Mobility and Cloud Services will drive Web Security Market : David Wigley

Yogesh Gupta February 24, 2016
Mobility and Cloud Services will drive Web Security Market : David Wigley

We are web security experts stopping malware rampage through a multi layered defense system across large multi gigabit environments, says David Wigley, CEO, ContentKeeper.

ContentKeeper Technologies is witnessing a great demand for its web security and malware defense solutions. The eighteen year old internet security company headquartered at Australia witnessed a 187% growth over last year with huge demand from north American markets, said David Wigley, CEO, ContentKeeper Technologies.

In an exclusive interview on his recent India visit; Wigley spoke about how ContentKeeper secured large and complex networks across the globe. We present you the excerpts.

How does ContentKeeper as a Web filtering and malware defense vendor justify the end point and network security demands of its customers?

ContentKeeper solutions fit into any large enterprise or telco environment. There are a number of catalysts to our business, but the original and primary driver often forgotten these days is around productivity. Companies allowing employees access to the internet want to make sure they are working and not playing – that is basically Web filtering. We help them enforce a work ethic and gain more productivity out of the environment.

Our solutions also stop rampage by malware through a multi layered malware defense system as none of the different technologies in the market ensures cent per cent security. We have layers of engine-on-engine to detect malware more accurately. Companies should put a malware defense system to build more security, save operational expenses, and gain faster return on capital amongst other benefits.

Why should organizations rely on ContentKeeper when there are other established players like Websense and Blue Coat?

The market’s driving factors today revolve around controlling applications, BYOD and mobile filtering. We have an excellent ‘tamper proof’ solution for iOS devices. Handing over a mobile device to a staff member with turned-on filter is a completely pointless exercise. We are one of the planet’s two vendors offering this tamper –proof solution which makes our technology a great option for mobility security across organizations.

The mentioned companies Websense, Blue Coat and even Cisco etcetera offer proxy based devices that fail to deliver good throughput at high speed. That’s why ContentKeeper dominates at the top end of the town across large multi gigabit environments. We often do not encounter Websense, Blue Coat in such projects.

A customer site was filtering 4 gigabit per seconds (Gbps) traffic. A leading security vendor offered 8 racks full of equipment while we walked in with a one 1U rack mounted server on a piece of hardware. Instead of spending a couple of millions on hardware, the companies can save the money with our device with the same filtering at the same speed.

But proxy based devices do sell in the market. Is this mostly due to some aggressive push by vendors or is it because the CISOs are unaware of the limitations of proxies? 

The bandwidth requirements previously weren’t at high levels. So proxy based devices worked adequately to the speeds of 600 to 700 Mbps. Also the customers probably bought the biggest and most expensive box (from competition) to avoid slowing of networks when speeds escalated in future.

The other big disadvantage with proxies is the limited number of sessions they can cope up with. Transparent bridge by ContentKeeper has no limitation on simultaneous sessions at extremely high speeds around 4 to 6 Gbps from IU device whereas other vendors struggle with a room full of computers for the same job.

CISOs have to assume the security risks at all levels from outside and inside the company, from staff, from employees, from hackers who have managed to get through first layer of defense to the next layer. They can infiltrate the organization this year and maybe steal the data for over three years while sitting in the network.

Has the way enterprises buy security solutions changed over the years?

CISOs are lot more worried about the driving factors of malware defense and mobility as there is more malware out there. Like CryptoLocker in recent past which wrecks the entire network and then it takes lot of money to avert this ransomware. Everyone was absolutely paranoid for good reason even before the malware entered their network.

It is lot cheaper for CISOs and companies to install good defenses for malware than just hope and think that breach will not happen to them. Because it will.

Probably, CryptoLocker attacks on personal and official mail ids are rampant with senior executives receiving 6 to 8 per week. It needs one employee to click a wrong file to spread the ransomware across the network and lock all the files.  The company within minutes goes from 100 percent operational to being zero operational, unless you pay the hackers.  

