Post-pandemic will see zero trust become the standard


With the increasing internet penetration and adaptation, we are more exposed to online theft and harm than ever before. Cyber knowledge and Cyber security are the two ways through which we can protect ourselves. Forcepoint is an expert company that delivers modern cybersecurity by proactively safeguarding critical data and IP. We interacted with John DiLullo, Chief Revenue Officer, Forcepoint, and Bjorn Engelhardt, Vice President, Asia Pacific and Japan, Forcepoint to know their insight on the issue.

Read the interaction here:

TimesTech: Give us a brief about the company’s offering so that our readers could know more about Forcepoint. 

Bjorn Engelhardt, Vice President, Asia Pacific and Japan, Forcepoint

Bjorn: We offer here in India say we offer globally. Our traditional background, our base has been in secure web gateway and data protection, particularly DLP, a lot of your customers and readers would know about it as data loss prevention where we are now expanding and is in the Force Point One product range, which is our Secure Access Service Edge (SASE) platform that is the cloud security platform.

What has traditionally held us back in countries like India has been the availability of infrastructure. But as you, you see AWS, Microsoft, et cetera, investing in the platforms, we are now servicing those platforms. And so, it is primarily our focus is driving that SASE Force Point One franchise for our business and doing that both directly at influencing the larger customers, but also through our partner community as well.

TimesTech: Rising number of cyber-attacks is expected to propel the cloud security market growth going forward. How is Force Point looking into the growing vulnerable space?

John: I think that’s probably if you go on our website and you look at any of the analyst commentary on us that’s probably been the area. The biggest investment for us in the last couple of years is just trying to help people secure their hybrid and remote workforces. 

At least a knowledge worker category is going to continue to have some virtual requirements moving forward and that is dramatically grown. 

The attack surface that hackers and other people can try to exploit is our primary focus area Irrespective of where somebody’s working or where their workload is being run, whether they’re in the public cloud or whether they’re in the data center, they’re getting world-class security.

TimesTech: Currently, what are the global cloud security market trends? 

John DiLullo, Chief Revenue Officer, Forcepoint

John: There’s quite a few. There are- securing workloads that are in the cloud, which is the movement of workloads from on-premises to public cloud or the creation of new workloads in the public cloud and so making those as secure or more secure than when they were on their corporate data centers. 

I think we’ve seen that there’s, a whole new category of security that people need to do when they do move more quotes to the public cloud, which is cloud security, posture management and understanding.

If you go, some websites will show you all the infirmities of people that are in the public cloud that has not been secured, or that have entire databases that are wide open. And so there’s security posture management, which I think is a growing business. There’s encryption making sure that you’re deploying end-to-end encryption, which is, there are areas of public key management, in the public cloud space.

I think all of those are it’s generally speaking, easier to secure workloads and you can secure more effectively in the public cloud than you can in the traditional data center where it’s very porous, where people have network access, where you have patch management to worry about.

So I think, things, in general, have gotten more secure. 

TimesTech: What measures should force point have taken for the cloud security and other new products that you launched for that?

John: Our flagship product Forcepoint One is a cloud AWS cloud-based product. That is implementing a SASE- secure access service edge metaphor that makes sure that you are more [secure] in distributed workloads in the public cloud, than you were if they were in your own data center behind a firewall. So, that is our lead product. It’s our fastest-growing area of the business. 

It’s the one that’s we’re most recognized for these days and the one we’re having the most success with. 

TimesTech: How do you see the web security gateway market and full patch strategies to expand into the market? 

John: Well, the web security gateway market is, I’d say evolving and it’s still vitally important but it has taken on a different nuanced than it may have in the past.

And so, people have gotten much more creative, a traditional web security, secure web gateway deployment in the past would’ve been based on reputational. You would, might have done reputation. You would’ve had probably a deterministic response for, from, a reputation analysis, but more and more people started to add a non-deterministic solution. So then you would say, well, I’m not sure about this one. Let me do some research on it. I think where that market has gone right now and some of the solutions that we deploy include, ML deployments, different attacks of embedded URLs. For instance, they come in documents. I’ll give you two examples:

One of them is, that we have a product that will do detonation. With URLs, OFS will go to the URL and exercise that URL and determine whether or not it tries to download a JavaScript or do anything others that a malformed response from it, which you could not, you could not get that from reputation alone.

It’s very common. That a reputation of a URL is good one day and bad the next day or even good in the evening and bad by the next morning. And so, that ability to detonate is something that we have a unique solution for. And, very, very important in that market right now.

Another one that we do is something called CBR, which is content disarm and reconstruct. And so we’ll take an app application or an attachment to an email, for instance, could be a word document. An Excel spreadsheet could be a PDF and we’ll do content disarming of it. We will scrub it down to the brick, basic building blocks and then reconstruct it and make sure that if there’s any malicious content in there, we’ve gotten rid of that, including the URL. We don’t decide, whether it’s a good URL or bad, but we reform it as a valid URL or we don’t reform it at all. We’ll blank it out. And so in some of the most secure situations where there’s an application where there’s a document of questionable origin, we may just take the URL out altogether, which is a new technology, that is just making it into the market commercially right now.

