Unisys
Cybersecurity strategies in a digital revolution
DIGITAL REPORT 2020
02
Unisys: cybersecurity strategies in a digital revolution
03
www.uni s y s . com
UNISYS
Industry-leading experts from Unisys discuss cybersecurity strategies, software and best practices that empower organisations to succeed amidst a digital transformation
U
nisys is a multi-billion dollar global IT organisation known for building highly secure, modern digital platforms. Unisys
provides multi-cloud solutions including cybersecurity, targeting various sectors such as Digital 04
Government, Lifesciences and Healthcare, Financial Services, and Travel and Transportation. The organisation transforms and manages its client’s applications, data, networks and devices. JP Cavanna is an Industry Director - Cybersecurity UK & EMEA at Unisys and is a strategist focusing on Unisys Stealth®. Since beginning his career in cybersecurity in 2003 with the Metropolitan police, he believes that cybersecurity has continued to become more challenging in recent years. “Since its inception, cyber is becoming ever more complex as we bolt on solutions to problems that we perhaps haven’t foreseen,” explains Cavanna. “As an example from many, the convergence of IT and OT is a big deal for businesses at the moment because that conversion
05
www.uni s y s . com
UNISYS
“ Since its inception, cyber is becoming ever more complex as we bolt on solutions to problems that we perhaps haven’t foreseen” — JP Cavanna, Industry Director Cybersecurity UK & EMEA, Unisys
brings a lot of tangible business outcomes for them but also brings a huge amount of risk too. This is because these operational technologies could only previously be attacked physically, but now if they are connected to an IT system, you can get to them from pretty much anywhere.” At the beginning of 2020, Unisys announced the launch of the latest version of its award-winning Unisys Stealth security software suite. Stealth strives to give its clients order, resil-
06
ience and breathing room in their cyber posture so that they have the confidence to handle whatever happens and so providing assurance, reassurance and resilience to the business. “We achieve this by using software defined perimeters and identity-based encrypted microsegmentation to create a zero trust environment, providing hyper secure end-to-end encryption of data between any two points, anywhere,” he explains. “This is in addition to unique capabilities in cloaking networks (so they become undetectable to attackers – ‘you can’t attack what you can’t see’), dynamic isolation, an industry first that can isolate a rogue
Unisys - Stealth CLICK TO WATCH
|
5:06
07 endpoint or user in under 10 seconds,
security incidents, stopping attacks
and cyber recovery capabilities that
in progress. “The beauty of it being
will allow our clients to restore their
software is that it overlays network
golden copy data safely back into an
architectures and integrates with
infected network within minutes of
applications and security toolsets that
an attack occurring.”
organisations may be using,” explains
The Stealth solution addresses
Cavanna. “You don’t need to replace
threats associated with the ever-
anything, Stealth overlays it nicely.”
evolving digital landscape where
This overlay will help to visualise
adoption of cloud, mobile and IoT
network traffic and the nodes in the
continues to accelerate. Through its
computing environment. It collects
integration with security incident and
network traffic data that enables
event management systems, Stealth
the user to identify the nodes in their
provides clients with the reassurance
environment and their communication
of immediate action to respond to
paths. “This capability works alone or www.uni s y s . com
UNISYS
will integrate with other toolsets you
If you combine it with encrypted micro-
may have in your environment giving
segmentation, what you do is you
unprecedented network visibility and
compartmentalise your network so if
visualisation, an essential component
an attacker or malware gets into that
of a zero-trust environment,” says
space, it will limit its travel within the
Cavanna. “The Stealth capability con-
microsegment and thus your network
sists of several elements mentioned
will be isolated from malware in time,
at the beginning of this report, a par-
i.e. in under 10 seconds.
ticularly useful one of which is dynamic
“Furthermore, this microsegmenta-
isolation. This identifies a rogue end-
tion provides granular visibility into
point or user and isolates it in under 10
your network and, if you want to
seconds, which is incredibly powerful.
create a zero-trust environment, it’s
08 E X E C U T I V E P R O FILE :
JP Cavanna Title: Cybersecurity Director Industry: IT JP is a passionate cyber security leader with a career that spans 17 years. JP started his career in digital forensics with the Metropolitan Police Special Branch in London, before moving to the private sector in 2009. He has held several director positions building and managing cyber professional services businesses in large UK and global organisations, spanning a diverse range of industry sectors. Consequently, he has deep experience in helping clients to create resilient security environments. He is a regular speaker at conferences, on specialist panels and in the media.
