As patching burden overwhelms, RedShield spruiks virtual patching in Australia

Growing Australian demand for security tools meant “the time is right” for New Zealand security firm RedShield to jump into Australia on its way to a full-fledged global presence, the company’s founder has said as it announces an Australian distribution partnership for tools designed to insulate businesses from exposure to known vulnerabilities.

Fast-growing New Zealand security firm RedShield grew out its roots as a software developer in the 1990s and an ethical-hacking provider in the 2000s to refocus its efforts on the security space. Experience working in larger enterprise environments made it clear that many organisations were simply struggling to keep up with the pace of vulnerability discovery – leading to the creation of its eponymous tool, a “defensive measure” designed as a buffer to protect legacy systems from vulnerabilities.

“The problem people had was keeping up with the never-ending threat, particularly in the applications space,” RedShield CEO and co-founder Andy Prow told CSO Australia.

“It has been a very unfair battle: defenders need to defend every way in – and as systems grow they become larger, more complex, and slower to keep up to date. When you look at supply chain, HR apps and the like, the security posture goes downhill really quickly.”

RedShield – which is represented in Australia and New Zealand by Kordia – has been designed for rapid implementation, he said, with setup in “hours or days on systems that might take hours or years to upgrade and fix”. A library of 4500 application-specific shields has been built to protect against specific vulnerabilities that are usually well-known but may not have been patched in a particular customer environment.

This puts it squarely in the market for ‘virtual patching’ tools, which were called out in a recent Aberdeen Group-McAfee analysis that recommended the technique as a way of minimising exposure to threats without having to methodically find, patch, test and remediate every potentially vulnerable system.

Rapid response is critical when it comes to dealing with new threats: a recent Proofpoint analysis found that 48.6 percent of users clicked on a new vulnerability-exploiting email within an hour of its receipt.

Yet with many companies struggling to find enough manpower to respond as quickly, Prow said, the ability to throw up a barrier would appeal as a substitute. Because the system is continually monitoring for attempts to exploit known weaknesses, it is also able to deliver meaningful reports that help CSOs highlight just how real the threat of exploit is.

“The corporate enterprise environment is now a hostile environment,” Prow said, noting that the system works “hand in hand” with conventional vulnerability discovery programs. “We spent a lot of time considering how we can help customers focus on their ROI: if a shield gets triggered 300 times in a day, we know that’s 300 breaches that were avoided.”

Delivered on a SaaS basis through Amazon Web Services, Microsoft Azure and IBM SoftLayer, the system has been popular with New Zealand government departments that are, like agencies in Australia, facing a mandate to push towards digital transformation but often struggle to retire rusted-on operational systems that still need regular patching.

“With many of our customers, the systems we shield are only a few years old,” Prow said. “But with the budget it took to build them, they’ve got another 10 to 15 years’ shelf life. We never claim to be the last thing you need, but this allows us to help companies focus on long-term goals.”

The company’s move into Australia will be spearheaded by newly appointed country manager for cyber security Michael Warnock, with channel manager Tim Steele working from Kordia’s Sydney office to build out the local channel.

Gartner recently predicted that information-security spending would reach $2.8 billion this year, up 2.5 percent over last year. This fell short of global figures of 7 percent growth, which Gartner said would be driven by spending on application-security testing tools, particularly as part of evolving DevOps practices.

"Rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services," said Gartner principal research analyst Sid Deshpande in a statement.

"Doing the basics right has never been more important. Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralised log management, internal network segmentation, backups and system hardening.”