HP [HPQ] recently introduced an expanded suite of cyber security services and products that it is offering in particular to customers with large information management systems to improve their understanding of risks and threats, provide real-time response, and provide distributed management tools depending on security responsibilities throughout an enterprise.
HP’s expanded Enterprise Security Solutions portfolio builds on three acquisitions the company made in the past year of ArcSight, Fortify and TippingPoint, allowing it to offer more integrated and comprehensive solutions.
The new solutions will help customers assess their security environment, including obtaining a worldview of the cyber threat landscape through a large database, Prescott Winter, public sector chief technology officer for HP Enterprise Security, told sister publication TR2.
HP will help customers better understand their internal and external risks through a one-day discovery workshop, which in turn helps them move toward a risk management framework, Winter said. “It’s a metrics-driven approach to this issue,” Winter said. “It’s not just fear and doubt.”
“The whole name of the game is seeing what’s going on…at network speed,” Winter said. You have to know who is in your network and pull all the data into a coherent picture, “then you can begin to manage and protect,” he said.
Once you have the intelligence on the internal and external threats, it has to be managed through a risk-based framework, Winter said, “so that you really know which things are going to do you the most harm if they get broken, if they get compromised. And that level of sophistication is something that very few of our customers actually get to.”
Once risk management is understood along with having the security intelligence in place, HP has a portfolio of tools for endpoint protection, cloud security, and a tool acquired with ArcSight that enables users to bring together security data and to “weave it into a coherent picture and to act on it quickly,” Winter said.
This is a key offering and it’s more than just situational awareness because it gives users “online, real-time assessments” based on the security data “of what’s happening in your network, how serious it is, what the priorities are for responding to it” and even allows for automated remediation “depending on the degree of certainty you have about the actual diagnosis,” Winter said. Without that certainty then there are analytical tools to be used, he said.
The final component to the new expanded security offerings is the distributed management tools for an enterprise. The picture for the operations manager is going to be different than for a high level manager, Winter said.
A commander just wants to know that that the “most important information for conducting the mission is safe and will be there when it needs it,” Winter said. “The guy on the ops floor worries about the details of the attack and defense, what you’re doing to protect things, how you’re going to respond at the network level.”
As for the cyber security market itself, Winter sees it remaining “healthy” given the threat landscape and the fact that the federal government is taking it very seriously. He also says that while the government and large commercial enterprises are taking cyber threats seriously, smaller and medium-size companies where a lot of innovation occurs are not.