“ Stealth brings order, resilience and breathing space to your organisation” — JP Cavanna, Industry Director Cybersecurity UK & EMEA, Unisys
09
fundamental that you know exactly
on the VPN for such tasks, which is
what is happening on the network,” he
ageing technology that has well docu-
explains. “We call the microsegmen-
mented vulnerabilities and limitations.”
tation of a network Communities of
Cavanna insists that the future of
Interest (CoI). Aside from the obvious
the software is bright and adds that
provision of least privilege for users
there are set to be even more features
accessing only that data and applica-
added in the near future. “Stealth is not
tions they need to do their jobs, these
a ‘new kid on the block’. It has been pro-
CoIs help to protect legacy systems
tecting governments and commercial
in a network as well as IT/OT enabled
organisations for nearly 20 years and is
technology. This principle can be used
constantly being improved and updated
to provide secure remote access for
with new features. One key development
employees and to reduce reliance
feature this year is our identity capability.” www.uni s y s . com
UNISYS
Unisys - CloudForte CLICK TO WATCH
|
3:35
10 Stealth Identity™ is a biometric identity management software and it is a vendor-neutral, highly scalable,
improve the functionality of this very powerful software. “If you think about the challenges
multimodal, multi-channel, easy to
of cybersecurity today, it’s all about
use, extensible and auditable system
protecting data. In the old days, we
that securely stores verified biometric
used to try and create an impenetrable
identities and supports the complete
fortress and protect everything at the
biometrics identity lifecycle. “We’ve
perimeter,” he explains. “Now we’re all
been protecting borders with it for
connecting into company data, which
20 years,” he says. On other features,
is the most precious asset, by differ-
“We’ve also enabled iOS and Android
ent means, be it corporate laptops,
devices along with updated Stealth
mobile devices, tablets etc. So, where
dashboards to provide even bet-
is that perimeter today? The new
ter visibility, so you can see we’re
perimeter is arguably us humans. With
continuously seeking to expand and
its ability to reduce the complexity of
your environment, encrypt your data
spent a large portion of her career with
in motion hyper-securely between
Hewlett Packard Enterprise leading
any two endpoints anywhere, bring
engineering efforts for cloud software
visibility and control to your network
and as Director of Cloud Practices
with identity-based encrypted micro-
at DXC before transitioning into her
segmentation, and to stop attacks in
current role with Unisys in November
their tracks at malware speed, Stealth
2019. Ramraj is responsible for accel-
brings order, resilience and breathing
erating and securing the cloud journey
space to your organisation.�
for Unisys customers leveraging
Anupriya Ramraj is Vice President of Cloud Services at Unisys and has
CloudForteÂŽ software. She likens cloud migrations to a space odyssey.
E X E C U T I V E P R O FILE :
Anupriya Ramraj (Anu)
11
Title: Vice President of Cloud Services Industry: IT Anu is Vice President of Cloud Services and leads global cloud portfolio and delivery at Unisys. She has over 24 years of software management and product management experience in roles at Siemens/HP/ HPE/DXC. In her former role at DXC and HP/HPE as Cloud Services Director, Anu incubated and scaled public cloud practices and led operations automation and engineering efforts for HP public cloud. Anu is passionate about building an innovative, agile and collaborative culture with emphasis on digital transformation and customer obsession and holds three patents. Anu has a Masters in Computer Science from California State University, Chico and several cloud and agile certifications. www.uni s y s . com
UNISYS
12
“ Depending on whether you want to go to the Moon or Mars, you’re going to need a different set of landing gear and that’s how we view multi-cloud migrations”
— Anupriya Ramraj, Vice President of Cloud Services, Unisys 13
“Depending on whether you want to go to the Moon or Mars, you’re going to need a different set of landing gear and that’s how we view multi-cloud migrations,” she says. CloudForte is a comprehensive services offering to help accelerate secure migration and transformation of data and applications to a cloud that best fits the customer needs including private clouds, and hyperscalers like Amazon Web Services, Microsoft Azure and Google Cloud. Customers in the commercial and public sector leverage CloudForte and Unisys’ expertise to transition to the cloud. www.uni s y s . com
UNISYS
CloudForte managed services are
sector agency that was looking at
subscription-based, so users can
three months to provision any hybrid-
seamlessly access and innovate lever-
cloud workloads due to a lot of manual
aging the full potential of cloud across
processes they had in place. Using
any scale and optimise resources,
Unisys CloudForte solutions, we were
facilitate day-to-day cloud operations,
able to hyper-automate and bring
manage hybrid infrastructures and
down the provisioning time to less
drive down costs.
than 30 minutes with the right security
“We bring in our own unique IP and
14
and operational governance built-in.
third-party products from our part-
CloudForte enables innovation with
ners, value-driven processes, and
cloud services. For example, we have
certified cloud experts to offer the
a large public university with over half
best solutions for our clients,” says
a million students and for this client
Ramraj. “Rapid provisioning and high
we set up a cloud data lake powered
availability are a key focus. A public
by AI services. We are now able to
Unisys - TrustCheck CLICK TO WATCH
|
5:03
15
predict and drive student graduation
Service). When customers are adopt-
rates with timely intervention. That’s
ing IaaS, they’re still responsible for
the power of cloud to drive the right
the workloads, e.g. making sure the
business outcomes.”
