Data is essentially inert and passive, lacking an inherent ability to either control its own fate or mitigate risks while at rest, in transit or under process. Data loss and theft of valuable information is a symptom of the problem. It’s the result. NOT THE PROBLEM.
Situational Analysis: Barely one in five organizations implement encryption policies while sharing sensitive data intra-system, and only one in three implement encryption policies while sharing sensitive data inter-system. WHY? Simply put, there are not enough skilled cyber-pros to go around. To integrate the effective and diverse cyber-technologies (both the hardware and the software) into a cohesive solution that defeats the inside attacker is a complex and expensive proposition. And, this requires the skills of trained, experienced and trusted cyber-pros to minimize the initial investment as well as optimize the on-going operational effectiveness and costs. Likewise, not only is there a shortage of skills capable of building security into the applications themselves, but the dev-tools available fall short of making it easy to optimize performance (availability) and protection. There are more vacancies for these roles than there are people (or “AI”) to fill them along with a void in data-layer tools that automates these protection and performance processes.
“How do you close the gap? How do you expand the thru-put of the trusted cyber-pro?”asks Jeff Snyder, Founder of CyberStratos LLC, a panel member at the April 2019 Millennium Alliance Transformational CISO Assembly in Nashville. “How do you implement Secure Software Development Practices when you don’t have the ideal tools and the skilled resources?” For many SMBs and Enterprises, they shift these responsibilities and accountabilities to the Cloud. “Have you thought through this strategy?” asks Dr. Ed Amoroso, Founder of TAG Cyber and moderator of the panel. From the attackers perspective… GAME ON! Which would you choose, invest in attacking ten thousand different entities with ten thousand different pay-offs, or attack ONE “in the cloud” with ten thousand pay-offs? These skill and dev-tool gaps also translate into supply chain exploits. The strength of any given supply chain is defined by its weakest link. Aside from the insider threat, more and more of the successful attacks on the big enterprises begin with one of their smaller and less equipped suppliers.
Marketplace Needs: To fill the void, the C-Suite and related leadership are trying to drive cultural change, trying to catalyze optimization of security and availability within and between disparate systems, trying to make it as part of the original design. But these efforts are throttled by a lack of resources and tools. The industry needs dev-tools that:
- Multiplies skilled resource productivity;
- Establishes data as the last layer of defense; and
- Automates optimization of protection and performance processes.
The Invention: The fusion of a configurable – nano – Intelligence Module with data… empowers data at rest, in transit and under process. The Sertainty solution transforms data from a liability to an asset. Our Vision is to establish a new standard toward protection of our nation’s intellectual property and without compromises, the privacy of our citizens.
Data:empowered satisfies needs NOT met. It fills a void. The value of Sertainty isn’t about fixing things broken – IT’S A BREAKTHROUGH. It changes the rules of the game. Re-defines trade-offs. Re-sets the cyber-domain. It shifts anomaly detection to anomaly prevention. Perhaps, even, render moot the “zero-day?”
Executive Vice President