Cyber Policy and Customerization

11 06 2010

Congress is near to passing a bill that emphasizes that federal agencies consider buying security that is baked into hardware and software. Additionally, this potential bill (probably to be introduced next year) establishes an executive cyber office in the White House and calls for continuous monitoring. My first reaction is that this bill is great and long overdue given the growing number and complexity of cyber attacks foisted on government entities and enterprises with “high value assets”.

While the words ring true, I have to stop and wonder if this initiative is enough, or merely a compromise. My reaction as a businessman is that it is great to have security and continuous monitoring built in to protect against cyber attacks. For many cases, this type of security is probably acceptable as a good baseline. Yet, as an executive in the security business, I see the problem as more complex. Can security be “standardized” or do you need to understand the complexity of security in the context of the application and the type of assets and applications you need to protect? I believe that it is the latter.

The industry clearly must champion the cause whereby security is heightened in the decision process of buying hardware and software and in the management of the IP networks which are the lifeblood of business.

In a recent survey we conducted with Government Security News Magazine, 80% of those surveyed felt that one company could not provide all the cyber security needs. Additionally, more than 60% indicated that they don’t have adequate skills necessary to manage security. So in addition to the bill – which is a great start – the industry must make buyers aware of the options at their disposal. Moreover, if we are to really make progress in our collective effort to combat cyber threats, participants in the industry will need to provide a more comprehensive plan and more robust tools that complement security that is built into software and hardware. By way of analogy, think about integrated stereo systems e.g. boom boxes, vs. a specially designed audio system tuned to the uniqueness of the environment. In cyber security, especially in protecting carrier, government, and high value infrastructures, I believe we need the custom version or at least “customerized” version of security.

Advertisements




Maintaining the integrity of critical network assets

12 05 2010

This is a little different than a marketing blog but it has to do with keeping business assets protected. And that certainly fits into the business of doing business.

Did you know that more than 25 million new strains of malware were uncovered in 2009? And that the US Senate Security Operations Center reported nearly 14 million cyber attacks per DAY!!! These are staggering figures. According to the Department of Homeland Security, cyber attacks roles three fold from October 2005 through October 2007 and the belief is that the attacks are increasing at an exponential rate. These alarming statistics have awakened the government and the President has made cyber security a top priority with the initiation of the Comprehensive National Cyber Security Initiative and the appointment of Howard Schmidt as the government’s cyber czar.

I was reading some comments that George Kurtz, EVP of McAfee, made at a recent FAA conference on Cyber Security and it made me think. He said that we need to find a way to solve an attack (on a network) in 15 minutes vs. the 24-72 hours we now take. For the home user, using McAfee with its signature-based approach is fine, and I probably can wait for a short time to have a new virus or Trojan signature uploaded to my computer. (Full disclosure: I use McAfee on three of my PCs). However in a critical network – be it FAA, a carrier network, a government agency, a SCADA network, or a health care network- where the asset value is high or the compromise of data would result in economic loss or even physical disaster, we don’t have the luxury of time. At line speeds now approaching the multi-gigabit level, 15 minutes means that an inordinately large amount of traffic/data has worked its way onto a target network. It’s not that signature based approaches are bad at all; they serve a purpose. Yet, they don’t go far enough for a critical network.

The key to protecting these critical networks is based on a dynamic understanding of what is happening. By definition, once a signature is developed, it is old- still useful for some but not all users. To maintain the integrity and availability, companies, carriers, and government entities must have situational awareness and know what is happening at all times. This requires a mosaic of different protection devices such as the normal firewalls, IDS/IPS systems, and forensic analyses. Yet, these systems and appliances must be complemented by a new class of products called network intelligence analytics which provide a dynamic three dimension view of data correlated with other data and correlated in both space and time. Only through this three dimensional view and the visualization of what is transpiring in the network will protection against cyber attacks be minimized. This nascent part of cyber protection is led by companies such as Narus whose traffic intelligence platform called NarusInsight provides the dynamic analytics that the network and security officers need to see what is happening across layers 2 through 7 in their networks. By processing the data in real time and applying real time analytics vs. mere forensics, the network and security officers can act swiftly to mitigate attacks.

