Future-proofing cybersecurity: Of Mormons and moms

By Gabey Goh July 29, 2015

Mindful of its heritage, Blue Coat is exploring new areas now
Research into linguistics and human behaviour key areas

Future-proofing cybersecurity: Of Mormons and moms

THERE is no doubt that Blue Coat Systems Inc has gone through a lot of changes in the last four years and has fallen off the radar, but the company believes it is poised for a resurgence – with the help of an acquisition spree, Mormons, and one executive’s mother.

“Three-and-a-half years ago, if you asked someone on the street ‘What’s Blue Coat?’ they’d ask ‘Clothing manufacturer?’ – and if you asked someone from the tech industry, they’d say ‘Those are the guys you buy a proxy from’,” said Blue Coat chief technology officer and vice president Dr Hugh Thompson.

“That was a place where we’ve been very successful, and even now I’d say our percentage market share is significantly greater today.

“That’s what people knew us for and that’s our heritage,” he told Digital News Asia (DNA) on the sidelines of the recent RSA Conference Asia Pacific & Japan (RSAC APJ) 2015 in Singapore.

According to a March 2013 report from Gartner, Blue Coat led the worldwide secure Web gateway market in 2012 with an 18% market share. The research firm noted that while the security market grew 7.9% in 2012, Blue Coat grew 12.8%, outpacing the market.

Thompson pointed to the mission current president and chief executive officer Greg Clark mapped out when he joined the company in September 2011, just before Blue Coat was delisted from Nasdaq when private equity firm Thoma Bravo acquired it for US$1.3 billion in February 2012.

“Greg [Clark] is a very interesting guy, very technical, and actually looks at our source code. Walk into his office and there’s a 50-50 chance that there’d be a spreadsheet or a compiler open,” said Thompson.

“He comes with a rich history in the industry and his mission for Blue Coat was to make it the strongest security firm in the space,” he added.

Key focus areas and … Mormons?

Future-proofing cybersecurity: Of Mormons and moms To become that ‘strongest security firm, there are three areas of focus that will be defining Blue Coat’s investment and research direction over the next few years, said Thompson (pic).

The first is a space that Gartner has defined as cloud access security brokers (CASBs), which are on-premises or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers, to combine and interject enterprise security policies as the cloud-based resources are accessed.

“CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorisation, credential mapping, device profiling, encryption, tokenisation, logging, alerting, malware detection/ prevention, and so on,” according to Gartner.

Thompson said Blue Coat already has some of these functions via its secure gateway product, but CASBs offer the ability to do more such as augmented authentication as well as in-depth logging and risk assessment.

The second area is analytics, which is already burgeoning, and one that Thompson believes is going to be important for a long time.

“There’s been a lot of random hype about it, but we’re really getting to a place where there’s real analytics going on, with actual algorithmic reasoning and pulling data from multiple sources,” he said.

Blue Coat has already devoted resources to the effort, with a research facility in Utah housing about 200 staff.

One reason for locating the facility in Utah, shared Thompson, is that unknown to many, the state possesses a massive capability for genealogy research and is already home to many data scientists and data analysts.

The other is the high concentration of linguistic talent, thanks to the large Mormon community and the Mormon Church’s programme for sending missionaries around the world to places where English is not the first language – as a result, they are also pioneers in rapid language learning techniques.

“Why do we care? Because we see well over a billion web traffic hits a day, many to previously unknown sites, so that’s a lot of data and that’s why we have the data analysts,” said Thompson.

“But with these big data sets, we also have to figure out what these sites are. Are they for gambling, news or porn? Are they dangerous?” he added.

The answers to these questions are complicated and a big part of getting the answers comes from linguistics – for example if a site ‘talks’ like a gambling site, then it is crucial to be able to codify the key phraseology, turn it into a big algorithm, and run everything through it in order to get smarter about identifying similar sites.

“The fact is, there’s a lot of recidivism and repetition in the cybercrime world, so just by the phrasing of something on the site – in addition to other techniques – we can build models to help predict which ones will be bad,” said Thompson.

“For example, when looking at a new site, everything might seem fine – but based on this set of facts, we can be almost positive that this is being staged to be a malicious site,” he added.

Behaviour-based security costing … and mom

The final, and longer-term, area of research focus is on human behaviour – Thompson believes this is going to be very important and is one he’s personally passionate about.

“Can we protect against social engineering? Can we put set shields around a person who’s more susceptible than someone else?” he said.

“For example, my mother is a wonderful person but is a disaster waiting to happen when it comes to the Internet – she will click on anything, even an email saying she’s won the Greek lottery. In contrast, I’m extremely paranoid about my activities online.

“This forms an aspect of both our personalities and the way we work. But if we’re working in the same company and department, can protection differ in scope and cost?

“My mother pays less for her phone bill and that’s fair because she doesn’t consume as much data or travel as I do, and the security business might turn out like that.

“To a business unit, my mom – having been identified as a higher risk user – would have a security bill that’s three times higher than mine because every online action she does will get run through the entire gambit of analytics and sandboxing.

“It’s still very early days but I think at some point, we might see costing models around that approach to security,” he added.

Next Up: An ‘insane’ acquisition spree sparks Blue Coat’s renaissance

Related Stories: