home
 

HP Banner

Fraud Prevention Solutions

 

Joseph KrullMr. Scott B. Suhy
Chief Executive Officer
NETWATCHER


SecuritySolutionsWatch.com: One will read about NetWatcher that, “Through continuous network security monitoring, NetWatcher serves as a 24/7 watchdog for your data and network. Our team of cyber security experts monitor your network and provide the managed security services you need to grow your business.” Please give us an overview of the solution NetWatcher delivers.

Scott Suhy:  Executive staff of companies, board members and those with confidential company (and government) data use smartphones, tablets and laptops that go between work, home networks and public Wi-Fi, leaving their company data as a prime target. Bad actors know this and are using this soft underbelly to exploit infrastructure of larger companies via their supply chain.

For the last ten plus years Fortune 5000 organizations have been installing security software, creating governance models and hiring security professionals to fend off cyber related attacks on their companies. However, companies in the Small to Medium Enterprise market (SME) have been doing almost nothing to defend their infrastructure from malicious bad actors. In general, they can’t afford the protection (security products are expensive), they can’t hire the cyber security talent and their executives do not understand the problem or make it a company priority. 

We built NetWatcher from the ground up to solve the problem of the SME who need a tool that is

  • Easy to install and use;
  • Accurate (drastically minimize false positives and noise); and
  • Affordable.

If we solved these key goals, we would be able to accomplish the mission of bringing enterprise security to the millions of businesses beyond the Fortune 5000. NetWatcher tightly couples Intrusion detection, netflow monitoring, active scanning, end point protection and event management with an advanced correlation engine that both detects malicious exploits and also highlights what users are doing that has opened the company up to exploit.

SecuritySolutionsWatch.com:  We understand that small and medium Enterprises (“SME’s”) with under 1000 employees is your key target market. What is your perspective, Scott, regarding the unique value proposition that NetWatcher delivers in this space.

Scott Suhy: When we designed NetWatcher we designed it for the small to medium enterprise market but we wanted to be able to scale it to any size network over time. NetWatcher today can work in any size network, however, there is so much need for us in the SME market that it is where we are focused at the moment. SMEs can’t afford the technologies being used by the Fortune 5000 and if they could, they can’t afford to hire the security analysts to run these complex tools. NetWatcher is easy to use, easy to install, easy to understand and highly-accurate so users are not dealing with a lot of nonsense alerts. We only tell the business what they want to know…where are my problems and what do I do to fix them.

SecuritySolutionsWatch.com:  You mentioned a couple of times that NetWatcher is very easy to use.   Most security tools are designed for technical people, can you give us an example of how you are making security easy for anyone to use?

ScottSuhy: One example is our iPhone application.  The app provides businesses with a real time snapshot of their overall network security, allowing them to access their user portal on-the-go. The app also features an overview of the user’s NetWatcher Score, which shows real-time vulnerability levels and how susceptible their company is to an attack. Based on the score the app recommends if action needs to be taken to secure the network and enables companies to resolve issues before a breach even occurs.

SecuritySolutionsWatch.com:  Beyond SMEs, how could large enterprises benefit from NetWatcher?

Scott Suhy:  We see two areas of the enterprise that would be ideal candidates to deploy NetWatcher – branch offices and franchises. In regards to branch offices, most CIO/CISO’s of large organizations have many buildings to cover across different geographies. While they often focus on the headquarters, they often don’t have the resources or budget to support branch offices. NetWatcher is a very cost effective option for providing enterprise level security to all those offices.  In regards to franchises, most franchise cannot afford more than a firewall and antivirus software. We offer a low cost / high value option to put enterprise security in each of those locations that can be either managed individually or all as one.

SecuritySolutionsWatch.com: We read with great interest this compelling feedback from one of your customers, "NetWatcher gives us peace of mind with regular monitoring of outside threats. This lets me focus on our customers and development priorities instead of trying to figure out every possible security threat.”  This is indeed quite impressive from the CEO at Avizia, Mr. Mike Baird. Care to elaborate on this and any other of your success stories?

