Cloud adoption has revolutionised security operations for organisations but has also introduced new risks. Nasar Saddiq, Senior Regional Manager, Middle East & Africa, Rapid7 tells us how Rapid7 helps organisations address key challenges and why a cloud centric approach is important, as well as how organisations can best prepare and implement a strategy that protects them against threats.
Can you tell us about Rapid7’s evolution and its offerings?
The heart of Rapid7’s evolution has been down to the vision of our executive leaders – our CEO, Corey E. Thomas, and our Chief Innovation Officer, Lee Weiner. They’ve really had a clear vision on how to build great security products and offerings for the market.
We also have a very good culture, with core values around ‘never being done’ and ‘impacting together’. That has resonated and helped us to evolve and make sure we’re relevant to customer needs or requirements.
A key part of us evolving and understanding what customers need is down to our global research and threat intelligence team. We have a couple of key projects, one of which is around global Internet scanning and honeypot networks. That gives a good understanding of risk and exposure with external assets and how attackers are trying to breach networks.
We also have Metasploit – the number one offensive security penetration testing tool. With that, we have more than 300,000 contributors busy providing exploits and helping us to understand attacks.
All of that global research and threat intelligence goes a long way to help build really good products. We’ve organically done some of this through R&D, but we’ve also done it through key acquisitions in log management, cloud or container security and application security over the past six years.
That’s really culminated into having a security operations platform which we call Rapid7 Insight that essentially gives a customer the capability to address vulnerability risk management and application security, same-day detection and response, coupled with cloud security and automation of security processes.
Within that platform, Rapid7 have multiple leading technologies which are recognised by and validated by third party analysts.
How has cloud revolutionised security operations for organisations and what are some of the threats that have been introduced through cloud adoption?
In terms of cloud security there are many benefits, one of which is centralised security. Just as cloud computing centralises applications and data, cloud security centralises protection. It also reduces the cost of cloud storage and eliminates the need to invest in dedicated hardware.
In terms of improving cloud security, there is a ‘shift left’ approach which essentially means shifting security early in development of the lifecycle so you catch any misconfigurations before they go live, reducing the noise and being able to prioritise and act more efficiently with a unified view of data risk and automated workflow so you can set your own conditions and automate the actions your teams need to identify, assess and remediate threats in real time.
We’ve also got the unique capability within our cloud security solution offering to provide a single, unified view of cloud assets across multiple public clouds. That really makes it easier to manage and apply security policies consistently and our relationship with AWS to host and integrate the Rapid7 and Insight platform gives our customers the reach and complements what they currently have in usage with AWS.
Can you talk us through some of the key challenges that your customers are grappling with right now?
I think one of the key challenges is leveraging or migrating to cloud, however each customer is on their own journey in terms of reducing their security achievement gap. At Rapid7, we’re trying to meet customers where they are and address their challenges head on.
What I’ve experienced with customers on the ground over in the Middle East and in Africa is that sometimes they are very concerned because of their workload and operational silos within their organisation and teams. There are also limited resources, and I think we all understand the shortage of security talent in our industry.
Unfortunately, some customers are struggling with having qualified security talent in those areas such as malware analysis, threat hunting, forensics, AI or cloud. It’s important that organisations are constantly recruiting and retaining talent.
How can Rapid7 help organisations to balance continued innovation and risk management?
I think it’s easy to see that one of the biggest obstacles is ensuring that you have good operational security.
Tools and teams sometimes aren’t working together and where we can help is to dismantle the silos and connect your technologies, processes and people, even beyond security to include it in development.
Our platform is really there as a business enabler to help organisations continue to innovate and transform digitally without being overly concerned about the security risk and security posture.
How can organisations best prepare and implement a strategy that protects them against threats?
Fundamentally, I believe organisations require sound security strategy planning and a roadmap. This of course is down to the talent you can hire, as well as leveraging vendors like Rapid7 and local partners.
But my real advice to customers is to always have a multi-layered approach – there’s no silver bullet in security, it is an ongoing field of improvement and making sure you have regular security drills and training is a typically consistent process for all organisations in my opinion.
Being realistic is also important. Sometimes organisations may overstretch themselves because they’re trying to do too much and they don’t end up meeting their goals. So, have a plan and make sure you’re realistic about where you are in terms of your process, your people and your technologies, and then make a sound decision based on that.