John Ryan of Zinopy says the advent of GDPR is changing firms’ mindsets – By Quinton O’Reilly
The best defence is a proactive approach, and Zinopy has the means to do this.
“[Businesses] can’t abdicate their responsibilities; we monitor their environment but they’re responsible for the consequences,” says John Ryan, chief executive of Zinopy. “We use the analogy of the alarm system, the alarm being the technology and the monitoring being us, but then the customer has got to go and change the locks if the keys have been stolen or repair the window or put in extra locks if they’ve been breached.”
If there’s one thing that Ryan has noticed, it’s that security has come to the fore for businesses. It’s been a slow process, but the upcoming GDPR regulation is one aspect that is helping change this mindset.
“What’s bringing it out to the fore is the regulatory environment, where the regulations are catching up,” he says. “People are now beginning to say, before ‘it was in my own hands, I lived or died by it but now I have regulations that I need to comply with, possibly hefty fines as well’.
“The attacks are escalating but also people’s consciousness of them is increasing. If you look at a piece of malware, the mean time it sits somewhere before discovery is about 150 days. It was 250 days, now it is 150, and it keeps dropping. That’s because people are waking up to the issues about attacks.”
The sheer rate of change is something that’s apparent in the tech industry as a whole, but especially in cybersecurity. Ryan says that Zinopy’s services allow companies who can’t invest in security personnel a significant advantage, as many features are under the one umbrella, instead of being scattered across different services.
“Over the years, they’ve also put on increasing complexity in their environment so they put in solutions, typically point solutions to address the threats, started way back in 1994. We were one of the first companies to bring firewalls into the country,” says Ryan.“At that point, people thought having a firewall meant they were safe but we’ve been selling a lot of solutions since then in terms of advanced malware protection, URL filtering, web gateways, IPS, you name it and it’s come in.
“On average, customers would have up to 40 point solutions or maybe even more, larger organisations might have up to 80 point solutions, from maybe 30 or 40 different vendors because it was a best-of-breed type situation. Nobody had the entire story so that’s [a] challenge that customers face, how do they manage all this infrastructure and how do they get visibility of it.”
With a mixture of monitoring, detection and response methods, Ryan is confident that Zinopy can deal with the threats that emerge. In recent months, it moved into its new Security Operations Centre which will give it more robust capabilities when dealing with problems. Yet the main aim is to ensure problems are detected before damage is done.
“We work with preventing solutions, we monitor them, keep them up to date, consume the logs, but a lot of our effort is on the other areas and trying to identify issues as early as possible, explains Ryan. “To thwart them by blocking the chain, knocking off the issues as they arise as opposed to waiting until there’s a big incident.”