Ray Hicks, Founder & CEO
Reports of cybersecurity breaches with varying levels of severity—some of which have even forced CIOs to step down—surface almost every alternate week. Not all these undesirable incidents occur at the scale of the infamous attack on Equifax or that of WannaCry ransomware. However, a minor breach is enough to tamper the reputation of a business significantly. As such, enterprises and white hats are on a constant endeavor to proactively track and prevent breaches. Meanwhile, cybercriminals, on the other hand, are honing their skills with new tactics.
Amidst this continually evolving duel, enterprises, in an attempt to stay protected, often make hefty investments in purchasing several cybersecurity tools and solutions. However, with disparate tools from multiple vendors, it often becomes a tedious job just to manage them, let alone scrutinize the growing number of alerts. On top of that, organizations are often in the dark and overwhelmed when it comes to understanding returns on their cybersecurity investments. Altogether, these factors undermine the very purpose of these very same cybersecurity investments.
Set against this backdrop, 5thColumn is led by a simple yet powerful mission: simplifying the infinitely sprawling world of cyber tools and systems, dispelling enterprises’ concern over cybersecurity by bringing real-time threat protection and enterprise data security solutions. The company’s system-agnostic and flexible security orchestration platform, BOSS™ (Business Operational Security Suite) takes a revolutionary approach to safeguarding an enterprise by gathering all of an organization’s tools into a single dashboard. “Unlike a rip and replace technology, our solution easily integrates with products that clients have already implemented. It reduces the complexities of managing multiple products by synthesizing outputs from disparate tools into a common vernacular,” says Ray Hicks, Founder & CEO of 5thColumn. As a next-gen platform, BOSS™ coordinates and facilitates cyber-threat management, intelligence, and automated response.
Security Orchestration with BOSS™
BOSS™ can be deployed in a matter of hours requiring virtually no customization upon integration, BOSS™ quickly discovers every connection to a given infrastructure. It then prepares a valid list of known and approved devices connected to the organization’s network infrastructure and categorizes them based on their functions or roles. Finally, by idenfitying assets that may have a negative impact on business and prioritizing them for remediation, BOSS™ allows clients to stay one step ahead of cybercriminals and other threats.
"We perceive cybersecurity as the ultimate hygiene of an IT infrastructure that needs to be maintained and operated properly"
Leveraging the BOSS™ platform, organizations are able to make well-informed decisions as to where and how they need to apply their resources for remedial activities or what processes (or parts of processes) can be automated. “The choice for automation often depends on the asset being compromised or affected. For example, installing automation engines for remediating certain workstations can be done without much thought. But when it comes to an application server or other publicly facing assets, human teams may prefer to supervise remedial workflows,” comments Hicks.
BOSS™ offers a comprehensive dashboard – a single pane of glass – that presents all the customized, prioritized, and relevant reports for users.
Unlike a rip and replace technology, our solution easily integrates with products that clients have already implemented
Traditionally, security analysts depend on disparate tools and systems to aggregate, identify, and corroborate events, which typically means disparate reporting to manage, and potentially conflicting or missed signals. Eliminating these challenges, 5thColumn’s dashboard presents every necessary analysis and accurate information to the security team. “Reports are aggregated from outputs of all the systems that an organization has, providing a clear and managable view of the company’s digital security threats,” says Hicks.
The platform also calculates and demonstrates a cyber risk score against NIST and OWASP Top 10 framework. This cyber risk score provides a real-time overview of a company’s systems strengths and weaknesses and compares the organization’s susceptibility trend to their industry peer group. In stark contrast to standard security tools that burden users with alerts, 5thColumn’s AI-driven solution works efficiently to help businesses overcome any duplicity expense and additional overhead. “Our clients are able to quickly and effectively understand the role and security stance that each of their technology is playing and make sure that their strategies are well-devised to secure their infrastructure,” says Hicks.
