TechTalk “Click Happens”: How to Isolate and Contain IT Security Threats
Keep your enterprise safe from IT security threats while maintaining a positive end-user experience.
By Insight Editor / 25 Aug 2021 / Topics: Cybersecurity
By Insight Editor / 25 Aug 2021 / Topics: Cybersecurity
With the remote work environment of today, many are lacking the physical security of having every body in the same building making IT security and infrastructure more important than ever. New threats come in every day and “click happens,” the key to keeping your environment safe is through isolation and containment technologies.
To experience this week’s episode, listen on the player above, watch the conversation below, or scroll down to read a complete transcript. You can also subscribe to Insight TechTalk on Apple Podcasts, Pandora, and Spotify.
Audio transcript:
Erin
Hello, and thank you so much for joining us for another Insight TechTalk. I'm Erin Hazen, client solutions executive at Insight. And today I'm joined by Paul Reid, director of worldwide security and software sales at HP. Hi, Paul.
Paul
Hey. How are you doing, Erin?
Erin
Brilliant thanks. Great to see you. Great to chat with you today.
Paul
Yeah, absolutely.
Erin
Yeah, it's a sincere pleasure to have the opportunity to speak with you. And I'm really excited to dive deep into a topic that I know is at the top of every organization's priority list right now, and that is all things security. With 21 years in the industry, I know that you have a lot of experience and wisdom to share with our viewers today. So thank you so much for your time.
Paul
You're absolutely welcome.
Erin
Great. Thanks so much, Paul. Before we get started, maybe do you want to tell me a little bit about your role at HP and the solution that we're going to be talking about today?
Paul
Yeah, so, you know, I've held a lot of roles at HP and most recently I moved into the security space. I was leading our worldwide services channel business, and of course work with Insight and all of our partners. But you know, this really attracted me is I realized that as we go out and build all these new experiences for our mutual customers, that it's also important that they have a security posture to them. So I see what's happening in the world today around malware attacks, et cetera. And I just knew this was going to be a really, really hot space, a place I could learn something new, dig my teeth into. And so, for the last several months here, I moved over and took on this role, leading a global team of enterprise sellers.
Erin
Awesome, so yeah, you hit on exactly what I wanted to ask you as our first question here. When we chatted a couple of weeks ago, you mentioned that as technology evolves and the investment into digital transformation increases for organizations, that truly all of the efforts are kind of for not if the infrastructure is not secure. So in your experience in dealing with CSOs, what's causing them the greatest concern or stress right now?
Paul
Yeah. You know, it's really threats, right, threats from everywhere. The bad guys have not stopped. They have a built in enterprise to really go after our businesses, right? And again, our mutual customers. It's a sophisticated, well organized criminal organization. A threat from malware, the amount of social engineering that these guys have managed to do. So now it's these tailor-made attacks. In many cases, they actually target CSOs because again, the CSOs in many cases have the keys to the kingdom. So if they can take that CSO down or that I.T. decision maker, they have an access to the keys to the kingdom. And so, that's a big, big part of what they do. We all have heard in the news, right, from the pipeline to all of the other ransomware attacks. I just heard of another, one of the big firms that just got the SI systems integrated that just was attacked recently. And so, you know, everyone is just kind of thinking, "Okay, when's my turn," right? And that's what's keeping them them up at night. And then secondly, I was sharing earlier that I just finished the CSO, our CSO round table a while ago, and we were asking a similar question, what's keeping you up at night? And one of the things they were sharing with me, it's really about the, how did they secure the enterprise, but the same time still have a good end user experience, right? Because you and I both know that we don't want something that slows our machine down, that holds us back, you know, everything creeps along, I've got to take six or seven steps just to get to one, something that took me one click to get to prior. It's all of this, right? So it all has to be done with the end user productivity and end user experience in mind. And so, it was interesting to hear from these CSOs that while all these threats and how they move things, you know, a cloud-first position, all that was important, but they also were thinking about, how do I create a very good experience? And why is that important? Because many of them are trying to attract the top talent. And how do you attract the top talent if you also don't have a good user experience?
Erin
Totally, and usability is so important because it's a group effort when it comes to security, right?
Paul
Yeah, it is.
