Summer has come to a grinding halt – vacations are over, my kids are (begrudgingly) heading back to school – and it is an apropos time to be starting a new adventure myself. I’d be remiss if I didn’t take the opportunity to thank the Dtex team and community for such a warm welcome as we kick off this next chapter of growth and innovation together.
As it always goes when taking on a new leadership role and joining a new organization, I’ve been having a lot of meaningful discussions over the past several weeks with customers, employees and colleagues. Let me answer for you the question I have gotten most often: “Why Dtex?”
The easy answer, of course, is the market opportunity – but it goes much, much deeper than that.
The market for insider threat solutions, within the overall cyber security space, is unquestionably large and growing rapidly. Just last week, I came across commentary from an FBR analyst estimating that “spending on next-generation security will jump 30% in 2016, though total IT spending is seen rising just 3%.” Gartner estimates that IT security spending will soar from $75 billion-plus in 2015 to $101 billion in 2018; research firm Markets and Markets sees the cybersecurity market hitting $170 billion by 2020. While in this case the term cybersecurity does encompass a wide range of technologies and capabilities, there’s certainly no shortage of statistics telling us that a massive opportunity exists here. Exciting stuff.
That being said, those who know me well know that my passion and experience is deeply rooted in solving customer problems through technology – more specifically, through technology that can also have a meaningful, profound impact on the way we do business. Data security, transparency, and endpoint visibility aren’t buzz words; they represent real, significant concerns and challenges facing today’s CIOs and CSOs. A few more statistics: Piper Jaffray reports that 81% of CIOs ranked endpoint security at their top priority in 2016. At the same time, a recent crowd-based research study revealed 74% of organizations feel vulnerable to insider threats, but only 42% have the appropriate controls in place to prevent an insider attack.
And even then, many of these controls are legacy solutions solving yesterday’s problems. There is no shortage of companies willing to help you instrument your data, or throw you thousands of alerts a day. There is, however, a dramatic shortage in talent available to make these alerts consumable – to cut through the noise. An even greater shortage exists for solutions that enable a rich, contextual understanding of what is happening with your users – and therefore, your data – in a simple, sophisticated way.
It’s important to start by acknowledging that users today understand more about technology, and more about how to be productive and successful in their jobs using technology, than ever before. Yet traditional approaches that monitor for risky behavior across the enterprise are focused on blocking the user, locking them out, or limiting their productivity. And when something escapes those above-mentioned controls, IT resorts to fishing through millions of logs to try to recreate what happened long after the fact. That just simply isn’t sustainable or scalable.
Alongside the user discussion, there is inevitably the need to talk about privacy. While spend is dramatically on the rise, so is the rate of data breaches; in May, the Identity Theft Resource Center (ITRC) reported that data breaches are up 21.5% compared to last year. A recent study from the Ponemon Institute reports these breaches now cost $4 million annually – and while 48% are the result of a malicious user, even more (52%) are the result of a negligent employee or a system glitch due to IT or business process failure. Just look at last week, where careless password management at Dropbox led to more than 68 million accounts being compromised, while a separate data breach was revealed by cloud-based password security app OneLogin.
Controls are critical. But if you cannot use those controls to mitigate issues at the network, the application, or the device level…. what is left? The user. The answer is to understand the context and meaning of user actions quickly so that you can respond.
The enterprise of the future is about transparency. It is about trust – and about rapid response when that trust is misplaced. The need is for a scalable platform that enables you to get rich information without violating user privacy, which is critical in establishing that trust.
That is what I have found here at Dtex: a revolutionary solution built from the ground up to address insider threats and outsider infiltration, empowering companies across the globe to protect their most valuable assets – their data AND their employees.
We’re here to build the enterprise of the future… and I’m ready to get to work.