Cyber Resiliency through Micro Focus

by in Security

We at Micro Focus saw some months ago the shift in perception, the need for a change in how we approach the discipline of Cybersecurity, especially in these troubled, difficult, exceptional times.

This is why we put a special light in Cybersecurity, with a huge investment in people and technology and with the goal of enhancing the security posture of the customers we are honored to serve.

Picture3.pngFor that, we differentiate between Cybersecurity and Cyber Resiliency. While the former is about Identify - Protect - Detect - Respond - Recover and we feel that the industry has been 'throwing' solutions at the endpoint and infrastructure, we understood that Cyber Resiliency is about 'the capacity to endure, the ability to resist' (that's actually the definition from the dictionary) and we realized that the dimensions of Cyber Resiliency are even more important: Anticipate - Withstand - Recover - Evolve.

Consequently, it is crucial that organizations comprehend the possibility of a breach through the lenses of anticipating to it, withstanding -if it happens-, recovering from it and, more importantly, evolving to the next stage, enhancing the response capabilities and becoming a more resilient company.

We have defined a unified and simplified approach for Cyber Resiliency that is built on decades of experience and which is focused on those four dimensions.

Our vision and mission is driven through Identity & Access Management, Data Security, Security Operations and Application Security... and fulfills our purpose and promise, which is making our customers more secure... more resilient.

Resiliency through Identity and Access Management

Identity and Access Management is a decades-old dimension of cybersecurity. Making sure who has access to what, when the access was granted, how permission was given, for how long, with what privileges, is fundamental to ensure that the right people is touching the right information at the right time. Now, more than ever, in this epoch of home working and remote access it is imperative that a solid and holistic approach is taken when it comes to roles, entitlements, privileges, rights, accesses.

For that, we at Micro Focus believed not in a siloed approach but in an end-to-end yet modular approach that connects seamlessly with existing investments but integrates solidly with our own platform.

We felt that having a directory is crucial, as it is enabling federation with different environments while ensuring that someone is who she/he says she/he is through advanced authentication. In the very same way, facilitating the angles of Assurance and Auditing with a second-to-none Governance perspective and safeguarding critical systems managing privileged access is a fundamental function of security.

All the answers that our IAM platform provides ensure that we can anticipate problems before they happen when it comes to access, that the organization withstands with a single pane of glass regarding rights and entitlements, that the entity is ready for recovering to the desired state if a breach happens and is capable of evolving to its next iteration making sure that systems and platforms are secured and with the right 'circles of trust' in place.

We at Micro Focus firmly believe that our IAM platform goes beyond being reactive in Cybersecurity and facilitates adapting and adopting a more resilient posture. One that can anticipate, withstand, recover and evolve if problems arise with people, identities, accesses, infrastructure. We enable Cyber Resiliency through IAM.

Resiliency through Data Security

Privacy is one of the pillars of our society. Protecting information sits at the core of any community as we might be entering in an era of a world with no secrets. Consequently, companies need to safeguard data that, in the end, creates information (different sets of data, aggregated, become information, we believe).

Specially in this 'cloudified' era with data coming back and forth not one but many different clouds, several environments, multiple devices, encrypting data has become paramount for any security strategy. However, we at Micro Focus wanted to go beyond and have embraced the discipline of Cyber Resiliency... through Data Security. With unparalleled features such as tokenization, FPE (Format-Preserving Encryption) and FPE (Format-Preserving Hash), the expectation of a resilient company is that it is capable of anticipating, withstanding, recovering and evolving.

With Micro Focus' Data Security platform we ensure that data that is hidden/encrypted/tokenized/protected cannot be accessed by the wrong people and, thus, we can anticipate problems before they arise... on any platform, any Cloud, anytime. Information that is safeguarded with our Voltage product line allows an organization to withstand an attack and could be actually considered a mitigation strategy in a court of law. The possibilities of recovering data and, most importantly, evolving to the next state, a best version of the company when it comes to Data Security is what we do with our technology. We do understand that one cannot expect to be resilient -the capacity to endure- without providing assurance that the data upon which the company is built is secured. That's what we do beyond Cybersecurity. We enable Cyber Resiliency through Data Security.

Resiliency through Security Operations

Having full control and visibility of what's coming in and out of a network is considered a cornerstone of any cybersecurity strategy. One cannot protect what it is now known and, as a consequence, providing a tool that is capable of correlating different feeds and sources of information in order to identify threats and protect against them seems instrumental for success.

However, identifying and protecting is not enough and this is why we at Micro Focus have leveraged technologies such as unsupervised Machine Learning to anticipate threats and withstand tough situations through deep monitoring.

We ensure the capacity to be resilient by having the MITRE ATT&CK framework embedded in our platform and enabling the organization to evolve to a desired state in terms of risk appetite. Our ArcSight ecosystem sits at the core of the cyber resiliency dimension because it fulfills the promise of making the organization strong on visibility of their in/out channels. We facilitate the understanding of patterns of attack, abnormal behavior and traffic anomalies and, because of that, we support a balanced view of the business, a journey from cybersecurity to cyber resiliency for analysts, threat hunters, SOC managers, risk directors, compliance officers. We enable Cyber Resiliency through Security Operations.

Resiliency through Application Security

In an epoch where applications are moving back and forth IN the Cloud, FROM the Cloud, TO the Cloud, THROUGH the Cloud, organizations need to ensure that they are bug-free and have no vulnerabilities in the code.

The Cyber Resiliency aspect of Application Security (anticipate - withstand - recover - evolve) requires testing the code in a flexible way, both dynamic and static, mobile and in the Cloud. Our customers deserve to know the risk that implies that an application is using vulnerable Open Source libraries... and our Fortify set of solutions provide not just description but even suggest the right code and explain visual dependencies of some developments.

Cyber Resiliency can be enforced through Application Security by making sure that applications are robust and solid before moving them into a production environment, by ascertaining that they are updated and utilizing the right APIs. In these times where everyone is connecting from afar to different applications hosted on-prem, in the Cloud and in hybrid infrastructures, being resilient with the applications that support the business is imperative. We enable Cyber Resiliency through Application Security.

A new era of cyber resiliency

It’s time for organizations to strengthen their cyber resilience and learn how to intelligently adapt their security.

 

More information:

Join our Security Community | What is Cyber Resilience? | What is Cybersecurity?

 

Anonymous