I give you one more technology that we do particularly well, which is RBI or remote browser isolation. So we have data centers where we’re, for instance, we’ll send you a doc, we’ll say you have an email and there’s a link embedded in it. We’ll actually, as we process that email, we’ll repopulate that link with, a diversion to our remote browser isolation engine. So we’ll let you open that link inside a 100% secure environment where you’re not opening that link on your device. You’re opening a mirror image of it in another device. More secure. It’s super, it’s a hundred percent secure. It’s a zero-trust technology. 

So, those are three things that we’re doing right now that I think have changed the secure web gateway market and that’s why we’re still a leader. 

TimesTech: Do you think the cybersecurity market should become an integrated part of the business and why it is more important for business today than ever before? 

John: Um, well, it’s more important because companies are losing more money and having more breaches than ever before. I told, I shared with someone else earlier today that the entire market for cyber solutions was 3 billion in 2005. Last year, it was 300 billion people are spending and we had record losses last year. The losses during this, the, uh, pandemic were three times greater than the losses in any other period. And so, it’s super important right now and that’s what our Force Point One solution does. It consolidates all of that different ingress and egress. And make sure that you have a great security posture, no matter where you’re working, uh, through centralized command and control and security, policy, centralized security policy enforcement.

So, it’s hard but it’s never been more important. I mean, you’ve just heard today there in today’s news, one of the local airlines that have breached, it is just every day it’s every, every week. And those are the ones that are reported. 

TimesTech: How does Forcepoint look into cyber cyberspace post-pandemic? 

John: I think you can’t unring the bell, right? You can’t put the genie back in the bottle. So post-pandemic is it’s here from now on. People are going to want to work from everywhere and the safety of being in the castle, behind the Drawbridge and the mode and the firewalls and that’s over forever. The only thing I would add to that is that we view a lot of the techniques that we developed during the pandemic will continue to apply. So the security posture, when you authenticate a session with a public cloud, for instance, or from a coffee shop in public wifi there are certain steps you take that you wouldn’t take normally if you were in the old days if you were in an office.

There’s this new notion of zero trust. I don’t care where you are. I don’t care if you’re at an airport. Wifi. I don’t care if you’re on an iPhone. I don’t care if you’re on someone else’s PC, I’m going to implement zero-trust architectural decisions. And so I think that post-pandemic will see zero trust become the standard and whether you’re in the office or whether you’re, uh, in an airplane the same security posture will be administered. So the world will get more secure as a result of the pandemic. Yeah, I believe that. 

TimesTech: What are the plans for the first point for India? 

Bjorn: We’ve been incredibly successful in India. Yeah, web sense. And now Force Point has very strong brand recognition, probably the strongest in all of Asia Pacific, where we’ve dominated both data protection. And you talked about web secure web gateway as well. So, you know, we’ll continue to drive those franchises very hard. We just announced the development and innovation center in Mumbai that we’ve opened up. We’re gonna expand that to probably 300 or 400 people by the end of this year and continue to do more work in India.

We have our support centers. We have centers of excellence here in India, so they’re the general investment from a business perspective. The two areas that I’m gonna focus on- one is driving our business into government. We’ve done well, but there’s, I think a lot of opportunity as the government modernizes it, you’re probably familiar with the Indian government. They take some time, but once they get there, they’re gonna accelerate their pace of adoption of cloud. And over the last couple of days, I’ve been meeting with government agencies and they’re saying, it’s coming soon. So that tsunami of cloud adoption will come to the government here in India and so we want to be in that space and particularly whether it’s with Force Point One, but also I think as we look at some of our other technologies as well, and then the other area, I think we have a big opportunity, you know, just the population of India.

[It] is so great. And the hard part for an organization like us is we can’t hire enough people. And so we are building and strengthening our partner community here in India, both the traditional resellers and system integrators, but also through some of our service provider relationships who have already existing relationships with tens of thousands of organizations. And so you can kind of envisage that today, they sell you, you know, networking services, connectivity services, and security services will be added on to that. As we can reach a much broader range of customers and smaller customers who traditionally we couldn’t serve as well.

But ensure that means quite riping our business in the mix. Look in all seriousness, the opportunity, for us is, we’ve seen, you know, incredible growth, last year, 30%, more than 30% on a sizeable. I expect that we will, and we should be able to achieve that on a continued basis here in India.

Cloud adoption is here. This is not a, not say security also. It’s not a pandemic-only issue. And so if you look at the people, the players who are driving that, whether it’s Microsoft or is Amazon, whether it’s Google, et cetera, you know, we just need to hold on tight as they drive that adoption because, for every Amazon instance, you need security to go with that.