The job of cyber security analyst is especially rewarding, because it involves learning from inspiring entrepreneurs, technologists, and CISOs from around the world. One occupational hazard, however, is the incessant repetition. That is, every day, I meet with start-ups using the same <machine learning, open platform, or data analytics> to reduce risk of the same <data breaches, APT attacks, or compliance gaps> for systems in the same <public cloud, hybrid cloud, or virtual data center>. Sigh.
Luckily, when one-after-another of these technology interviews start to wear me down, I seem to always connect with a new company providing an entirely different offering - something that did not emerge from a Mad Libs exercise by a bunch of B-school grads. When this happens, it revives my energy and I can't wait to share my learning with all of you. I found exactly this fresh approach in a company called TenFour (nee Alliant Technologies), located right here in the Garden State.
CEO and Founder, Bruce Flitcroft, leads the company, which seems to double in size every time I visit. His team has pioneered the concept of partnering with the best ISPs and network providers to offer business customers so-called IT infrastructure utility services. The idea is that just as energy services can be procured as a utility, so can underlying network services - and this includes cyber security - for the enterprise.
Following this IT utility approach, TenFour has constructed world-class services that integrate the lower layers of the protocol stack into capabilities that simplify network operation for the enterprise. This has useful implications for cyber security, because standard protection components can be embedded into the utility service that can then federate and export indictors, intelligence, and response to the upper application levels.
I had the great privilege to visit with TenFour recently, meeting many new team members, and delivering a talk on cyber and network security as part of a company town hall. Below is a summary of a conversation I had with Bruce about his fine solution and its unique implications for cyber security:
EA: Let's start with the basics: Can you explain what is meant exactly by IT infrastructure utility services?
BF: What we've pioneered at TenFour involves design and delivery of standard IT utility infrastructure components into an agile and reliable on-demand network solution. We're delivering, as a network service, core IT infrastructure previously viewed as uncloudable - including routers, switches, firewalls, phones, WiFi, and even IoT devices. We've even included bandwidth and circuits. As you know - and as your readers will be interested to know, we also embed and integrate network security into this concept. The result is that our customers let us take care of the lower layers of the protocol stack so that they can focus on their business and innovation agenda.
EA: Do you see many cyber threats hitting your enterprise customers at the lower network layers?
BF: Unfortunately, the answer is yes, but this is the case long before our customers integrate our solution. We find that many of our customers have been getting hit hard for long periods of time because their attack surface is enormous and irregular. We try to introduce a reference architecture design for them with smaller and more simplified attack surface space. As a result, we will generally see the number and intensity of attacks decrease, if only because there are easier targets elsewhere. Our security challenge is to ensure that these threats do not create problems for our customers. We use standard components to build sensible security protections for network layers 4 and below, and we export the alarms, logs, and notifications we receive through our service interface to customer security systems such as security analytic platforms and SIEMs.
EA: Are enterprise applications truly better protected by using a more secure underlying network base?
BF: It was probably correct to say that the earliest original security attacks targeted the lower layers of the network stack. We all remember those early TCP/IP packet attacks that hackers liked to launch in the Nineties. Today, however, the biggest security challenges seem to exist at the higher levels, usually targeting applications and users. Given that a house is only as strong as its foundation, the TenFour team recommends integrating security solutions into the underlying utility to free up the security team to focus on attacks to applications. Every network requires a multifaceted security plan that should be diligently maintained so there are no cracks in the foundation.
EA: How do utility services deal with DDOS attacks?
BF: We approach the problem using the best standard solutions from world-class service providers to divert traffic and ensure proper scrubbing. The challenge, as mentioned above, is that many DDOS attacks are moving up the stack and beginning to target applications. This requires more tailored solutions based on the specifics of the application. Our utility service is designed to support this activity by ensuring solid network controls.
EA: What are your predictions for the coming years for this type of IT infrastructure utility in the context of security?
BF: The TenFour team believes that utility solutions will increase in relevance and importance across the entire IT industry. More and more security features, such as log management, access controls, intrusion detection, and firewalling, are just going to be a requirement of the standard service and not sold as standalone elements. TenFour has taken this approach by embedding network security as a core service of its IT infrastructure utility. As standard, automated components can be used to create best-in-class networks for enterprise, it makes perfect sense to move toward this more efficient approach. Accordingly, we believe that more enterprise teams will come to recognize and rely on utility-based network protections. As attacks move up the stack, it is a good idea to deal with the lower layer attacks in the most standard manner possible. Utility security solutions work that way.