Forcepoint cuts through cybersecurity clutter to protect data, networks from threats

Integrated cloud-based security platform is vital for reducing ‘point product fatigue’

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Defense con­trac­tor Raytheon ear­li­er this year spun off the cyber­se­cu­ri­ty ser­vices it had been sup­ply­ing via Raytheon Cyber Prod­ucts into a new busi­ness enti­ty called For­ce­point.

For­ce­point also is com­posed of secu­ri­ty soft­ware ven­dor Web­sense and next-gen­er­a­tion fire­wall ven­dor Stone­soft, both of which Raytheon acquired in the past year or so.

Free resource: Putting effec­tive data risk man­age­ment with­in reach

This isn’t your typ­i­cal secu­ri­ty start­up. For­ce­point already has 20,000 cus­tomers rang­ing from busi­ness­es with 50 employ­ees to 200,000 employ­ees. Based in Austin, Texas, the com­pa­ny has about 2,200 employ­ees in 44 offices world­wide. At the helm is CEO John McCor­ma­ck, pre­vi­ous­ly a senior exec­u­tive at Web­sense, Syman­tec and Cisco.

John McCormack, Forcepoint CEO
John McCor­ma­ck, For­ce­point CEO

McCor­ma­ck sat down with Third­Cer­tain­ty as he takes com­mand of the fresh­ly mint­ed enti­ty. Text edit­ed for clar­i­ty and length.

Third­Cer­tain­ty: What is For­ce­point all about?

McCor­ma­ck: We want to be the com­pa­ny that helps orga­ni­za­tions move to the age of cloud com­put­ing in a safe and secure way. And we want to help in reduc­ing what I call ‘point prod­uct fatigue.’ We’ve cre­at­ed a lot of point solu­tions for many of the cyber chal­lenges that orga­ni­za­tions face. And as I look in the eyes of many chief infor­ma­tion secu­ri­ty offi­cers I see real fatigue in their eyes. They’re still strug­gling to man­age the envi­ron­ment they have today. Yet they need to get on top of these more deter­mined adversaries.

3C: How is For­ce­point seek­ing to address that?

McCor­ma­ck: Our view­point is as we work to reduce that point prod­uct fatigue, you build an open archi­tec­tur­al approach. You build it on cloud com­put­ing con­cepts and capa­bil­i­ties that reduce their admin­is­tra­tive bur­den, reduce that oper­a­tional foot­print. We have to make a mean­ing­ful dif­fer­ence so that we can work on more impor­tant top­ics of hard­core secu­ri­ty ana­lyt­ics and analy­sis of the inevitable breach­es that hap­pen to most organizations.

3C: Where does an orga­ni­za­tion begin address­ing a wors­en­ing cloud-cen­tric environment?

McCor­ma­ck: Have a healthy risk assess­ment and threat assess­ment done, and do best prac­tices reg­u­lar­ly. The oth­er thing I would rec­om­mend is absolute­ly work on your weak­est link. For all the tech­nol­o­gy and capa­bil­i­ties around cyber­se­cu­ri­ty, humans have been, and con­tin­ue to be, the weak­est link in the secu­ri­ty chain. They get fooled. They aid and abet, and they make mis­takes because of lack of secu­ri­ty awareness.

3C: Many times employ­ees are just hus­tling to be more pro­duc­tive, not nec­es­sar­i­ly being careless.

McCor­ma­ck: Absolute­ly right. Most acci­dents hap­pen because you’ve got users who are try­ing to do a great job, quite frankly, and just try­ing to be pro­duc­tive. But we also know first­hand that the adver­saries will recruit peo­ple to put into your orga­ni­za­tion who will work to com­pro­mise your orga­ni­za­tion. You have to be able to iden­ti­fy those insid­ers. And you’ve got to be able to iden­ti­fy the intent. If it’s an acci­dent, that’s one route to take. But if it involved mali­cious intent, that’s a dif­fer­ent route that you might want to take.

3C: So a new mind-set, real­ly, is need­ed in this environment.

McCor­ma­ck: Yeah, you’ve got to bring your users into the fold. Cyber­se­cu­ri­ty is a high­ly tech­ni­cal field. You’ve got to make it rea­son­able to under­stand. Here at For­ce­point, we run a pro­gram called ‘Catch Of The Day.’ Any­thing sus­pect, whether it’s phys­i­cal secu­ri­ty or cyber­se­cu­ri­ty, can be report­ed and imme­di­ate­ly respond­ed to by our teams with both feed­back and edu­ca­tion about what they found and what they saw. Then we cel­e­brate every quar­ter. Some of the best catch­es have kept us from being compromised.

More sto­ries on cloud computing:
Con­trol your encryp­tion keys when using cloud services
Emerg­ing expo­sure: Ris­ing use of cloud apps cre­ates data leak­age pathways
Cloud apps rou­tine­ly expose sen­si­tive data