Interrogating Every Nook and Corner of a Network
Another crucial component within 5thColumn’s solutions stack is INTERROGATED™—a mechanism that enables companies to collect and aggregate targeted threat intelligence as well as identify new hotspots of risks, whether they are event or activity driven.
For years, enterprises have been relying on traditional, albeit ineffective, network protection measures to identify risks. By keeping a close vigil on the entire network, INTERROGATED™ identifies cybercriminals, their activities, and malicious programs on any part of the network infrastructure, and seals every open end. Ultimately, by defining and monitoring the network’s perimeter, it ensures that every connection is “interrogated.” “Also, we can substantiate what is being sent between two end-points that are in question. If it’s outside the boundary of business logic or a potential threat, the platform quickly undertakes remedial measures,” says Hicks.
Another aspect that keeps 5thColumn ahead of the pack is their first of its kind insurance industry-backed cyber warranty. Unlike traditional cyber insurance that only covers defense costs or the lawsuit in a post-breach scenario, 5thColumn offers virtually unlimited warranty coverage and professional services as a remedial measure.
Scripting Success Stories
With its powerful solution and unique value proposition, 5thColumn has helped a legion of mid-market organizations that often struggle to maintain seasoned and efficient security teams. “Instead of being vertical-specific we’ve gravitated toward high-risk, high-stakes organizations across healthcare, manufacturing, financial, and legal spaces. Managing large data assets, including payment card information or highly sensitive customer data, is a challenge for these enterprises, and our products and services help them stay secure. “ says Hicks.
In one such case, 5thColumn helped a client in the financial sector that had robust anomaly-based intrusion detection systems in place. However, the tools were inundating the company’s IT team with lots of alerts and “whistles,” often driving their internal teams to put efforts on false positive alarms. This not only hampered the whole process of the investigation but led to the typical “boy who cried wolf” instance— wherein the security teams started ignoring genuine alerts by falsely assuming they were insignificant ones. As a result, it did not take long for the financial services provider to come under a ransomware attack.
Engaging with the client in this critical situation, 5thColumn deployed its proprietary tools for incident response and ensured only a single entry point into the infrastructure. “Deploying a seamless integration with their existing systems, we quickly accessed their environment and various tools,” says Hicks. 5thColumn helped the client detect the root cause of risk and undertake measures to mitigate them. The partnership with 5thColumn also allowed the company to make infrastructural enhancements pertaining to isolating sensitive data and compartmentalizing roles and functions, among many others. The client also gained a better perspective on their cybersecurity readiness and the technology required for better ROI going forward.
"To remain secure in today’s volatile risk landscape, it is important to have the ability to see the larger picture"
Benefitting the Whole of Enterprise IT
Backed by the prowess of its unparalleled security solutions and positive feedbacks, 5thColumn plans to continue at the frontline of its clients’ cyber-defense initiatives. The company is currently developing a new solution model based on a microservices architecture that will allow broad integration with third-party plug-in modules.
In the days to come, 5thColumn will release a self-service scheduled scanner solution that can scan application servers and source codes running on those servers to identify threats. Additionally, the company plans to redefine the entire process of cyber risk scoring. Historically, the procedure used to rely on potentially corrupted and publicly available information. With its new mechanism, 5thColumn will be able to collect and share risk scores based on real incidents that take place within a company’s infrastructure. Other companies will be able to utilize these risk scores to assess similar risks in their environment and ultimately be ready to mitigate or respond to them.
hitting the market regularly, but many of them focus only on a few, specific problems,” says Hicks. To remain secure in today’s volatile risk landscape, it is important to have the ability to see the larger picture. 5thColumn helps clients achieve this. “We perceive cybersecurity as the ultimate hygiene of an IT infrastructure that needs to be maintained and operated properly, hence we focus our efforts on providing clear, efficient cybersecurity solutions that allow IT professionals to perform their jobs most effectively,” concludes Hicks.