Erin
From the end users all the way up to the top. If people aren't all contributing to sort of the security posture, it's not going to be effective.
Paul
Yeah, absolutely. And you know, another piece of that right now, with the current work from home situation, that's also on a lot of their minds. And if you think about it now, the internet is the network, right? So if you imagine, you know, pre-COVID, we were all in a secure building, I've been into many of Insights site. I think you have to give up your firstborn to get in in some cases, right? Pretty serious. So there's physical security to get in, as well as the network itself was locked down, right? Now, people are home. My kid is playing Halo or whatever on the same network that I'm trying to work on, right? I can tell you now that my family are not cautious with their clicks, that's why one of the themes I developed was click happens, right?
Erin
I was going to ask you about that.
Paul
It's a little crude, but it's true. It's going to happen, right? And so, how do you navigate through that, where now, again, the internet is your network, right? And now you don't have that physical security on the devices.
Erin
So tell me a little bit more about HP security, because you really honed in on what I wanted to talk about, which was that work from home and hybrid risks and impacts. So particularly when it comes to that containment and isolation piece, tell me a little bit more about.
Paul
You've been doing some reading there, Erin. Good. I'm impressed. I'll start with some stats, right, that I just recently was looking over, right? 85% of email that you get is spam. And I can attest to that, that's probably my case from what I see right? And about 70 plus percent of attacks are generated on the endpoints themselves, right? And so a lot of security in the past is really been around the network. The bad guys have realized that, okay, sophisticated people are really guarding the enterprise and the network. But quite frankly, when it comes to the endpoints, if we're honest with ourselves, Erin, you and I, and all of us have probably not been the best in terms of clicking it. And oh, by the way, many of us, let's face it, Insight, close your ears, we're in HP, we're doing personal work on our company PCs as well on those endpoints, on our phones and tablets, et cetera. And so with 70% of these attacks being generated on endpoints, 68% of enterprises have said they've experienced an attack in the last two years. And I think the other 32% are lying, right? I really do. I believe for the most part they all have, we all have. And then on top of all of that, 80% of the most successful attacks have come from unknown malware. So again, the bad guys are generating thousands of new malware daily, right? They're using artificial intelligence and machine learning to generate this new malware, and that's going out. And so, how do you protect against that? There's a term you may hear of, our zero-day attack. And what that just simply means in layman's terms, I like to speak simple, I'm not a security guru on this, but this just simply means that it's something that has not been seen before. And if you think about all the traditional protection from a security standpoint, that's out there around like antiviruses, right, it relies on kind of, okay, I know, let's just say, I'm going to put you in a bad spot here, Erin. Erin's a bad person. I know Erin's profile, right? She's, you know, if it has glasses and it's red hair, this is Erin, right? Erin's bad. We can put her on a list and say, "We will not let Aaron in the building," okay? What happens when Erin wears a disguise, and now you can disguise yourself? Now, I don't know that. Or Erin gets someone else to come in for her, right? Now all of a sudden, that's something that I don't recognize as an antivirus. So they moved to something called NGAV, which is next generation AV, and that now starts saying, "You know what? Erin had a limp when she walked," right? And you know, "She was missing an ear." I'm really butchering you here.
Erin
There's no Erin here.
Paul
I know. So from that profile, then you could begin to say, okay, you know what? This kind of still looks like it. It doesn't, she's got a mustache on and you know, a new wig, different hair color, but the characteristics are still the same. So then it would catch it, right? What HP has done is moved to do something, 'cause that's one layer of protection that you can have. We moved to something that is called a micro-virtualization. And so with our Sure Click products, as an example, we said, look, we don't care. We take the bad things and we isolate everything in a micro container with minimal impact to the user, because it takes up a small amount of real estate or horsepower from the system. Small piece of CPU, small piece of memory. And what that allows us to do is then we don't care, when Erin comes in the door, she's in a box. She can cause no harm to us. Right? And that's the whole isolation technology. And so a lot of people, and to the sellers out there, we always tell people, for example, you'll get the idea, I love to use analogies here. If I'm going out into the cold, right, I don't just say, hey, I'm going to put on an overcoat and nothing else in zero degree weather, right? Or I'm not going to say, I'm going to put on thermals and then go out, right? I don't do that. It's about layering, right? I may put on thermals. So this containerization and isolation technology we feel is just another layer around. There's other things in there like EDR, endpoint detection and response, which basically means to track the endpoints and see how they're doing. There are other things you could do to make sure that people are following the policies, that they are running their antivirus, right? They haven't turned it off, because we know some of us are guilty of doing that. That's the posture that we have taken. And I liken it to, you know, if you go back and watch an old movie, so an Stallone movie, and I'll see if you remember this acronym, DTA. And DTA is don't trust anybody. It was in Stallone's "Lock Up." And that's the posture we take. We call it zero trust architecture. So again, we don't try to determine if the bad guy is a bad guy. We just assume everyone is.
