Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

Q & A


NEW TECH: DataLocker introduces encrypted flash drive — with key pad

By Byron V. Acohido

One sliver of the $90 billion, or so, companies are expected to spend this year on cybersecurity products and services is an estimated $85 million they will shell out for encrypted flash drives.

One of more fascinating innovators in this space is 11-year-old DataLocker, based in Overland Park, Kansas.

Related: How DataLocker got its starth

Co-founder Jay took a business trip to South Korea in the fall of 2007. A chance meeting – in an elevator, no less – led to Kim veering over to the cybersecurity industry.

DataLocker honed its patented approach to manufacturing encrypted portable drives and landed some key military and government clients early on; the company has continued branching out ever since. DataLocker has grown to 40 employees and this summer moved it’s headquarters to a larger office, with room to grow.

I recently had the chance to visit with Shauna Park, channel manager at DataLocker. We discussed why encrypted flash drives have become established as a must-have portable business tool in the digital age. For a full drill down please listen to the accompanying podcast. Here are excerpts edited for clarity and length.

LW: With all the wonders of the digital age, it’s fascinating how important it can be to have an encrypted drive in the palm of your hand when you really need one.

Park: Exactly. The encryption in our products is handled by a chip inside the actual hardware itself. So it’s easy to use for anybody; you don’t have to know how to do encryption. The hardware itself takes care of it for you. All the user needs is a strong password to access to the data.

LW: Where do encrypted drives typically come into play in a business setting? …more

Q&A: Here’s why it has become vital for companies to deter ‘machine-identity thieves’

By Byron V. Acohido

We’re undergoing digital transformation, ladies and gentlemen. And we’re in a nascent phase where clever advances are blossoming even as unprecedented data breaches arise in parallel.

The latest example of this dichotomy comes from Timehop, a service that enables social media users to plug into their past. On Sunday, Timehop shared details about how a hacker got into their network, conducted several reconnaissance forays, and then moved swiftly on July 4th to pilfer personal information for 21 million Timehop users, including their social media “access tokens.”

Related article: How DevOps contributed to the Uber hack

Much like the recent hacks of Uber and Tesla, the Timehop caper revolved around the attackers manipulating admin credentials and maneuvering extensively through Timehop’s cloud environment.

I recently had a fascinating conversation with Jeff Hudson, CEO of Venafi, about why we are currently in a situation where criminally motivated actors are proving to be every bit as innovative as legitimate businesses, when it comes to leveraging cloud services, and developing breakthrough uses of mobile computing and the Internet of things.

Venafi is a leading supplier of machine identity protection; it helps companies secure authentication and privileged access to key components of critical systems. As such, Hudson argues persuasively that the root of the matter comes down to the need for organizations to keep a much closer account of access logons and encryption keys. And they must do this, not just for human users, but especially for machine-to-machine communications.

For a drill down on our conversation, please listen to the accompanying podcast. Here are excerpts edited for clarity and length.

LW: Can you frame what’s going on with identities when it comes to digital transformation? …more

Q&A: The case for ‘adaptive multi-factor authentication’ going mainstream

By Byron V. Acohido

The use of an additional form of authentication to protect the accessing of a sensitive digital system has come a long way over the past decade and a half.

Most individuals today are nonplussed when required, under certain circumstances, to retrieve a one-time passcode, pushed out in a text message to their smartphone, and then typing the passcode to gain access to a privileged account.

Related: Why data science is the key to securing networks

An Israeli start-up, Silverfort, is seeking to make a great leap forward in the state-of-the-art of authentication systems. Silverfort has introduced new technology that is designed to help corporations address unprecedented authentication exposures spinning out of ‘digital transformation.’

I recently visited with Silverfort CEO Hed Kovetz, who described how the idea for the company percolated when the co-founders were toiling in the encryption branch of Unit 8200, the elite cybersecurity arm of the Israeli military.

Kovetz recounted how he and two colleagues came up with the idea for a centralized authentication appliance that uses machine learning to recognize the logon patterns of all employees, and then makes strategic use of that analysis in real time.

Having visited with several cybersecurity companies marketing cutting-edge authentication technologies, it has become clear to me that advanced authentication technologies will play an important role, going forward, in helping enterprises build out ‘hybrid’ networks that tap deeper into cloud services and the Internet of Things. This is what digital transformation is all about.

For a drill down on Silverfort’s bold approach to the authentication part of the equation, please listen to the accompanying podcast. Here are excerpts edited for clarity and length:

LW: How did Silverfort get started?

Kovetz: All of us worked together very closely in Unit 8200, a cyber intelligence unit inside the Israeli army. The three of us worked a lot on these areas and really understood some of the challenges that we wanted to handle. …more

Security start-up deploys advanced AI, aka ‘deep learning,’ to detect malware on endpoints

By Byron V. Acohido

Based in Tel Aviv, Israel, Deep Instinct was one of the more intriguing cybersecurity vendors I had the privilege of spending some time with at RSA Conference 2018.

The company lays claims to being the first to apply “deep learning” to a truly innovative protection system that extends machine learning and artificial intelligence down to the level of every computer and mobile device of each employee.

