This argument, made by Omar Zarabi, founder and CEO of San Francisco-based Port53 Technologies, is one that predates the COVID-19 pandemic. As threat landscapes have become more insidious, and attacks more inventive, conversations about secured perimeters and safe connections have migrated from the server room to the boardroom.
But even as line-of-business executives have begun to realize that they operate within vulnerable digital estates, the cyber-conversation has changed shape. Even before COVID-19 became a core business driver, millennial workforces were demanding the opportunity to work more flexibly. And that meant a completely new environment with an architecture that expanded the attack surface to encompass non-corporate devices and other risks.
The tailored solution
Zarabi’s Port53 today follows the principle that since every organization is different, security solutions should be molded to fit business models.
“We want to help organizations cut out the noise and choose the solutions that best protect their environment against today's most advanced attacks,” he says. “Our goal is to help our customers come up with a security roadmap that supports their digital transformation goals.”
Zarabi’s team of experts start engagements with an operational audit that determines where an organization fits into regional, national, and international regulatory frameworks. Cybersecurity maturity may be judged against NIST, ISO, CMMC, or other industry-specific standards such as HIPAA (healthcare) or PCI (retail).
“It all depends on where the customer operates and how they operate,” Zarabi explains. “We’re not throwing spaghetti at the wall and hoping it sticks.”
Port53 began life helping SMBs achieve enterprise-grade protection at a viable price point. Over the past two years, however, the company has also been reaching out to larger corporations, with a “no customer left behind” ethos.
Amid this transition, Zarabi’s team saw cloud migration at scale and began to ponder the differences in these environments, and how they were not reflected in the threat postures of migrators.
“We saw all these applications and workloads moving to the cloud,” he says, “but security remained on premise. While it’s important to maintain your firewall and antivirus, and look after endpoints, the cloud brings in other dimensions.”
Connection and identity
Port53 began working towards bringing “a more rigorous and more integrated security stack” to customers of all scales and industry. Company specialists set about urging customers to consider the difference between on-premises and cloud environments. Their message was simple: while perimeters were the traditional obsession in premises ecosystems, end users who interact with corporate networks through Internet connections never hit those perimeters.
“They're never hitting the firewalls when they're going out directly to the Internet and connecting directly to, say, a SaaS application,” Zarabi notes. “There needs to be a foundational shift from perimeter-only postures to looking at security more from the connection and identity standpoints.”
There needs to be a shift from perimeter-only postures to looking at security more from the connection and identity standpoints
The emergence of COVID-19 and the subsequent need for remote workforces have accelerated cloud adoption and digital transformation, propelling feasibility studies to become production environments in mere weeks. With such rapid shifts to this new way of work, protection of identities and connections has now become more urgent.
Port53’s initial audit process has captured this need, as the company has engaged with digital accelerators and their migration journeys.
“During that [audit] step, we try to establish where an organization is today, in terms of not only their security posture, but also their digital transformation progress,” Zarabi says. “Have they started moving their workloads into AWS, Azure or Google Cloud? Have they started adopting SaaS applications? How do their employees interact with the Internet?”
‘Everyone is a target’
Zarabi concedes that protecting remote workers at scale would not be possible without recent advancements in connectivity. He credits Port53 partner Cisco on its work in this area over the past decade.
“Cisco [has] a wide spectrum of solutions, each of which integrates really well, out of the box,” he says. “That allows us to have tailored solutions for our clients, based on their way of working.”
As Port53’s customer base has burgeoned, Zarabi has been struck by the sea change in its industry makeup. Previously, customers tended to be organizations constrained by strict compliance obligations, but over the past four years, with the rise of attacks like ransomware and so-called “crypto-jacking”, it has become apparent that bad actors are prepared to target almost anyone, rather than just healthcare providers or financial services organizations.
“Today we support a hugely diverse array of entities, from public schools and community churches to manufacturing companies and defense contractors,” says Zarabi.
A small, rapidly growing retailer, he gives as an example, found itself with an expanding – and increasingly mobile – workforce that it needed to protect.
“But in terms of the IT team,” he points out, “there was still only a single IT Director trying to manage both personnel- and location-type goals. Not only were we able to leverage the power of the cloud to deliver robust security to the existing environment; we were also able to bake in future-proofing, where every time a new location opened up, established policies and protections would be applied automatically.”
A different kind of threat
This sudden expansion of employees in remote locations will be all too familiar to private and public enterprises around the world.
During this period, according to Zarabi, organizations fell into one of two categories. The first contained those that had already started to provide remote working to employees and had already implemented such security solutions. These companies needed only to purchase new licenses for tools already in place and “overnight, they were able to move their entire workforce, without much of a hiccup, to this new way of working”, Zarabi explains.
But as necessity forced responses from organizations determined to deliver safe working environments, many other IT departments – which had no pre-existing remote-working models – prioritized the distribution of devices and stable connections for the purposes of rapid continuity, neglecting to integrate sound security provisions.
“So, cybersecurity for the first couple of months [of the pandemic] was de-prioritized,” Zarabi explains. “Bad actors definitely took advantage of that.”
As ill-prepared organizations dipped their toes in the remote-working pool, a larger attack surface presented itself to sinister parties. Reports from around the world, including from Cisco Talos and the FBI, showed an acceleration of attacks during those early weeks, with marked frequencies in brute-force attacks and credentials thefts.
"It all depends on where the customer operates and how they operate; we're not throwing spaghetti at the wall and hoping it sticks"
In the next 12 to 18 months, Port53 has plans to expand its global footprint. While continuing to operate out of its San Francisco headquarters, and serve customers in Canada and the UK through its Vancouver and London offices, the company is also planning to set up shop in New York, in the heart of Manhattan.
Zarabi says the company will continue to lean on its strategic partners. Fellow US cybersecurity performance management specialist TrustMAPP has played a pivotal role in enhancing Port53’s ability to assess clients’ maturity levels against operations-specific industry standards, and implement a risk-based management approach to their security roadmap.
Zarabi also cites the company’s close relationship with network-technology giant Cisco in bringing value to Port53’s thousands of customers around the world.
“We have a great partnership with Cisco,” he says. “In Fiscal 2019, we were its number-one partner globally for Cisco Umbrella, their flagship Cloud Security Product.”
Delivering a full security stack to organizations from global corporations to mom-and-pop stores will require a continued focus on the things that matter to those customers, Zarabi says, adding that Port53 has set its sights on building out its product portfolio to become a true “one-stop shop”. He believes that the company’s success has come from working in a “risk-management roadmap environment, as opposed to an ad hoc environment” and that the ability to leverage the cloud as a delivery mechanism for comprehensive security solutions will continue to be a key differentiator.
He says: “You don't need to go talk to a firewall provider; you don't need to go talk to an email-security provider or an endpoint-security provider. You just need to talk to Port53.”