UPDATED 15:45 EDT / FEBRUARY 17 2017

CLOUD

The cloud-native approach to cognitive tech for data security | #GuestOfTheWeek

Many successful built-in-the-cloud companies are emerging, and they are finding that being cloud-native provides the opportunity for better security. The benefits of the cloud — flexibility, simplicity, scalability and reliability — all extend to securing data in the cloud as well.

“Being native-born, understanding how the cloud works and how to secure data in the cloud has really put us ahead of the curve, and the industry is just now catching up,” said George Gerchow (pictured), vice president of security and compliance at Sumo Logic Inc.

Born in the Amazon Web Services Cloud, Sumo Logic, a cloud-based log management and analytics service, has an advantage when it comes to security in the cloud, according to Gerchow. The cloud-native platform runs by using machine learning and artificial intelligence to secure data in the cloud by providing real-time threat alerts.

During the RSA Conference in San Francisco, Gerchow met up with Jeff Frick (@JeffFrick), co-host of theCUBE, SiliconANGLE Media’s mobile live-streaming studio. During the interview, the main topic was about threat intelligence and built-in security on cloud-native platforms.

This week, theCUBE features George Gerchow as our Guest of the Week.

Locking down data with cognitive tech

When it comes to threat intelligence, using the built-in security available from a cloud provider can prove to be a wise choice, even if you are using a hybrid or on-premise solution, Gerchow said. Sumo Logic offers its customers a security analytics platform, built at scale, handling multi-tenant structures that are native to the cloud. Customers have a single pane of glass into the full application and infrastructure stack.

Gerchow disclosed that one missing piece has been added to the company offering. Now it is using and supplying customers free threat intelligence feeds into the platform. These feeds, along with integrated threat intelligence and inter-security analytics, will enable deeper forensics on malicious IPs and provide indicators of compromise around URLs and domain names.

In the data security industry, the goal is to find that needle in the haystack and surface-up a potential threat or vulnerability right away, according to Gerchow. “So having that more real-time, deeper visibility into what’s taking place on those high-treat items, that’s even more critical once you’re moving out to the cloud,” Gerchow said.

Recent predictions made by Palo Alto Networks in its 2017 Cybersecurity Predictions: Machine Learning and AI-Driven Frameworks Shape Cloud Security report revealed that 2017 will begin a trend of using autonomous approaches to cybersecurity. In part, the research specified open-source artificial intelligence and machine learning frameworks as the catalysts to this new direction.

Sumo Logic uses machine learning analytics to find patterns and problems and predicts potential threats in real-time. The technology allows users to run searches and take advantage of transaction analytics to monitor systems across infrastructure stacks.

Customer attitudes are changing as well, according to Gerchow. He relayed the fear of not having control over data once it is in the cloud. “The reality is I can do some of that at scale in some of those automated systems in the cloud to make the data more secure once it moves out there. I can leverage the power of code to really lock down how that data is protected against inside sources and external sources,” he said.

Along with cognitive technology, there is another way the cybersecurity industry is conquering the attacks. Collaboration among the community is helping to uncover threats. Sumo Logic is receiving threat feeds from CrowdStrike, which provides endpoint security strategies, and partnering with OneLogin to authenticate credentials. Participation from the ecosystem is critical for security experts, Gerchow explained.

“It takes an ecosystem. There is no silver bullet. There is no one company, one solution that solves a problem. It takes a collaboration of vendors and partners to get this done, and I feel it and live it internally,” Gerchow said.

One of Gerchow’s priorities for 2017 is to focus on Distributed Denial of Service attacks in the cloud. The hackers gain access to multiple entry points to compromise targeted resources. DDoS uses botnets to invade a system and many of the attacks are global.

“This keeps me up at night. That’s one of the things I’m focusing on right now,” he said.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s on-the-ground coverage of the RSA Conference 2017.

Photo by SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU