Rawpixel - Fotolia
Newly formed security firm Forcepoint combines technology and expertise from Raytheon, Websense and Stonesoft to focus on defending users, data and networks from internal and external threats.
The move follows the successful integration of the technologies after a series of acquisitions, first of Websense by Raytheon in May 2015 and then of Stonesoft’s next-generation firewall business and Sidewinder proxy firewall technologies and teams from Intel Security in January 2016.
Forcepoint is a joint venture of the Raytheon Company and Vista Equity Partners, with the stated mission of enabling organisations to embrace transformative technologies such as cloud, mobility, internet of things (IoT) and others using a unified, cloud-centric platform with unified management and threat intelligence for faster, better decision making.
“Although the company already has 22,000 enterprise customers, we decided to rebrand to forge a new identity for the innovative things we plan to do,” Mike Siegel, vice-president of product management at Forcepoint, told Computer Weekly.
The platform is designed to safeguard users, networks and data, while at the same time eliminating the inefficiencies involved in managing a collection of point security products.
“We have set out to solve the intractable problem of securing users, data and networks in a world of escalating threat and dramatically changing infrastructure, compounded by the fact that most organisations have deployed dozens of disparate point products that do not communicate with each other, do not have an integrated understanding of threats, and do not share information to better piece together the full story,” said Siegel.
A key object of the Forcepoint Triton security platform is to minimise the time between compromise and remediation, known as “dwell time”, and to stop theft by focusing on insider threat protection, cloud data protection and network security.
Making security investments pay off
The company, based in Austin, Texas, is also aiming to simplify compliance, enable better decision-making and streamline security.
“Organisations need a system that doesn’t just create tens of thousands of new alerts that they somehow have to figure out what to do with, because they don’t have the people to chase each one of these alerts; they need a system that does a lot of that work for them,” said Siegel.
Forcepoint’s platform is designed to correlate disparate events over time that may be part of a single, multi-vector attack to ensure that organisations apply limited resources only where necessary.
“We have the expertise, financial commitment and ongoing access to unique, defence-grade security technology necessary to deliver this, said Forcepoint chief executive John McCormack. “Defend, detect, decide, defeat – this is our vision for Forcepoint 4D Security,” he said.
Siegel said Forcepoint’s platform will be able to tap into third-party security systems with a set of application programming interfaces (APIs) to enable organisations to get more value out of their existing security investments.
“This is a multi-year endeavour. It will take more than one quarter to accomplish, but we believe we have the necessary financial backing and the team that can do this,” he said.
Three new security products
The company launch coincides with the release of three new products to provide insider threat protection, cloud-based protection of Office 365 and security for highly distributed networks.
Forcepoint’s SureView Insider Threat provides an early warning system to identify the riskiest users in an organisation, based on their behaviour and information from Forcepoint’s Triton AP-Data data loss prevention (DLP) system.
According to Forcepoint, its Triton platform is now natively hosted in Microsoft Azure, enforcing DLP for Microsoft Exchange Online in Office 365, directly from Microsoft’s own cloud.
“Forcepoint’s Triton security solutions enforce consistent policy across the cloud, on-premises and at endpoints, providing a unified, hybrid defence for distributed, highly mobile organisations,” a company statement said.
Siegel said Forcepoint has built capability it its AP-Data and AP-Email products to make them applicable in an Offce 365 world.
The Forcepoint Stonesoft firewall, it said, is designed to deliver the most resilient and distributed next-generation firewall to make strong network security easy for highly distributed organisations.
“Stonesoft provides consistent visibility, responsiveness and policy enforcement across hundreds or thousands of locations with a single management console,” the company stated.
Siegel said once integration with the Stonesoft technologies is complete, existing Raytheon, Websense and Stonesoft customers will all “benefit from higher security efficacy and capability because of the shared, distributed network”.
Forcepoint, he said, will continue to support all existing products and will provide the integration hooks to ensure that when Forcepoint’s products are used together, customers will be able to “extract more value”.
According to Siegel, there is no redundancy or overlap as occurs with some acquisitions, with all the technologies brought together by Forcepoint being entirely complementary.
Asked about the cost implications of the move for existing customers, he said the total cost of ownership will remain the same, with no plans for changes to current licensing.
However, he said, those customers which choose to consolidate on the Forcepoint platform will benefit from a reduced total cost of ownership.
“Our main focus will be on helping customers to see the benefit of acquiring additional capabilities, such as those provided by our three newly launched products,” said Siegel
Although some of these already have customers, he said the Sureview Insider Threat product has not been available before outside government contracts, and provides a capability that relatively few organisations have despite concerns about insider threats.
“For existing customers, we are bringing new technology to help them address new problems such as the insider threat and moving to cloud that integrate with what they already have installed,” said Siegel.
For entirely new customers, he said, Forcepoint’s strategy is to solve a problem that is meaningful and novel rather than expecting companies to rip out existing products and replace them with Forcepoint.
“Once we have solved a problem well, we will focus on showing that other products in the portfolio mesh very well with the product they have just acquired from Forcepoint, and that because of the integrations we have built in, one plus one really equals three,” said Siegel.
In this way, he said, the company hopes to win new business by proving that deploying Forcepoint’s Firewall, web gateway or other security product will save money, provide a better security experience, and consolidate the operational requirements for managing security products.
“We are going to invest heavily in showing customers that owning multiple products under the Forcepoint platform is going to be in their best interest.”
Read more about the insider threat
- Enterprises may be increasingly aware of insider threats and believe they can find and stop them, but a recent Sans Institute survey suggests they may be overconfident and lack the necessary insider threat detection technology.
- The loss of patient data by an NHS trust underlines research that around a third of data breaches are caused by employees.
- The threat to an organisation’s data security from inside its workforce requires a considered and objective approach.
- A survey of 500 cyber security professionals offers insight into the state of insider threats and solutions to prevent them.