is doing reasonably well. Corporates are focusing heavily on digitisation. Data consumption and creation has increased manifold and hence data security will always be a key area of concern as more people go online. 

As customers, partners, employees, vendors and suppliers will connect, so will hackers. If a hacker sees an opportunity to make money by selling particular data or by misusing something, and if he is able to manipulate and fill his coffers, then that is the data that people go after. Those are the data sets that need more attention than ever.

There have been several reports about India being among the countries most targeted by ransomware. What is your take on the matter and have the threats reached an alarming level?

The ransomware threat has gone up alarmingly across the world and not just in India. 

When ransomware attacks a machine, it could happen because of two reasons. One, there is a vulnerability in the machine. We are either leaving a window open and a thief comes in or there is a thief who can break a window and enter. 

Most of the softwares that people use today are updated regularly. If you fail to apply those updates, the vulnerabilities can be exploited.  

Are Indian enterprises and SMEs prepared to tackle cybersecurity issues?

If you look at it vertical-wise, the most critical verticals have always been the banking, manufacturing, government and the telecom sector.  Most of these sectors are critical for the economy, and the enterprise customers in these are the IT-enabled services or call centres. 

The top enterprise customers and largely the mid-market customers are fairly secure. They have taken steps to prevent the known attacks. The challenge is the attack is always unknown. So however prepared you are, if there is an unknown attack, it can still affect you.

Does this mean that you agree with the view that firms cannot protect all their data and they need to priotise certain aspects of the business?

Data is like things that we own in our personal lives. In many India Indian homes, you will leave your footwear outside when you enter.  Then you enter the home, there is a television mounted on the wall and then you go inside, you open the cupboard in which there are expensive silk saris and similar items. Your most valuable data or your most valuable property may be gold or diamonds or property papers safely kept in a locker. 

There has been talk in the security industry about using AI to tackle security issues at companies dealing with massive data sets. Is Forcepoint using AI in any way for cybersecurity?

We are heading in this direction of leveraging AI or what we call analytics to analyse things.

In a normal scenario, organisations have multiple security products and each one of them does a specific job of protecting something specific. 

The challenge is that each product or solution gives you alerts or gives you events and these things keep flashing and seek your attention.  

For an IT manager working in an organisation he needs to be looking at maybe 5,000 alerts in a day. It is not possible for him to do it on a daily basis. This is where AI and analytics come into picture. 

We have devised a solution that can read through the alerts data of 15 software solutions that themselves come up with 15,000 alerts. Our system reads through these alerts and selects the most important ones to be raised to the IT manager.

Are you selling this solution as a different product?

No. We are including this capability or feature in all of our products which helps the IT manager separate the needle from a haystack. 

Most companies are providing analytics — how do Forcepoint's solutions stand out?

Most solutions and firms today are coming up with solutions that are targeted at specific problems, more like a piecemeal approach. At Forcepoint, we proposed a concept called as a human point security or what we today define as human-centric security. 

Data is practically everywhere and there are all kinds of people accessing this data who also seem to be everywhere. That interaction point needs to be secured. It can be a endpoint security, cloud security, network security, data security or a web security solution or all of them combined. 

Human-centric security also gives you another great ability called dynamic data protection or the DDP. If you look at the security postures, they are very static in nature. Whatever be the scenario, you continue to have access to this data.  

If a user is compromised, he should not be allowed access to this data.  The technology can dynamically - on its own and without any human intervention - determine that a particular user who has legitimate access to should now be denied access because he is compromised. The moment the problem recedes, then the access should be restored automatically.  

Are you also scanning data and intelligence from all the customer points where your solutions have been deployed to make your security solutions better? Can you access such data?

As a company we don't seek access to any data from customers. However, our solutions see the data and read it and becomes more intelligent. This particular functionality is called an advanced classification engine. 

The advanced classification engine does a lot of real-time analysis on web traffic that is coming into the network. As and when it figures out or it finds a new threat that it is trying to crack, it blocks the threat and also alerts all other Forcepoint customers using similar products. 

What is the go-to market model and how are you acquiring new customers in India?

We have very sophisticated technology centres where we train our partners. Our business is 100% channel-driven, so we always sell through the channel. The system integrators or value-added resellers basically form the partner base. These could be very small companies or could be very large organisations. We choose them depending on their skills to understand this technology.

Forcepoint has been on an acquisition diet. How has that helped in devising and deploying security solutions?

Over the last three to four years, we have been acquiring organisations and integrating their technologies into our portfolios. We first came up with a human-centric cybersecurity module or platform and kept adding technologies to it which were either developed by us or through acquisitions.