Helping CISOs shift their approach to a risk-based model
At RSA we announced the formation of X-Labs division, the world’s first dedicated research division combining cybersecurity expertise with behavioral science research. Part of the work of the X-Labs team will be to leverage the Adaptive Trust Profile (ATP), also announced last month.
While at RSA I had a chance to interview CTO Nico Fischbach on the significance of the ATP and why it matters to CISOs. Those videos and transcripts are below.
ATTRIBUTES, BEHAVIOR MODELS, AND INFERENCES
The Adaptive Trust Profile is the most recent investment we are making in Next-Gen analytics. It actually is a collection of attributes, behavior models, and inferences. Attributes is about tracking entities like people or accounts. Behavior models is about trying to track down what is known good or known bad, and everything in between. And inferences is trying, without knowing what’s going on, to infer, for example, that this meeting has been running long and you’re hungry. And how do we use that in our products to help drive risk scoring.
WHAT MAKES ATP DIFFERENT
The big differentiator with ATP is that for a long time the industry has been looking at threat intelligence. What we are doing is looking at behavior intelligence. So, the human centric side of security. We’re using counter intelligence, human behavior research and psychologists to help us frame that environment and derive behavior intelligence. That is the big difference.
HOW THE ATP HELPS CISOS
I’ve had a chance lately to spend a lot of time in the field meeting with CISOs. Clearly they are shifting their approach, especially due to digital transformation, to a risk-based model. They still have to look at compliance, regulations, and infrastructure security. But what they want is actually an approach that helps them think about risk and in terms of risk. And that fits very well with our risk-based approach in our products, and all those things that we have been discussing like the Adaptive Trust Profile and the Forcepoint Converged Security platform, which enables them to look at all of those things from an IT point of view -- but also from an OT point of view for those of them operating in that field.