Any best practices for CISOs for a more robust web security?

Firewall is obviously the first line of defense. Then a Web filtering system preferably with some malware defense built into it. And the final line of defense is desktop AV.

Today’s malware engines are reactive defenses which are signature based systems. They detect a piece of malware like traditional AV. But due to emergence of newer threats, a new copy of the threat with different signatures is created. Every user gets different versions of the same piece of malware and hence signature checking systems aren’t good anymore. That’s why advanced malware protection like behavior analysis systems and sandboxing systems are needed to catch zero day top threats before they end up in your lap.

ContentKeeper fortunately is in a good spot to offer these advanced technologies. Also the global mesh system at the backend filtering more than 21 million devices instantly shares information in real time to alert the companies and keep them more protected.

With proliferation of social media across organizations’ users, how important is the work culture as one wrong move can compromise a company’s security posture?

I don’t think CISOs are educating their users nearly enough. They (users) need to be told not to click anything--especially an attachment--and they should look at the address header and its intent. If it is not sent individually but to a group or with no firm address then it is definitely suspicious. Or PayPal renewal request through a Gmail address is surely a malware. Look at header information and mail subject and instantly delete if found suspicious. The sender (the genuine one) will resend the mail  if it is so important.

Why do hackers inch ahead of security vendors leading to incessant increase of breaches?

It's a bit of a war out there. Every time somebody comes out with a good defensive idea, somebody works out on how to get around it.

It is very easy to achieve 90 percent secure level without the need to break the bank for it. Putting fundamentals in place (firewall, malware defence and desktop AV) keeps most threats out. For 95 percent protection, an extra spend is needed and 98 percent level would cost an arm and a leg. And companies can never get to 100 percent and the breach incidents will continue.

The more layers of malware security and defence in place, the more secure you are. It is like castle fortification in the medieval era wherein you build the layers one on top of the other as much as one can afford. The higher the brick wall, the better is your defence.

Read more: The 7 security backdoors that helped kill faith in security

I won’t say that all businesses race out and install sandboxing systems because the data collected might not be useful for them. But sandboxing is extremely important for verticals like banks, government to track targeted attacks and generate some defenses for the same.

What are the sweet spots of ContentKeeper in terms of enterprise size and verticals?  Does your GTM strategy revolve around greenfields or replacement market?

The main addressable verticals are large - enterprise, government, education and telcos. The bigger the network, the most cost effective are our solutions. Any vertical with lot of seats and big pipes (internet) is our sweet spot. ContentKeeper also addresses SMB segment or organizations with 500 plus users. And our largest customers have hundreds and thousands of users.

There are few greenfields but most of our GTM extends with ‘rip and replace’ mode. We are replacing the competitors because they don’t have the feature sets needed for complex high speed networks. Issues of latency and frequent slowing down leading to bottlenecks are compelling companies to often shift to ContentKeeper.

What technology trends in 2016 will drive for businesses to adopt Web security solutions?

Mobility and Cloud services is a big movement for companies to invest on Web security solutions.

The security industry is kept on its toes by the multibillion malware production industry where hackers are stealing people’s money and disrupting businesses. Ransomware is not new but it has gone from something that you hear ‘happens to somebody else’ to ‘something that is likely to happen to you’ any day of the week.

The dramatic increase of bandwidth usage is a major opportunity for us. Because the proxy based devices of competition is nearing the end of their lifespan. We are developing proxy based technology for two decades and command a great lead over them. They will be at bigger detriment as network usage becomes complex and speed increases to 1 Gig.

More than 80 percent of Internet will be SSL encrypted in the next four years as per reports. Big players like Google and Yahoo have moved to SSL and that’s the writing on the wall. ContentKeeper’s third generation SSL decryption facilities can decrypt at speeds of 3 and 4 Gigabits per second on web filtering malware security device. That’s a major advantage (decrypting SSL is not an easy task) which enabled us to win many deals in multi gigabit networks especially in the US markets.