7 minute read
Trailblazer Guy Golan
Performanta: From military to cybersecurity
Name: Guy Golan, CEO of Performanta Job Title:CEO Company: Performanta
Advertisement
How did your time in the military prepare you for a career in cybersecurity?
My journey to cybersecurity exists as an accumulation of life experiences, particularly within the military. I was positioned within the Israeli Defence Force (IDF) between 1991 and 1994. Within this period, everything we did was relatively non-technological, yet I’ve realised that everything we were doing then directly reflects what is now happening in today’s digitally orientated society.
Similarly, I learnt a lot in the IDF about deception. This includes, how the concept of the ‘bad guys’ can be subjective; how the opposing side is likely thinking; and how to approach situations in a smarter way. Within judo, you learn that you don’t oppose the movement of the opponent, you embrace it, to ensure things keep moving in a desirable and frictionless direction. We can apply this to the deployment of our cybersecurity strategies.
How did you get your first big break in the cyber industry?
When we started in 2010, we delivered solutions on what we call a ‘journey’, whilst most other providers did box dropping, and still do to a degree. In 2016, we realised we could do more for our clients. We turned our focuses to the offensive side of security, to best understand how effective defences should work. It was incredibly disheartening to see that a lot of what we tried would be unsuccessful against offensive methods – but this is the reality of the threat landscape today. We were lucky to have this hard lesson early in our company’s development.
For others, the easiest path would have been taking the lifestyle route, focusing on personal benefit, rather than coming up with a genuine solution. But this was not in our DNA. So, we sat down to rethink who we were and what we were doing. Installing services and making them work well clearly was not enough. We came up with the concept of Cyber Safety – which we now hold at the centre of our business.
After debating the question of, ‘what do clients really want?’, and subsequently brainstorming human behaviours and desires, we realised it all came down to wanting to ‘know’ and be ‘aware’ of activities.
We therefore simulated an exercise with our clients to do the ‘triple A’ – awareness, acknowledgement, and action. Acknowledgement came down to businesses attempting to secure themselves, investing in tech, acquiring services from partners or vendors, then ultimately making them work well. Fundamentally, the outcome of these simulations resulted in the question, if security isn’t enough, then what is?
The answer: The concept of being safe.
What skills do you think a great cybersecurity professional requires?
Individuals must have a deep, up to date understanding of the world of IT and cyber. You must also have a clear comprehension of the business for which you are providing security, including what makes it successful. For that, you must have deep levels of curiosity. Another key focus is satisfying the board and shareholders – they determine what the future is.
What are the current threats that you think public and private sector organisations should be aware of?
I would argue that the scope of attacks has changed, and continues to change, significantly over the years, particularly as a consequence of the increased use of the cloud. The big attack vectors making the media headlines are the usual suspects – ransomware, DDoS and phishing – but responding to these threats requires more than just deploying solutions for specific
attacks. It needs a change in mindset, a much more holistic approach.
Defenders are adapting slower than attackers, so it’s more important than ever that organisations look to understand how areas at risk could be infiltrated from an attacker’s perspective. Having the ability to contextualise events to the specific business minimises the gap.
Why are you focused on Cyber Safety and why should potential clients care?
Cyber Safety, at its very basic level, is a continuous process, using real-time, accurate and relevant data to analyse moving risks per client and presenting the findings in an accessible way for all levels of the business to understand and make accurate decisions.
The core difference between Cyber Safety and cybersecurity comes down to what each concept aims to achieve. Whilst cybersecurity is the method organisations use to lower the risk and limit the impact of a cyber breach, Cyber Safety works towards lowering the risk and limiting the impact on the business itself, taking defence to a deeper level. It doesn’t necessarily mean you won’t be hacked, but being ‘cyber safe’ means taking the appropriate steps to ensure your business can carry on operating regardless of what happens.
There is a core difference between companies that peddle cybersecurity rather than Cyber Safety. Traditional cybersecurity providers will sell you point solutions, like MDR services or firewall management. This approach works well as long as it delivers a comprehensive view of your security stack and attack surface.
Customers come to Performanta with a myriad of requests, knowing full well the company’s capability of managing the entire stack, and reducing the short- and long-term impacts on the business itself. Our first step is to help companies determine their ideal end business-state – how they’re trying to run as a business. We then work back from that to calculate what we need to do to help achieve that state in the cyber space. After all, every product and service acquired has a business motivation to back it up.
One of the biggest challenges of cybersecurity is the overwhelming amount of data and alerts received daily. Performanta’s solution therefore only lets organisations know what they need to know, when they need to know it. If the company’s cybersecurity situation is quiet, then a report regarding their safety only needs to be given to them once a month or once a quarter.
When someone else takes charge of responsibly managing the safety and security of individuals, people are able and willing to continue with their lives without any concerns surrounding safety. So, if we take care of establishing Cyber Safety, this allows organisations to increase focus on business, and enables the client’s cyber team to work more effectively and gain the respect of the board.
However, if awareness is needed due to the probability of an imminent cyber attack, the business will be informed immediately. An organisation should be able to focus on business operations, making money and satisfying shareholders. Yet all too often, organisations are forced to focus heavily on security and defending themselves against an attack.
Organisations across any industry can apply Cyber Safety to their cybersecurity strategy. It starts with a mindset shift.
Think of an aeroplane. The staff are responsible for our safety as well as our comfort, but aside from a short safety
briefing at the beginning, all we’re exposed to for the remainder of the flight is their hospitality. We’re only then informed of other security updates when absolutely necessary. The same applies to the cybersecurity industry.
How does Performanta help these organisations become more resilient?
Currently, a misalignment exists between what a business wants and what security organisations are providing. Many claim that the answer is to ‘educate the board’. We take a different stance.
Working closely alongside the CISO or CIO, we help bring relevant data to the board so they can be directly involved in the decisions being made to keep the business safe. This approach is backed by tools and methodologies that were built to achieve this purpose and put the client at the centre of everything we do. Our solution starts at one end of the chain of command and seamlessly works its way across all levels, giving everyone access to consistent, accurate and relevant data. It allows our clients to run an effective cyber department backed entirely by the decision makers.
Furthermore, with our solution, companies can prepare well in advance for operational disruptions caused by breaches, such as downtime. This transparency allows organisations to focus on their own strategy and business successes, whilst maintaining up-to-date security data in real-time, knowing that they will be made aware of any threats when necessary.
What would be your tips for cyber security professionals looking to shift strategy in the latter half of the year?
My top tips would be: • Adopt data-based decision making • Look for relevant data for your own business • Gain as much visibility of your security tools and network as possible • Understand the customer-specific client context to provide effective cybersecurity • Seek business outcomes and measure against those as opposed to cyber outcomes
Once the above is achieved, you can provide the necessary tools and methods to key decision makers which allows them to identify the risks towards their business objectives moving forwards.
