Today, we are launching Forcepoint’s X-Labs, the world’s first lab to combine deep security expertise with behavioral science research. This new department—made up of researchers, engineers, psychologists, data scientists, and security geeks—is responsible for research and intelligence across our broad portfolio of products, augmenting its capabilities through an understanding of cyber behaviors. The team’s mission is to lead the charge toward becoming increasingly more proactive, shifting our focus from static IOCs to behavioral models and profiles and building detectors that contain threats and abuses before harm can be caused. No other cybersecurity vendor is teaming such a broad range of specialists to innovate security solutions that truly understand people and their cyber behaviors.
The legacy problem
Today's security research is heavily focused on gathering as much malware and telemetry of malicious activity as possible to then build detections. This reactive approach has been part of the security cat-and-mouse game for a long time. Hackers come up with new ways to break into systems; then, the security community learns about the latest methods and builds detectors for these new attacks. The problem is that we are always a step behind, and we don't know what we don't know. The attackers undoubtedly have zero day exploits up their sleeves that we as a security industry can’t anticipate.
Leveraging artificial intelligence for risk-adaptive protection
Through behavioral intelligence insights we are moving away from reactive “yes and no” security decisions to dynamically scored risk-based decisions. By providing both threat and behavioral intelligence insights, and natively integrating these with our products, we offer true risk-adaptive protection which understands people and their behavior. This significantly reduces security friction in an organization and allows business leaders to unleash the power of productivity and innovation for competitive advantage today.
To really capitalize on these opportunities, we will develop methods that will allow us to rely on not just on the data alone, but will take advantage of human knowledge and experience to identify security problems. So many algorithms are making black-and-white decisions, even in the “gray” areas. Why not bubble those cases up to the experts to query them for input, letting them strengthen the algorithm that way?
No one method will get us to the promised land. But by mixing data-driven approaches and including humans in the process, we can deliver something really different. In the coming years, security will have to reinvent itself to eclipse our adversaries’ constant innovations, and X-Labs is taking a bold new approach to addressing our world’s biggest security challenges. Shifting away from threat-centric security toward understanding human behavior is a fundamental paradigm shift requiring novel approaches. X-Labs will enable Forcepoint to build systems to augment humans and, as point products converge, become part of a single, integrated platform that allows for a proactive, use case-driven approach to security.
I could not be more excited about today’s announcement, the future of X-Labs, and the work that Forcepoint is doing to put understanding behavior at the center of cybersecurity. If you’re at RSA this week, I hope you’ll stop by the booth to learn more about what we’re doing.