Accompanying podcast: Deep Instinct pioneers AI-infused endpoint security

The company has been doing something right. Launched in 2015, it has grown rapidly to 100 employees. It has attracted $32 million in venture funding and won a satchel full of industry awards, including being named by Dark Reading’s “most innovative startup” at Black Hat Las Vegas last summer.

Deep learning is an advanced branch of machine learning and artificial intelligence. It works by sifting through the oceans of data that course through a company’s network in a series of layers, referred to as a neural network. This layered, systematic approach to making cross correlations is modeled after the human brain.

Once it is switched on, deep learning never stops. The more data fed into its algorithms, the more accurately the system recognizes things it was designed to recognize, in this case fresh malware variants. If that sounds like a gargantuan computing task, it is.

Deep Instinct’s founders not only crafted proprietary algorithms to achieve this, they also innovated a way to distribute the results (malware alerts) down to the level of personal computing devices.


Jonathan Kaftzan, vice president of marketing, walked me through how these breakthroughs are helping companies protect their networks. For a full drill down on our discussion, please listen to the accompanying podcast. Here are excerpts of our discussion edited for clarity and length:

LW: What’s deep learning all about? …more

Q&A: How EventTracker breathes new life into SIEMs — by co-managing company systems

By Byron V. Acohido

Security information and event management systems – aka SIEMs — arrived in the corporate environment some 13 years ago holding much promise.

Related article: WannaCry revives self-spreading viruses

SIEMs hoovered up anything that might be a security issue in real-time from various event and data sources. Companies could pump in all of the data traffic crisscrossing their networks, and out the other end would come intelligence about anything deemed suspicious.

Despite growing into a multi-billion dollar market, SIEMs never really lived up to the early hype. The knock on SIEMs is two-fold. First, they haven’t kept pace with the advancing complexity of business networks, such as the rise of cloud systems, mobile and IoT. And, second, SIEMs, to be truly effective, must be nurtured daily by human security analysts, who happen to be in very short supply.

One of the cybersecurity vendors I met with at RSA Conference 2018, EventTracker, a Netsurion company, aims to remove much of the frustration of operating SIEMs. EventTracker  has set out to help mid-sized enterprises overcome SIEMs’ intrinsic shortcomings, and thus breathe new life into this comparatively old technology.

I sat down with EventTracker CEO A.N. Ananth who walked me through his company’s business model, which revolves around supplying a “co-managed” SIEM service. For a full drill down, please listen to the accompanying podcast. Here are excerpts, edited for clarity and length. …more

Preempt stakes out turf as supplier of ‘Continuous Adaptive Risk and Trust Assessment’ technology

By Byron V. Acohido

Defending modern business networks continues to rise in complexity seemingly minute by minute. Perimeter defenses are woefully inadequate, and traditional tactics, like blacklisting and malware detection, are proving to be increasingly ineffective.

Protecting business networks today requires a framework of defenses. Leading tech research firm Gartner has even contrived a new buzz phrase for the required approach: “Continuous Adaptive Risk and Trust Assessment,” or CARTA.

Related article: The threat of ‘shadow admins’

I had the chance to visit recently with Ajit Sancheti, co-founder and CEO of a startup called Preempt, which has positioned itself in the vanguard of CARTA system suppliers. For a full drill down on our conversation please listen to the accompanying podcast. Here are excerpts edited for clarity and length:

LW: You’ve described Preempt as taking an identity-centric approach to security and threat prevention. Please explain.

Sancheti: Identity is the new perimeter. Think about how we now have a mix of enterprise networks being on cloud, non-cloud in enterprise data centers, and cloud hybrids. The only entity you can control is the user. If you can figure out the risk profile of users at a given time and continue to build on those profiles over time, then based on their identity, their behavior, and the importance of the asset they are trying to access, then you can actually take real-time security actions to ensure that the person who’s getting the access is who they say they are.

LW: Can you frame the problem of threat actors using legit Windows tools to wreak havoc? …more

Q&A: How to prepare for Spectre, Meltdown exploits — and next-gen ‘microcode’ attacks

By Byron V. Acohido

If you think the cyber threat landscape today is nasty, just wait until the battle front drops to the processor chip level.

Related artilce: A primer on microcode vulnerabilities

It’s coming, just around the corner. The disclosure in early January of Spectre and Meltdown, critical vulnerabilities that exist in just about all modern computer processing chips, introduced virgin territory for well-funded, highly motivated criminal hackers. And this is where the front lines will inevitably shift — to a much deeper level of the digital systems we take for granted.

Spectre and Meltdown are the first examples of a new class of flaws so deep and so profound that they really can’t be fixed until the next generation of chips gets here. That suggests that well-financed, highly motivated criminal hacking rings have years, if not a decade or more, ahead of them to take full advantage.

We are in this predicament because the chipmakers, led by Intel, AMD and ARM, aided and abetted by the operating system suppliers, Microsoft, Apple and Linux, made a decision in 1995 to toss security in the back seat as they embarked, hell bent, on a race to build and leverage faster and faster Central Processing Units, or CPUs.

The chipmakers came up with a technique, called “speculative execution,” essentially taking shortcuts at the chip level, slightly delaying verification checks to buy more clock speed. Meltdown and Spectre represent two approaches hackers can now take to manipulate speculative execution at the chip level and thereby gain access to any sensitive data residing a level above — in the operating system memory. …more