Cohesity To Launch New SaaS Solutions To Fight Ransomware
‘New exploits are found all the time. This is an arms race. Every time you put out new functionality that’s really sophisticated, hackers are going to attack it and find exploits,’ says Chris Wiborg, vice president of product marketing for Cohesity.
Cohesity is set to launch two new security offerings in 2022 that will complement the data protection and management technology firm’s threat defense construct and give customers a leg up in the ransomware “arms race.”
The San Jose, Calif.-based company will release DataGovern, currently in early access preview, as a data security and governance service that uses artificial intelligence to discover sensitive data and detect abnormal access and usage patterns that could indicate a potential attack.
Project Fort Knox, the second service also in preview, allows customers to maintain an isolated copy of their data in a Cohesity-managed vault. In addition to immutability, this gives customers another means to thwart attackers trying to encrypt data.
“[Ransomware] is not just an IT operations or an InfoSec problem anymore,” Chris Wiborg, vice president of product marketing for Cohesity, told CRN. “It‘s not just the CIO’s problem anymore. It’s not just a Board level problem anymore. It’s something that’s hit the general public consciousness.
“New exploits are found all the time,” he added. “This is an arms race. Every time you put out new functionality that’s really sophisticated, hackers are going to attack it and find exploits.”
[Related: ConnectWise CEO Jason Magee: ‘Those Rumors, Not True’]
Before they would just encrypt data, he said. Now they go after the backup and the insurance policy.
“Fast forward to where we are today where the criminals come after your data and they don‘t just destroy it or encrypted, they actually steal it,” he said. “They exfiltrate it and they hold it hostage and they threaten you if you don’t pay them a ransom.”
DataGovern automates and simplifies data classification with predefined policies, such as HIPAA, to meet compliance and governance mandates, detects behavioral anomalies in near real time and triggers remediation workflows with leading security orchestration, automation and response (SOAR) platforms.
“The thinking behind it is that we really need to start to converge realms that are related in our mind that often in large enterprise are separate,” Wiborg said. “You have an InfoSec team that‘s worried about defending your perimeter, protecting your endpoints and knowing who has access to data. Then they have a data governance team who are more in the data privacy or compliance camp.
“The question is, if you‘re trying to defend your data but if you don’t know where it is and what’s the most important stuff, how are you really going to solve that problem?” he added.
“DataGovern is able to not only give you streamline compliance reporting, because now you know where the data is and who has access to it, but it also allows you to quickly fix things that potentially have gone wrong.”
Project Fort Knox is a modern way to solve that problem where you get isolation recovery, but it‘s designed for the cloud era.
“We’re giving you the ability to have this isolated vault that has ransomware detection capabilities built into it,” he said. “As part of that solution, customers also have a recovery sandbox.”
Rishi Bhargava, vice president Product Strategy for Cortex XSOAR, Palo Alto Networks and a partner of Cohesity’s said providing data security and a fast response to attacks are critical as they jointly help customers combat cybercrime.
“Through Cohesity’s integration into the Cortex XSOAR platform, we are helping our mutual customers combat ransomware attacks by quickly detecting and responding to critical data security alerts,” Bhargava said.
And not one vendor can solve the ransomware problem, Wiborg said.
He said a lot of it starts with hygiene and the immutability so hackers can’t destroy an insurance policy or backup data.
“This is not a one-time problem, this is an evolving problem,” he said. “You need a set of products and a broader architectural approach to attack this. But with some of these new products we‘re giving them the opportunities to upsell. Having conversations around this concept of secure data isolation is evolving.”