Interview: The Australian firm moving beyond cybersecurity's 'silver bullet' myth
Jeff Paine is the Founder and CEO of ResponSight — an Australian based cybersecurity firm that is rethinking breach detection and risk assessment.
“I founded ResponSight to solve a problem — a problem I have observed in the industry for 20 years. That problem is two-fold: the unacceptable period of time between a breach and its detection, and the habit of security firms to declare the creation of ‘silver-bullets’ that actually leave companies vulnerable to attack.”
ResponSight provides enterprise risk profiling through behavioural analytics, focussing on risky user and endpoint activity that serves as an early warning system. Since its founding in 2015, ResponSight has continued to grow regionally and is poised for international expansion. MitchelLake’s Robin Block sat down with Jeff to discuss opportunities within the industry and the future of cybersecurity.
What specifically does ResponSight do — why is it important?
Jeff: The core of our technology operates on the observation that people are predictable — that behaviours are routine. We all open up our laptops and do mostly the same thing every time.
The key, however, is that although we follow individual patterns, we are very different from each other. We are able to profile users by their signature use and activity patterns, without needing to know who they are. If the activity breaks patterns, then that becomes interesting.
We are looking for trigger points that show a change in activity and a change in profile that is an indicator of risk. We are doing this through the use of telemetry and metrics — pure statistical data, we don’t collect any private or sensitive information ever.
We are also fundamentally trying to change the way the industry operates. Traditionally, vendors have had a tendency to market their technology as a solution to every problem.
In the 20 years I have been in the industry, I have never seen that to be the case. We are looking at which vendors we can partner with to deliver something greater than our component pieces. The reality is that most security vendors overlap in their capabilities, but are also differentiated.
The key is to rationalise the overlaps and work to create total coverage through cooperation. I think that this approach is becoming more and more accepted. However, I also think that that acceptance comes out of years of failure to provide the necessary outcomes. 15 years ago, when I was in the market with my first security start-up, cooperation was unfortunately not an option.
What is the vision for the company?
Jeff: The vision has always been the same — attract a growing number of large enterprises with millions of endpoints collecting telemetry, and bridge the gap between early warning and the better utilisation of existing investments. I have almost been surprised at the continued relevance of what we are doing. I had the idea back in 2010, 7 years later we haven’t had to pivot. We haven’t changed our approach or strategy in any way. There is a clear appetite for what we are doing.
We are investing regionally, but we also have one eye on strategically positioning ourselves to expand overseas. We are currently refining markets and assessing partnerships.
Experience from my previous businesses has taught me that global expansion requires preparation. Being a partner-centric operation, getting those partnerships right is key to our success in any territory. To attract partners, we have to positively benefit the clients we have — it is a virtuous circle.
What do you see on the cutting edge of cybersecurity — what is in the future for the Australian market?
Jeff: I feel like I have been saying the same things about Australia for 20 years. We come from a legacy of comparative complacency and naivete. However, I think the Australian cyber security market is growing in interesting ways. I am not sure if the pending mandatory breach notification legislation is going to be a trigger event.
In my personal view, it is hampered by a quite soft definition of what qualifies as a ‘breach’. It has not caused the same type of ramp up we have seen in response to GDPR, which I view as a more interesting road test for stringent legislative architecture. It is clear, however, that spending will increase. But, it is not clear how much the predicted numbers are being conflated with cloud technology and if the focus will remain on technology or transition to human resources and the huge demand for skills.
AI and machine learning are an absolutely fascinating development in analytics. However, most companies that say they are doing AI, aren’t — the technology just isn’t there yet.
My view is that we are still in the early stages of decent machine learning. The thing people need to keep in mind moving forward is the same problem ‘big-data’ had — garbage data leads to garbage conclusions. Machine learning and AI will find patterns in any data you give it, but those patterns aren’t necessarily going to be useful.
I think people need to be wary of the promises being made. I would be very interested in how it functions — how it learns. With that said, there is a reason everyone is talking about it — there is a lot of potential.
Article by Robin Block.