Sitting down with Stefan Umit Uygur, Co-founder and CEO of 4Securitas, was both a pleasure and a privilege for Safety Detective’s Aviva Zacks. She had the opportunity to ask him how he sees the future of cybersecurity developing over the next few years, and this is what he had to say.
Safety Detective: What drew you to cybersecurity and what do you love about it?
Stefan Umit Uygur: I have been involved in the cybersecurity eco-system for over 20 years now. Information technology has always fascinated me, but as a young teenager, I wondered about information security. The more I raised questions around information security, the more I got into the cybersecurity world. Therefore, I’ve been active in cybersecurity both in my personal and professional life.
In my personal life, I was heavily involved in Free Open Source Software communities where I have also contributed in some ways to the early development of Linux systems. A while back, it wasn’t easy to handle a Linux system and at the same time, it was the only system that would allow me to do certain things that I was not able to do with Microsoft solutions such as windows systems. I needed an open solution where I could develop functions out of the ordinary and adapt to make a solution that would allow me to have a wider look at the security of information technology.
In my professional life, I worked in tech roles such as systems engineer, network engineer, system administrator, security analysts, security specialist, infrastructure specialist, solution architect, and so on, which covered almost the complete IT gamut and enabled me to understand every point of businesses and organizations.
Along with gathering knowledge about the needs of organizations, I also had the ability to discover a gap when it comes to cybersecurity defense solutions. This gap led me to think of a data-centric solution, which I mean as a solution built around the data layer rather than the network layer or network perimeter. That is when and how I finally decided to build a cybersecurity monitoring defense solution and I called it ACSIA.
SD: What do ACSIA’s products do to keep its customers safe?
SUU: ACSIA is an automated cybersecurity interactive application, which enables organizations to protect their data that every malicious actor would be looking for it. ACSIA is a data-centric, as opposed to network-centric, cybersecurity solution.
ACSIA is designed with a view of both offensive and defensive strategies, using the mentality and modus operandi of hacker methodologies and tools that can compromise security.
It offers an innovative approach to preventing cyberattacks for enterprises. The product is a data-centric endpoint detection and response (EDR) system with predictive analytics powered by machine learning (ML) and artificial intelligence (AI). It helps enterprises identify and repel cyber-attacks in real-time through its ability to detect offensive tools, pattern identification technology, and advanced correlation engine. It can detect hacking techniques in their very early stages, long before they become an offensive attack.
Moreover, it is user-friendly, simple to deploy and intuitive to operate. It requires only basic IT skills.
SD: What industries use your technology and why?
SUU: Our technology is used by a wide variety of industries. Any business where IT plays a key role uses our product and most of our customers already use other cybersecurity products. This is a key element to show how ACSIA can be seen as complementary to existing cybersecurity vendors and solutions rather than a competitor.
As to why they are using ACSIA, it is because they are clearly aware of the role that IT systems play in their business and day to day activity, and most importantly, they are aware that if these systems are compromised, blocked, or knocked down then the whole business goes down with it. The second reason is that they see the value in ACSIA and its data-centric technology.
SD: What is the biggest cybersecurity threat today?
SUU: Today everything can be manned remotely using technology, so imagine what happens when technology falls into the wrong hands and what they can do with it. Governments can be knocked down in minutes and organizations can be kept hostage or paralyzed by cyberattacks. And cyberattacks are constantly evolving by becoming smarter in order to bypass defense mechanisms.
You are no longer in front of a single individual anymore who targets your infrastructure. It’s bigger than that. Organizations are hacked by other organizations and governments in the shadows and likewise by sponsoring teams and skilled groups of hackers. So the biggest challenge is how to keep pace with it and overcome these attacks. It is not just a matter of fighting malware or low noise/profile attacks. Cybersecurity is placed today among five domains by governments and organizations like NATO.
SD: How will the cyberthreat landscape change over the next few years?
I think the cyberthreat landscape will grow dramatically and as we are witnessing at present, it is already difficult to stop attacks. This is because today’s cybersecurity defense system is primarily focused on network perimeter where the traffic is entirely encrypted. Today we see botnets (automated programs) that are attacking automatically on behalf of their creators, performing vulnerability scans and reporting back findings to their owners so they know what to do next, and they almost every time manage to bypass AI/ML algorithms. Tomorrow’s botnets will have the ability to do more than just scan, perform vulnerability scans or report back with the finding. They will have the ability to analyze that report, find out if there is any security hole, exploit that vulnerability, break into the system, perform file and data inventory to see what is on the server and if there is anything relevant. The botnet won’t just stop there; it will ascertain the relevance of information in the database, meaning it will check the validity of each record and information and once it has validated it will then get a dump of the data and return to its owner. This is not sci-fi, unfortunately, but reality. Those sorts of botnets will be able to bypass and defeat the most sophisticated AI/ML algorithms, and they will manage to break in.
The solution is to try to overcome a phenomenon like this is in the data-centric design.
For someone to manage to break into any system, they need first to gather some information from that system and, therefore, the ideal cyber defense solution should focus on what type of data that might be and what data one would need to break in, rather than trying to guess by monitoring encrypted network traffic and relying on AI. Artificial intelligence is not magic, and nor is machine learning. That is how we designed ACSIA—we taught the product what potential information one would need to break into the system and to track that down and stop it even before the attacks began.
All cyber vendors should do the same if we really want to keep the pace with cyberattacks. With the evolution of hyper-converged infrastructures, there will be less than 10 major companies that will dominate the data center and cloud solutions, and with that in mind, network perimeter solutions for cybersecurity will become obsolete (the cloud and data center dominants will build their own internal solutions to analyze their network traffic).
The good news is that since 4Securitas started developing data-centric cyber defense solutions, other cyber vendors have also started to work on data-centric solutions. I believe that in the next three to five years we’ll have a cybersecurity front that is mature, consolidated, and capable of eliminating threats that are constantly challenging organizations.