“Big data intelligence and AI can be leveraged to establish baselines for normalcy and monitor environments for deviations.”
Hi Arti, please tell us a little bit about your role and the journey in the data security industry?
I pivoted into cybersecurity twelve years ago when a former manager recruited me into his GRC platform company. I realized very quickly that I was more interested in the actual security controls than in the documentation of them (which is what GRC does) and this led to a series of moves that culminated in my time at Symantec. At Symantec I worked inside product management for the enterprise business while also leading UX and competitive intelligence for Symantec’s overall enterprise business. It is at Symantec that I developed a solid appreciation for both the broader security toolbox as well as critical gaps. Once at Titaniam, I was able to leverage all that knowledge into an excellent product and go-to-market strategy.
What inspired you to start with Titaniam?
Like millions of other Americans, I was impacted by the Equifax data breach. In addition, around the same time, there were a number of high-profile data breaches where individual identity data was stolen. It was clear from the aftermath that once data is stolen in a breach, it has a very long tail of impact. After one breach, the stolen data is used to compromise other systems and the cycle goes on much longer than anyone likes to admit.
This made me look into ways in which we can protect personal data while still utilizing it, and eventually this led to the creation of Titaniam. Titaniam offers a few unique capabilities, one of which is the ability to actively utilize data for search and analytics while still retaining encryption. This is called encryption-in-use. Today, Titaniam is one of the few, if not only, solutions in the market that utilizes high-performance encryption-in-use to deliver immunity to data related attacks. The approach has been so successful that we have been written up by Gartner and have won a large number of industry awards.
Read More: ITechnology Interview with Wendy Johnstone, Chief Operating Officer at Zendesk APAC
Could you please provide us with the most contemporary definition for “data exfiltration”? How have data exfiltration trends evolved in the last 2-3 years, particularly linking to the pandemic times?
In the past few years, we have seen a new trend where cybercriminals, specifically ransomware gangs. are no longer limiting themselves to just locking up systems via encryption — they are making sure to steal data ahead of the encryption so that they can have additional leverage on their victim. This, specifically, is the data exfiltration stage.
In general, ransomware attacks involve three distinct stages: infiltration, data exfiltration, and system lockup via encryption. Success in any of these stages results in a win for attackers because they then can extort the victims.
The different stages work as follows:
- Infiltration: Once they’ve infiltrated a network, attackers can monitor victims’ behaviors and install backdoors. This type of exploitation can be sold as information or as access to other criminals.
- Data Exfiltration: Attackers can use the stolen information to demand ransom from victims, their customers, their partners, their board members and even their employees.
- System Lockup: Attackers can prevent the victim from accessing their own systems, especially damaging if the organization lacks the proper backup and recovery methods.
Ransomware gangs are increasingly shifting their focus more on data exfiltration and less on system lockup, as data exfiltration is more profitable and less risky. It is just easier to quietly steal data and then use it to extort multiple parties rather than risk getting caught while encrypting files and deal with decryption technology.
What kind of data security technology stacks should CIOs invest in – could you please provide a sneak peek into the top DataSec solutions CIOs should look out for?
This year we have already seen thousands of successful ransomware attacks on victims who had significant investments in prevention/detection, and backup/recovery solutions. The data shows us that a complete ransomware defense strategy should include all three areas: prevention/detection, backup/recovery, and the most important and often overlooked area of, addressing data exfiltration.
The first two are well understood so I’ll talk about the third here.
Data exfiltration is typically carried out using trusted or administrative accounts and so typical security controls fail to prevent it. To address the risk of data exfiltration, CIOs and CISOs should look at advanced data security platforms that offer practical and high-performance encryption-in-use in combination with traditional data security controls.
With encryption-in-use in place, attackers that ride in on trusted credentials and seek to exfiltrate large volumes of data will still not have access to it in unencrypted form. This is one of the best defenses currently available to address this area. A recent survey we conducted via an independent third party provided a lot of data substantiating the above. The research found that 65 percent of organizations who have experienced a ransomware attack have also experienced data theft or exfiltration due to the incident.
Of those victims, 60 percent say the hackers used the data theft to extort them further, known as double extortion. Most of the victims, 59 percent, paid the hackers, implying that they were not helped by their backup or data security tools to prevent this fate.
To find a comprehensive strategy, organizations need to do more than just invest in detection, backup, and recovery solutions, but look at the big picture to find a complete solution to ransomware.
Ransomware attacks are at an all-time high. What are the possible factors behind this security trend?
There are three main reasons for this trend: First, valuable data is being gathered and utilized by organizations way faster than security personnel can control and protect it. The default state of this data is unprotected. This by itself is a huge factor in rising data compromise numbers. Even if the relative security of data remained constant, there is just that much more of it lying around!
Second: Ransomware attacks are so profitable that there is an enormous and well resourced industry behind it. Too many smart, well educated, and highly motivated people are constantly looking for ways to attack. Third, traditional tools are highly ineffective against ransomware because the most common attacks aren’t about attackers “hacking” in but rather attackers “logging in” using stolen credentials. When this happens, traditional security tools view attackers like they would valid users.
