Jason Burn, the newly appointed Pacific regional sales director for security firm Imperva, has targeted organisations’ growing need to overcome the limits of legacy data-protection platforms to meet the evolving challenges of the IT security market.
Those needs had evolved steadily, particularly in recent years as new forms of attack and growing volumes of advanced persistent threats (APTs) posed new challenges for enterprises. In many environments, however, existing security technologies had failed to keep up with the times, Burn told CSO Australia.
“Security really is all about the data,” he explained. “It’s about what people are looking for, and what they want to steal or manipulate or sell. And as we get more data that we need to keep in certain structures, or as unstructured data, more of it is going to sit in certain places that are maybe not protected.”
“As this happens, they need to go more about security the data as opposed to just the defence of the network. Ten years ago, your IPS and firewall were pretty good at blocking those things – but those platforms are now ten years old, and that’s the problem.”
Imperva headhunted Burn from IBM Internet Security Systems (ISS), where he admitted that despite “good people and good culture” the challenge of building a consistent security story was complicated by the sheer breadth of offerings: “you would bring together a whole lot of disparate technologies, go to market, and hope for the best,” he explained. “It can be a hard task.”
Given Imperva’s finer focus on data protection, Burn is enthusiastic about the opportunities to help clients develop robust data-protection infrastructure in the fast-growing security environment within Australia and elsewhere across the region.
A focus on strengthening the “not very well known” Imperva brand, exploring new opportunities with partners and working with the company’s “great team” locally will help bolster the company’s regional position, Burn said, with new initiatives such as spinoff Imperva Incapsula strengthening its position as an enabler of cloud-computing initiatives.
Those initiatives need to leverage off of proceduralised data protections that become more important as cloud programs disturb the conventional positioning of data and applications.
“Your own homegrown applications – the ones you present to your business and partners and customers – are the ones that threat actors are after these days,” he explained. “That has completely changed from fat client technology ten years ago, where nothing was Webified and everything was internal.”
“It has all changed a lot, and it is really the area where we see most of the vulnerabilities. Our roadmap over the next 12 to 24 months is all around file security, looking at unstructured data, and protecting what is some really important information that lives inside the files and databases.”