Still, attacks will occur and the industry needs a call to action to aggressively respond to these attacks. The industry nees to band together in a collaborative fashion to thwart these attacks- or at least slow them down. At a recent RSA conference on security, several experts, including Greg Oslan, CEO of Narus, suggested a joint collaboration between government and private entities. That is thankfully coming about. Yet even within companies and across companies, network managers and security officers must share information, work across silos ( security and network operations are not necessarily engaged together nor share common platforms), and work across all areas of business. By doing so, we can view the problems and therefore the solutions through a multi-faceted approach. Coupled with a mosaic of complementary and new technical solutions, the industry will have the best opportunity to maintain the integrity of critical network assets vital to our economy and national defense.





Identity Envy

17 03 2010

I want to share some thoughts I have on branding and positioning that hit home after I recently attended a trade show.

At the beginning of March, I attended the RSA Conference at the Moscone Center in San Francisco. The show, which focused on the computer security industry, amassed 300 exhibitors that varied in size from the small garage type start-ups to the mega companies like CA and IBM. Narus, the company for which I am Chief Marketing Officer (and strategic consultant), exhibited at the show. It was a truly great show and traffic was substantial.

I had just completed reading the Department of Homeland Security (DHS) Strategic Report. One of DHS’s objectives is to protect the country from cyber attacks— -and that is precisely in the power zone of what Narus does! Narus’ vision is to protect corporations, governments and countries from business risks and cyber threats. It’s a simple vision that guides our choice of markets to serve and the framework in which we develop our products and services for our customers.

It was interesting when a representative of a company, a carrier or a government department stopped by the booth. Some knew what we did while others were not so sure. Visitors from “competitors” stopped by as well. Our signage was pretty clear and we explained what we did. We even placed three of our execs on panels during the show to spread the word on what we do. Yet, I was intrigued by the fact that many people- competitors and otherwise- said that they did precisely the same thing and had the same capabilities. I know that is hardly the truth and it irks me to a point.

Consider the following analogy from the world of football. Jim Sorgi is a pro quarterback who has been the backup to TWO Mannings, Peyton and Eli. If Archie did not have these two sons, perhaps Jim Sorgi would have been the starting quarterback of the Colts and now the Giants. But unfortunately, he will always be relegated to the dubious distinction of backing up the Mannings and never being the main QB. I liken Narus to the Mannings and the other pretenders to being the Jim Sorgi’s of the world. (No offense, Jim. I would yearn to be a quarterback in the pros!!!) They are not at the same caliber or skill set yet play in the same game.

This raises the following question: How can one protect and maintain your position in the market and distinguish yourself against the pretenders? Here are my three prescriptions:

1. Set a clear vision and strategy for your brand and where you fit into the eco-system. This is the point where you figure out where you want to play in your eco-system, what technology you will use, what markets you pursue, and what is your distinguishing characteristic. For Narus, its strengths lie in the metadata, the analytics and the rule sets it uses to help its customers manage business risks and protect against cyber threats. These are truly unique and complex. We are not DPI boxes nor event managers nor merely forensic analyzers.

2. Develop a clear position and make sure it is repeated and repeatable. Think about the company represented by the following terms: “pin drop,” “can you hear me know,” and “there’s an app for that.” These companies are: Sprint, Verizon, and Apple. Not a bad list to associate with!! You have to ask yourself if your company stands out, and more importantly, what customers remember about your company.

3. Walk the talk. If you have a clear vision, strategy, and message, you need to ensure that the entire organization from the employees to the front line resonate with the brand and its positioning. When I was the Chief Marketing Officer for US Cellular, we had a tag line “the way people talk around here.” It was supposed to represent our customer-intimate strategy and all our people, especially the front line in our retail stores and call centers, were taught what that means so they could walk the talk. If a customer came in the store and if we were not helpful or trustworthy, we would belie the tag, our brand, and our positioning. Rather, we wanted to be known as the company who is trustworthy, like a friendly neighbor. And it worked as the financials showed.

The good news is that Narus has a consistent message and those that know us understand the message. For others, we need to do a better job at enlightening potential customers where we fit into the eco-system and what our unique capabilities are. Yet, for others, we will convert them to understand our brand and positioning, one customer at a time.

Comments are gladly appreciated.

David Friedman