Scott Suhy: Security is an expense much like liability insurance. It is necessary but it’s not going to make your company more money. It may save your business or your job, but it’s not a profit center. Our customers like us because we offer an affordable solution for the SME market that is easy to use and offers all the elements of an advanced Fortune 5000 solution. Before NetWatcher, the only thing these companies could afford was Anti-Virus software and a Firewall. Now they have access to a real-time continuous monitoring solution operating 24 hours a day, 7 days a week. This provides peace of mind to allow them to focus on operating their business.

SecuritySolutionsWatch.com:  Can we discuss the IoT environment for a moment? The daily headlines tell us that the bad guys are always looking for the weakest link into the network.  What does NetWatcher offer to the company leveraging IoT solutions?

Scott Suhy:  Because of where NetWatcher sits behind the firewall, we see all the traffic going over a company’s internet connection. This allows us to monitor for issues on devices connected to the networking including smartphones, copiers, boardroom televisions, and cameras –essentially anything with a TCP/IP address.

Unintentional Insider Threats (UITs) seems to be a fast growing and major issue today as employees/users might innocently click on phishing messages, visit nefarious websites, run risky/outdated software, connect to an unsafe WIFI, or fall into any number of other traps.  More


Joseph KrullMr. Jim Remo
Distinguished Engineer
Chief Architect, Security
www.CA.com


SecuritySolutionsWatch.com: Thank you for joining us today, Jim.  Before discussing CA solutions in greater detail please tell us about your background.

Jim Reno:  I’ve been working in the security space for about 15 years, mostly in the areas of identity management and authentication. I helped create the 3-D Secure protocol used in Verified by Visa and Mastercard SecureCode as an additional authentication factor for online transactions. I joined CA as part of the acquisition of Arcot Systems in 2010.  At Arcot I led the development of products that provide multifactor and risk-based authentication.  At CA I guide the overall architecture of our Security portfolio.

SecuritySolutionsWatch.com: We understand CA is closely involved with the FIDO Alliance. Please tell us about FIDO and CA’s participation.

Jim Reno:  CA joined the FIDO Alliance last year to improve user authentication and solve some of the big problems leading to breaches and user dissatisfaction.  We’ve been looking at how the FIDO specifications can work with our own security products; for example, we demonstrated FIDO integration with CA Single Sign-On, our SSO and federation solution formerly known as CA SiteMinder.

SecuritySolutionsWatch.com: Breaches at Target, Home Depot, JP Morgan, UPS, and the recent theft of over one billion passwords by Russian hackers have raised concerns about authentication and cybersecurity as never before. What is your perspective, Jim, regarding these recent cyber attacks and breaches? Are we seeing the prediction of Microsoft Chairman Bill Gates, a prediction he made several years ago, coming true regarding the“death-of-the-password”?

Jim Reno:  A significant number of breaches can be traced back to some sort of stolen credential, usually a password.  Passwords are fine in small doses – when things were simpler and you only had a few, they weren’t difficult to use.  For example, 4-digit ATM PINs have been used successfully for many years by millions of people.  But increasing computer power in the hands of attackers has led to a need for longer, more complex passwords at web sites. The proliferation of online business and mobile transactions and operations has created a situation where passwords aren’t always a good fit. The average person can’t possibly remember all of the complex passwords and typing a long password on a mobile device is one of the fastest ways to frustrate a user or customer.

We need a better solution.  People have been making statements like ‘the death of passwords’ for a long time, but it doesn’t have to be that black and white.  We need flexible solutions that are convenient to use.  Those solutions might well continue to include passwords, if they can do so in a way that’s both secure and user-friendly.  I think this will evolve in a way where multiple types of technologies whittle away at different parts of the problem.  For example, federation technologies will help reduce the number of credentials a user has.  Biometrics will provide options to passwords.  Multifactor credentials, found in CA Strong Authentication, and new password management systems, which incorporate CA’s patented key protection technology, will improve security.  Use of mobile devices for authentication will allow a user a single point of interaction, applicable at many sites.  More