virtual machines are patched to avoid
“Cloud adoption needs a solid
being vulnerable to the increasing
understanding of the shared respon-
threats. In the case of SaaS, clients
sibility model for security between the
are still responsible for the data
organisations and the cloud provid-
and access controls. Cloud Service
ers. This varies based on whether
Posture Management (CSPM) is
they are adopting IaaS (Infrastructure
increasingly important as organisa-
as a Services) vs. PaaS (Platform as
tions have rushed to the cloud in the
a Service) vs. SaaS (Software as a
pandemic, and need to realise that www.uni s y s . com
UNISYS
“ I’m a firm believer in defence in depth and I don’t believe there is a silver bullet out there” — Jamie French, Director of Strategy and Portfolio Security Solutions, Unisys
16 mis-configuration is one of the leading
hybrid-cloud environments, and pro-
causes of security breaches.”
vides an automated and optimised way
Newly released CloudForte capa-
to continually manage overall cloud
bilities include over 2,000 automated
environments including cost, security
security policies and support for over 15
and performance.
compliance standards (e.g. GDPR, CIS,
Jamie French is Director of Strategy
NIST, HIPAA). They include checklists
and Portfolio - Security Solutions
that enable well-architected reviews
at Unisys and oversees TrustCheck.
across multi-cloud deployments, accel- French says that he sees cyberseerate application modernization and
curity getting more challenging for
secure Kubernetes deployments. With
customers, rather than easier. “It’s
a comprehensive Cloud Management
getting more confusing for custom-
Platform and blueprints and accelera-
ers to choose from all the options out
tors, CloudForte helps organisations
there because there’s thousands of
with brokerage across their multi- and
companies that are claiming the same
things,” he says. “I believe in the zero-
offerings, TrustCheck is a security
trust principles and philosophy and
service delivered on an annual sub-
everyone says they do zero trust but
scription basis, providing security
it’s important that if you’re a consumer
professionals with updated information
that you strategically decide where you
on their organisation’s cybersecurity
should focus the security programme
posture and helps them understand
on because you don’t have unlimited
where they have risk and where they
funding to address these problems.”
should focus to reduce risk further.
TrustCheck is a new service that
“It’s a portal where we help custom-
draws on the strength of an analytics
ers understand risk in financial terms,”
model used in the cyber insurance
explains French. “When we looked at
industry to quickly and easily access
the market, we identified a communica-
the potential financial impact of cyber
tion gap where people were talking
risks. Unlike the other risk assessment
about implementing different projects
E X E C U T I V E P R O FILE :
Jamie French Title: Director of Strategy and Portfolio Industry: IT Jamie French, Director of Security Portfolio and Incubation is a seasoned information security leader and practitioner with over 27 years’ experience. Throughout his career, Jamie has held a broad and diverse set of roles working with every major market vertical globally. Jamie has been focused on bringing innovative solutions to market which solve complex high value customer challenges and use cases as simply as possible. www.uni s y s . com
17
UNISYS
and would say they needed a next generation firewall and would present this to decision makers. However, they didn’t see a return on investment and the language in the boardroom is dollars and cents. TrustCheck translates that risk and places a value on it. There is a feature called scenario lab which offers the ‘what if’ scenario and allows the user to apply a baseline to find the benefits and determine a cost. TrustCheck provides that level of confidence that an organisation is going in the right direction.” French affirms having an agile and proactive approach to the security landscape is essential. “It was important before COVID but it’s even more important now,” he says. “If organisations
TrustCheck), complement one another
were doing something to reduce risk
well. “I’m a firm believer in defence-
and secure their organisation before,
in-depth and I don’t believe there is a
then it was a step in the right direction.
silver bullet out there,” says French.
However, now, companies have
“Organisations need help understand-
a bit more of a limited budget in lots
ing and communicating to boardrooms
of cases and there is a bit of tightening
about what to invest in, which is why
of the belt. Now, making a mistake might
TrustCheck is so useful.” Ramraj likens
be fatal whereas before it might just
the three services as a layered cake
have been a lesson learnt. It’s a really
when combined together. “The cloud
important aspect to consider today.”
providers are covering off the data cen-
French believes that the three solutions (Stealth, CloudForte and
tre and physical security, we have the network elements that we have Stealth
19
to cover and the cloud workloads,
you have the security overlay and if
configuration, data and applications
you implement Stealth with the micro-
are protected by CloudForte,” she
segmentation it reduces your cost in
says. “These products are all comple-
relation to manpower and decreases
mentary to address all the layers of that
the reliance on dozens of different
cake.” Cavanna agrees and affirms that
security tools and reduces complexity
the three tools are a great foil for the
massively. These three tools comple-
other. “A lot of organisations are realis-
ment each other fantastically well.”
ing that VPN probably isn’t the way to go anymore and cloud is becoming the choice,” he says. “We have that ability with CloudForte to ensure everything is considered properly. With Stealth, www.uni s y s . com
P0WERED BY
www.unisys.com