At the 2018 World Economic Forum, out of 30 possible global risks tracked by the organization, the potential damage from cyber attacks was named the third most likely to happen, right after extreme weather events and natural disasters. But let’s be honest: this disturbing trend comes as no surprise. Remember last year’s breach that exposed the data of some 57 million Uber passengers for users for more than a year? Or the WannaCry ransomware attack wreaking havoc in our hyperconnected world? Or, most recently, Facebook’s privacy trainwreck? By the way, just as a PSA from your friendly neighborhood CISO, you should probably check your credit report if you haven’t lately.
These are just a few incidents that have made the headlines in the past few months (read: these are just the ones that have been publicly disclosed). Many of these cybercriminals are very intelligent and, perhaps more importantly, creative. That said, many of them are still using the same tools and tricks they have been using for a decade. It's just that the digital world is a lot bigger and there are more people with access to sensitive data, which increases the potential for mistakes. And frankly, the risk vs. reward is just too tempting for cybercriminals, especially those operating outside of the U.S.
The word is out. Security teams and CSOs/CISOs know they can't get sloppy, and there is no lack of technology available to help them meet minimum security requirements. If it were strictly the by-night Mr. Robot and Elliot Andersons of the world against today's technology and experienced security teams, I'd put my money on the good guys. Unfortunately, many companies are still dealing with vulnerable legacy applications and outdated access control methods, and that tilts the tables in favor of the bad guys.
In TrendMicro’s latest predictions report, Paradigm Shifts, they list the convergence of information technology (IT) and operational technology (OT) as a trend that puts enterprise applications at risk. This is the crux of the IoT threat. As the digitally connected world gets bigger and cloud environments reach a higher degree of maturity, companies are increasingly exposed to malicious attacks. As a consequence, organizations–especially software providers–have to adapt their security measures to this new reality. And OutSystems is no exception. Quite the contrary in fact.
Changing the Methods
OutSystems significantly accelerates the development of mission-critical applications while also meeting strict security requirements. As of the writing of this blog, we have 196 points of security already built into the platform. But new threats force us to review our processes constantly and adapt our security strategy to fit the requirements of cloud-focused enterprises. Because, as Gartner puts it:
“A dedicated, well-financed actor who is after something in your enterprise is going to get it, even if they use the weakest link–people–to do so. This means adapting your security setup to focus on detection, response, and remediation. That’s where the cybersecurity fight is today. In the future, it will most likely move to prediction of what’s coming before anything happens.” Kasey Panetta, Gartner.
In a move to be more proactive with cybersecurity and more predictive and preventative of increasing risks and threats, we recently launched a new Security Operations Center—the SOC!
Meanwhile, Back at the Security Operations Center
More than a cool-looking space, the SOC is an integral part of our strategy to prevent attacks before they happen. The SOC also houses our Computer Security Incident Response Team (CSIRT), a crucial component for ensuring the security and success of our customers.
In the SOC, the CSIRT uses the latest security software to provide 24x7 monitoring of our platform and customer applications, along with ongoing analysis of information and event correlations identified by our specialists. Advanced threat detection provides immediate intelligence to our security team so that they are alerted of a potential threat. This way, we’re able to foresee problems that could impact our customers, analyze attack trends, stay up-to-date on regionalized threats through our connections in the global threat intelligence community, and keep an eye on abnormal uses of the OutSystems platform.
Let’s be clear, OutSystems is not just getting into the managed security space. We’re excited enough to have been named a Leader by Gartner in its latest LCAPreport; we don’t also need to be listed a Leader in their MSS report too (at least not yet).
The SOC is an evolutionary step in the security of our platform and our customers. People alone cannot correlate millions of data points and spot trends and track usage on such a large scale. And software lacks the intuitiveness that comes from years of security research. Our new SOC brings the best of both software and people together for tighter security and better protection.
But wait, there’s more! The SOC and our CSIRT, while great additions, are just two parts of the overall OutSystems security program.
Sentry is a new security service from OutSystems that builds on our existing threat protections and reinforces them with additional security, risk management, and monitoring for a SOC2 Type II compliant low-code cloud platform (a.k.a. certifiably really, really safe).
- Comprehensive security: We’re not kidding around when we say “comprehensive.” We’re talking about the latest in advanced integrity monitoring, antivirus, anti-malware, intrusion detection and prevention systems (IDS/IPS), File Integrity Monitoring, virtual patching, security information and event management—just to name a few.
- Proactive monitoring and support: This is where our SOC facilities and CSIRT shine. The OutSystems SOC is staffed 24x7 by our CSIRT. They are responsible for identifying and classifying incidents and analyzing risk.
- Risk management: Not wholly unlike comprehensive security, this is more geared to the customer ecosystem versus a particular technology. With Sentry, customers benefit from a dedicated environment for their systems, which includes load-balanced front-end servers and a standby, fully redundant database to ensure a greater than 99.9x% uptime by default. Sentry also provides for more granular oversight in the form of strict change request procedures and a 1-year retention policy of all logs to support any necessary audits or forensics.
- Compliance: You guessed it: this is all of the certifications OutSystems complies with. Examples include ISO 27001, ISO 22301, and SOC 2 Type II. We’re also members of the Cloud Security Alliance and through our cloud vendors, we offer data center compliance and accreditation.
With the cloud conquering the enterprise world and cyber-attacks becoming an ever-present reality, proactive prediction and prevention should be at the center of any security strategy. With OutSystems Sentry, our customers can focus on building apps that transform their core business processes and delight their customers and spend less time worrying about their security posture and compliance.
You can learn more about OutSystems Sentry online.