Until organizations put in security that is “invariant” i.e. it is always secure by default, this trend will not be checked. Deploying solutions like the one described above would be highly recommended..
Your recent finding states a majority of data security tools fail to prevent ransomware and extortion. Could you please tell us what data organizations should do in order to stay secured?
You cannot secure yourself against something you do not properly understand, so the first thing organizations need to do is to break down the how and why of ransomware attacks and examine those in light of their own organization. A three part attack needs a three part defense! When the attack involves infiltration, data exfiltration, and system lockup – the solution needs to involve prevention solutions that address infiltration, encryption-in-use style data security to address sata exfiltration, and backup and recovery to address system lockup. Anything less would not be sufficient
Could you emphasize on the need to improve cybersecurity for business success?
The findings of our report say 90 percent agree or somewhat agree that they have a sufficient budget for data security tools. 59 percent claim data security has the highest security spend. Yet, in the face of these attacks and data exposures, nearly all (99+ percent) respondents would be interested in data security solutions that protect sensitive data at all times, including while active and in use.
Promisingly, the survey revealed organizations have enough budget to improve which solutions security and data teams are using. This indicates that boards and executives appear to recognize the importance of cybersecurity to business success.
As businesses and the ability of technology continue to expand simultaneously, you cannot afford the risk of having your data stolen. The time, money, and distrust in your company when you are hacked makes it more worth the investment upfront in immunity to ransomware.
Read More: ITechnology Interview with Katie Drucker, Director and Global Leader, Business Development at AWS
What kind of culture should CEOs / CIOs develop to ensure cybersecurity becomes a winning tool?
CEOs, CIOS, and CISOs should develop a culture of both information as well as motivation. Just like in other areas, the best outcomes are driven by teams where each member is fully informed about the how’s and why’s of the goal. Once you have the proper information available to employees, half the work is done. The other half would be to motivate them to absorb and internalize the information and do their part in keeping themselves, the organization and its data secure.
How do you see Big data intelligence and AI playing a bigger role in data security?
Big data intelligence and AI are both part of the problem as well as part of the solution. In so far as these require the accumulation of massive amounts of data that is forced to reside in clear text for the purposes of analytics, these systems end up being the epicenter of data breaches. However, they can also play a major role in keeping organizations more secure.
Big data intelligence and AI can be leveraged to establish baselines for normalcy and monitor environments for deviations. The applications cover a wide spectrum of security areas including attack prevention, network security, user and entity behavior and analytics, identity and access, and several others.
Your take on the future of data security platforms and how big the industry will become by 2025:
Data is and will continue to be accumulated at an accelerated pace. It is already difficult to bolt-on security and with the increasing scale and complexity of big data, this will become nearly impossible in the years to come. Companies should look for ways to build applications and data stores that are natively secure from compromise.
Breach-proof from birth!
Practical and performant encryption-in-use, combined with traditional data security technologies, will be the key to the secure-by-design approach that is needed as technology continues to advance and data becomes more and more valuable. As to the question of size, estimates range from the low single digit billions to double or triple that much.
Any advice to every CIO or CEO yet to invest in a reliable data security tool?
If you have not already invested in a comprehensive data security tool, I would highly recommend a modern high-performance, enterprise grade platform such as Titaniam. Titaniam combines high-performance encryption-in-use together with nine traditional data security mechanisms to deliver both brand new capability, as well as the equivalent of at least four other older-generation data security solutions. This type of platform can work across cloud platforms, cover a wide variety of databases and applications, and also provide a developer tooklit for custom app development that would be natively secure from birth. If you have not yet made this type of investment, going with a previous generation of solution with outdated capabilities would limit your chances of success against modern attacks.
Read More: ITechnology Interview with Ted Kummert, EVP, Products & Engineering at UiPath
Thank you, Arti! That was fun and we hope to see you back on itechnologyseries.com soon.
[To participate in our interview series, please write to us at sghosh@martechseries.com]
Arti Raman is the founder and CEO of Titaniam. She specializes in advanced data protection techniques including high-performance encryption-in-use. Prior to Titaniam, she was a senior product management leader and head of UX and competitive intelligence for Symantec’s enterprise business. Arti hold a number of patents. She was the youngest and the first female recipient of the Rosenthal Award for outstanding contribution to the field of investment and finance for her work with late Dr. Ed Lazear, former US Chief Economist and Nobel laureate, Dr. Michael Spence. Arti holds degrees in Business, Economics, and Mathematics.
Titaniam is the industry’s most advanced data security platform that utilizes high-performance encryption-in-use to keep valuable data secure even if the enterprise is breached and its data stolen. With the ability to process data without decryption as well as support nine different privacy-preserving data formats, Titaniam is the market’s answer to address ransomware and extortion, insider threats, and data privacy enforcement. In addition to cutting-edge encryption-in-use, a single deployment of Titaniam provides the equivalent of three other categories of data security solutions. In the event of an attack, Titaniam offers auditable evidence that valuable data retained encryption throughout the attack, thus minimizing compliance as well as notification obligations. Titaniam was founded in 2019 and has offices in Silicon Valley and India.
