Story image

Interview: The Australian firm moving beyond cybersecurity's 'silver bullet' myth

21 Nov 2017

Jeff Paine is the Founder and CEO of ResponSight — an Australian based cybersecurity firm that is rethinking breach detection and risk assessment.     

“I founded ResponSight to solve a problem — a problem I have observed in the industry for 20 years. That problem is two-fold: the unacceptable period of time between a breach and its detection, and the habit of security firms to declare the creation of ‘silver-bullets’ that actually leave companies vulnerable to attack.”

ResponSight provides enterprise risk profiling through behavioural analytics, focussing on risky user and endpoint activity that serves as an early warning system. Since its founding in 2015, ResponSight has continued to grow regionally and is poised for international expansion. MitchelLake’s Robin Block sat down with Jeff to discuss opportunities within the industry and the future of cybersecurity.

What specifically does ResponSight do — why is it important?  

Jeff: The core of our technology operates on the observation that people are predictable — that behaviours are routine. We all open up our laptops and do mostly the same thing every time.

The key, however, is that although we follow individual patterns, we are very different from each other. We are able to profile users by their signature use and activity patterns, without needing to know who they are. If the activity breaks patterns, then that becomes interesting.

We are looking for trigger points that show a change in activity and a change in profile that is an indicator of risk. We are doing this through the use of telemetry and metrics — pure statistical data, we don’t collect any private or sensitive information ever.

We are also fundamentally trying to change the way the industry operates. Traditionally, vendors have had a tendency to market their technology as a solution to every problem.

In the 20 years I have been in the industry, I have never seen that to be the case. We are looking at which vendors we can partner with to deliver something greater than our component pieces. The reality is that most security vendors overlap in their capabilities, but are also differentiated.

The key is to rationalise the overlaps and work to create total coverage through cooperation. I think that this approach is becoming more and more accepted. However, I also think that that acceptance comes out of years of failure to provide the necessary outcomes. 15 years ago, when I was in the market with my first security start-up, cooperation was unfortunately not an option.

What is the vision for the company?

Jeff: The vision has always been the same — attract a growing number of large enterprises with millions of endpoints collecting telemetry, and bridge the gap between early warning and the better utilisation of existing investments. I have almost been surprised at the continued relevance of what we are doing. I had the idea back in 2010, 7 years later we haven’t had to pivot. We haven’t changed our approach or strategy in any way. There is a clear appetite for what we are doing.

We are investing regionally, but we also have one eye on strategically positioning ourselves to expand overseas. We are currently refining markets and assessing partnerships.

Experience from my previous businesses has taught me that global expansion requires preparation. Being a partner-centric operation, getting those partnerships right is key to our success in any territory. To attract partners, we have to positively benefit the clients we have — it is a virtuous circle.

What do you see on the cutting edge of cybersecurity — what is in the future for the Australian market?

Jeff: I feel like I have been saying the same things about Australia for 20 years. We come from a legacy of comparative complacency and naivete. However, I think the Australian cyber security market is growing in interesting ways. I am not sure if the pending mandatory breach notification legislation is going to be a trigger event.

In my personal view, it is hampered by a quite soft definition of what qualifies as a ‘breach’. It has not caused the same type of ramp up we have seen in response to GDPR, which I view as a more interesting road test for stringent legislative architecture. It is clear, however, that spending will increase. But, it is not clear how much the predicted numbers are being conflated with cloud technology and if the focus will remain on technology or transition to human resources and the huge demand for skills.  

AI and machine learning are an absolutely fascinating development in analytics. However, most companies that say they are doing AI, aren’t — the technology just isn’t there yet.

My view is that we are still in the early stages of decent machine learning. The thing people need to keep in mind moving forward is the same problem ‘big-data’ had — garbage data leads to garbage conclusions. Machine learning and AI will find patterns in any data you give it, but those patterns aren’t necessarily going to be useful.

I think people need to be wary of the promises being made. I would be very interested in how it functions — how it learns. With that said, there is a reason everyone is talking about it — there is a lot of potential.    

Article by Robin Block.

Aerohive launches guide to cloud-managed network access control
NAC for Dummies teaches the key aspects of network access control within enterprise IT networks and how you can secure all devices on the network.
Sungard AS named DRaaS leader by Forrester
It was noted for its disaster-recovery-as-a-service solution’s ability to “serve client needs at all stages of their need for business continuity.”
Gartner: The five priorities of privacy executives
The priorities highlight the need for strategic approaches to engage with shifting regulatory, technology, customer and third-party risk trends.
emt Distribution adds risk intelligence vendor
Flashpoint has signed emt Distribution to provide channel partners in Oceania and South East Asia a solution for illicit threat actor communities.
CrowdStrike: Improving network security with cloud computing solutions
Australian spending on public cloud services is expected to reach $6.5 billion this year according to Gartner
Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.