Erin
And tell me a little bit about the technology also playing out within that container, because I think you mentioned that there is like the sort of playing out of that.
Paul
Yeah. Yeah. This is great question and good reminder for me. So one of the neat things about our offering relative to what you may see from some of the competitors is, because we're in a micro, in a little mini, micro VM, a virtual machine, right? So as you open that new webpage, it's its own little computer, basically. We can actually watch it detonate. And so, when typically the bad guys, right, as that malware detonates, it detonates in the safe environment and we can watch it because we can see who's it calling out to, right? Who's it trying to reach out to? Who's it sending the information back to? What was it's intent? Where was it going next? And so we can actually watch it detonate versus in your typical antivirus it just quarantines and locks it out, right? And for us, and to give you some feedback, that's something we have actually used to help law enforcement help reach back out to those bad guys, because again, it can see where that malware is trying to call out to.
Erin
Yeah, so I love that the security is, first of all, you enter into sort of this safe bubble, that's where you exist and function, if there are bad actors, they're contained. So even though those bad actors are usually many steps ahead, they invest a lot of time, HP has the technology to sort of control that and see it play out, which is an incredible advantage for our clients and their security of their organizations.
Paul
Those Erins are relentless.
Erin
I know. We're a bad lot. Awesome. Awesome. So HP has been a long-standing partner of Insight, and we are grateful for our strong and trusted partnership. I guess, maybe just to sort of wrap things up, maybe, can you tell me in your own words, why HP chooses to partner with Insight to deliver?
Paul
Yeah. I see Insight's been a great partner of ours. I've worked quite a bit with Insight and we've sold a ton of solutions together, and you guys do great work, and it's great partnering with you. You guys are the peanut butter to our chocolate, as I would say, right?
Erin
The best combo.
Paul
I love them both. If you think about a lot of the digital transformation work, for example, that you folks are doing, going back and looking in the enterprise and trying to figure out how do I now move again to a modern management system and begin your digital transformation? You guys are doing that with customers. And our security, as well as our services that we offer, are all a part of that. And we partner with people that have the capabilities and expertise such as Insight to really help us with that, right? Because we're serving in many cases, mutual customers, right? And so we've got the core piece, if you think about it, the core module, and then you guys wrap around a lot of your services. It could be in terms of the deployment of the solution, right, or the integration of the solution. Or in some cases, the management of the solution on our mutual customers enterprise. So yeah, we've done a lot of work together. Previously, I ran our device as a service business and we did work together there as well.
Erin
And we will continue to do so. It's really honestly been such a pleasure to chat with you, Paul. I learn a lot every time we get the opportunity to speak, and I know that our clients and even our internal teams will have learned a lot from this session as well. So thank you so much for your time and expertise. We really appreciate it.
Paul
And there's a lot more information out thereon our Sure Click and Sure access products as well, and all of our Wolf Enterprise Security solutions.
Erin
Perfect. Thank you. Thank you, Paul. And thank you, everyone for joining us today. If you would like to learn more about the HP security solutions, you can certainly visit insight.com/wolfsecurity. And while you're there, why don't you make sure that you also sign up for our online digital magazine, it's called the Tech Journal, and on there there's even more inspiration and insights around the future of technology. It's a terrific and completely free resource that we are happy to provide for you. My name is Erin and I am so grateful for your time and attention today. And I can't wait to tech talk with you again, very soon. Have a great day.
Paul
Thanks.