Thought Leaders in Cyber Security: Greg Enriquez, CEO of TrapX (Part 4)

Sramana Mitra: What are you looking at when it comes to open problems? Of course, cyber security is a big threat with the Internet of things and more and more digitization. The threat of cyber security exponentially increases every year. Where would you point our entrepreneur audience to dig for open problems to solve?

Greg Enriquez: We went from millions of devices to billions of devices, to now trillions of devices. Where is the security problem? I could say, “I have 10,000 end points I have to protect.” Do you really? I had one example of a customer who was talking to an attorney of his. There was some merger going on. He said, “I need to see that contract.” The attorney said, “Here. Let me show you on my device.” Is that information leaving your organization in the hands of a service provider that has the same level of protection that you have? We’re dealing with trillions of devices. The problem is, one, categorizing and understanding your assets and making sure that you have a thoughtful plan to protect your assets with varying levels of security depending on how those assets are controlled.

The second is getting as much visibility as possible on what’s happening inside your network and what’s leaving your network. The CISO today is a risk manager. It’s not about defending 100%. You just can’t keep everybody out. It’s a matter of managing risks and making a business decision about what investment decision I want to make. I see the environment getting more ubiquitous on what you have to consider as possible threats. The more visibility, the more information you can get about your asset, the more quality statistics you can get about what may be coming. That’s what seems to be on the horizon.

I think deception technology gives you an ability to get greater alerts. If I have IoT devices or devices that have access to my network, I can’t control or put some protection on every one of those devices. I need to have an alert system with high fidelity.

One example is, we were in a hospital to protect the administrative systems. What we found is we were on the same network with medical devices. They are running back-level Windows systems that are not necessarily under the same protection as the business assets. Since we are putting our deception technology on that network, we found both common malware and advanced malware that were waiting to come out and attack administrative systems. Since we had decoys and malware traps, we were able to catch that activity in places that were less monitored.

This segment is part 4 in the series : Thought Leaders in Cyber Security: Greg Enriquez, CEO of TrapX
1 2 3 4 5