Oakley Networks is the leader in insider threat investigation and endpoint monitoring. Our customers include Fortune 100 companies in financial services, manufacturing, retail and technology; and our technologies have set the standard for insider threat protection for the U.S. Department of Defense. The Oakley platform combines network observation and threat detection with industry-leading endpoint protection, coupled with hundreds of pre-built policies, that can be immediately implemented to protect product designs, customer databases, financial plans, and other critical assets.
Name: Tom Bennett Age: 47 Position: Vice President of Marketing Popularly known as: “Hey Marketing Guy” Previous jobs: Vice President of Marketing for Applied Identity, Teros, AllBusiness.com and Securant Education: MBA from Stanford Business School Family: Married, Wife Vickie Residence: Salt Lake City UT Other interests: Surfing, Snowboarding, Competitive Paddleboarding
In the following interview, Tom Bennett, Vice President of Marketing, Oakley Networks discusses with Rake Narang, Editor-in-chief of Info Security Products Guide, growing implications of insider threat and how to take a pro-active approach.
Rake Narang, Chief Editor - Info Security Products Guide:Has insider threat always existed in the past or has increasingly use of networking technology played a key role in elevating these type of threats to a new level? Is insider threat still rising or have organizations understood the implications and are now taking pro-active measures? Tom Bennett , Vice President of Marketing, Oakley Networks: Historically, guarding the corporate perimeter was IT security’s job, and software vulnerabilities, worms, bots, spyware and phishing attacks are still a constant and costly threat. But increasingly, it's the insider with intimate knowledge of an enterprise's business practices, systems and applications who presents the greatest security risk and potential to do harm.
Insider Threat attacks and breaches have risen dramatically, now the probability has become a question of “when”, not “if” for Fortune 1000 companies. What’s interesting is that many insider breaches, whether accidental or malicious, occur via communications channels that did not exist 10 years ago, such as instant messaging, mobile storage devices, web-based email, even peer-to-peer software.
Clearly the proliferation of applications has risen faster than the ability so secure them, yet the value and productivity gains from the applications keeps them from being simply outlawed in the corporate infrastructure. Couple that with the increased use of encryption (which obfuscates traffic and many transactions) and the huge increase in offline mobile use, and you have many recipes for disaster.
Companies clearly understand the insider threat, and are taking action. There’s not a single customer we meet with that doesn’t understand the gravity of the problem and has some initiative in place. Many of them have taken the first step, which is to try and plug the pure data leak problem. A great start, but neither a long term solution, or even cost effective. A pure data leak solution is like putting on bug repellant---you may not get bitten as much, but the mosquitoes are still there, and they’ll just bite someone else. Companies need to get out there and drain the standing water that allows the mosquitoes to breed.
"Enterprises admit to Info Security Products Guide that insider threats have become the greatest challenge today when it comes to protecting their digital resources. Need to communicate consistently inside and outside the organization using more than one communication tools, that in some way interconnect has played a key role in weakening this security apart from the other obvious reasons. Oakley Networks thus takes a deeper approach by solving the problem directly at the source."
Rake Narang, Editor-in-chief, Info Security Products Guide
Rake Narang:How has Oakley Networks kept up with innovation? What is the secret behind the products and services provided by your company? How is your company focusing on 2008 growth? Tom Bennett : Oakley Networks has always taken a leadership role in the insider threat space - we bit off the hardest part first. Deploying a perimeter based solution is easy, but insider threats don’t start at the network, they start at the desktop. We’ve always taken the approach that a long term solution needs to look at the endpoint as the origin of activities and threats, and only by monitoring all communications and activities at the endpoint can you “get out in front” on the problem, not just looking for policy violations themselves but also understanding the “leading indicators” of potentially harmful behavior.
Our “secret sauce”, if you will, is really threefold. First, we’ve solved the endpoint problem in an extremely elegant way that allows for deep monitoring of nearly any vector of behavior. Second, we’ve layered in an extremely sophisticated Policy and Analytics engine that not only allows the enterprise to monitor for any level of policy or compliance----from simply employee handbook issues to the most serious acts of sabotage---while maintaining and respecting employee and corporate privacy guidelines. Third, we’ve developed incident reconstruction technology that allows any event or policy violation to be replayed exactly as it happened on the user’s screen, like a DVR or Tivo. This gives the enterprise complete context of every incident, easily eliminating false positives while allowing laser-focused, and therefore very cost-efficient, remediation to take place.
Our growth in 2008 is unquestionably in Enterprise Monitoring. Now that companies are more comfortable that privacy is being addressed, they are very excited to see how they can use broad monitoring with complete context as an ongoing measurement, assessment, optimization, and investigations solution for insider threats as well as policy management, usage optimization, and other vectors.
Rake Narang: Will the security vendors always be playing a catch-up game with hackers and attackers? How do you see the security products evolving 2-3 years from today? Tom Bennett : We believe that security products will become much smarter over the next 2-3 years by focusing on the user and not data. Data is pretty much a one-dimensional problem, and protection schemes that focus on the data itself are easily circumvented (again, whether accidentally or maliciously). The only way to really stop problems before they happen is to monitor user behaviors, trends, and anomalies that treat each user as their own threat vector, and monitor accordingly. So soon we’ll be looking at not only whether a user’s acts are in accordance with corporate policy, but also whether those acts are anomalous to that user’s individual behavior profile.
All About Oakley Networks Head Office Address: 2755 East Cottonwood Parkway Suite 600, Salt Lake City UT 84121 Founded in: 2001 CEO: Derek Smith Public or Private: Private Investors: Kleiner Perkins Caulfield Byers, Fidelity Ventures, Duff Ackerman Goodrich Number of Employees: 180 Products: SureView, CoreView, SureFind Company ’s Goals: Set the standard for long term insider threat mitigation for the Fortune 1000’s critical infrastructures, as we have for the Federal Government.
