Cloud security specialist, Vormetric, has launched operations in A/NZ following the increasing focus on cybersecurity compliance with the introduction of new privacy legislation.
The company has appointed former Oracle sales leader, Damian Harvey, as the new country manager to lead the charge into the market.
According to a company statement, the company’s decision to formally launch here represents a response to a number of factors.
“The increasing focus on organisational cybersecurity compliance following the Australian Privacy Principles (APP) which came into effect on March 12,” the statement said.
“The recognition that perimeter-based cybersecurity has repeatedly failed to stop significant breaches; and a growing concern that an organisation’s data has become a magnet for a ‘hacking growth industry’ using social engineering and other forms of advanced persistent threats that bypass perimeter defences and standard security protocols.”
Harvey said data was the new currency.
“Whether you’re talking personal records, credit details, medical records, blueprints to a proprietary device – data is valuable to criminals and other actors,” he said.
“Everything from Snowden to the major retail breaches is confirming that cybersecurity has been focusing on the wrong thing, working from the outside to the inside, instead of the other way around.
Massive amounts of money were still being spent on firewalls, access monitoring and the like, when, frankly, the data itself is often walking right out the door and into the wrong hands, Harvey said.
“As a digital economy and society, we urgently need to adopt a ‘data-centric’ model and move away from the illusion that perimeter security is working.” Vormetric, which has more than 1300 customers in 20 countries across banking, healthcare and government, is already working with a range of partners in A/NZ.
Harvey said adopting a data-centric model challenged the complacency, and even the culture, of many organisations.
“Almost any organisation will readily admit that data is its most valuable asset, often its crown jewels,” he said.
“This data may even be encrypted. But if you ask who’s holding the encryption keys to that data, you’ll frequently find that either people don’t know or that the keys are all in the hands of one person.
“If that’s the case, you might as well not have encryption, because your data is fundamentally insecure if you don’t have proper key management. \
“While privileged users are vital to the operation of any network, and are usually deserving of trust, the stakes are too high – you don’t ever want your privileged users to be free to pillage your data.”