By Ed Amoroso | April 7, 2022
In this guest blog, Dr Ed Amoroso, CEO, Tag Cyber, provides a high-level overview of the HelpSystems cybersecurity portfolio value proposition based on a mapping of its component solution offerings to the NIST Cybersecurity Framework (CSF) phases.
Forty years ago, an engineer in Minnesota decided that computer costs for the IBM System/38 were getting too high. So, he began investigating and building automation tools that would help to manage and administer these mainframe computers. His new business was soon called HelpSystems, and their suite of robotic tools for console management, alerting, and network support represented pioneering efforts in the use of automation for digital transformation.
Today, HelpSystems is innovating in a new area – cybersecurity, and it is doing so in multiple ways. HelpSystems is applying its decades of experience securing IBM mainframe systems to the problems of modern hybrid cloud infrastructure. Such expertise applies well, especially when one considers the obvious parallels between early centralized computing models and current methods for centralized control of apps, systems, and networks in the cloud.
In addition to leveraging its capabilities in securing IBM systems, HelpSystems has been active and aggressive during the past few years acquiring some of the best cybersecurity vendors – ones that offer capabilities in areas that are consistent with the ongoing major trends in the industry. The result is a comprehensive cybersecurity portfolio that combines practical legacy experience with innovative solutions from successful start-ups.
This blog series from TAG Cyber will cover the salient aspects of the HelpSystems cybersecurity offering with emphasis on its unique approach to enterprise protection. An important message in this and subsequent blog articles on the HelpSystems solution set is that a wide diversity of experience, perspective, insights, and technical approaches brings cyber defense to a new level. Such diversity is the basis for the HelpSystems cybersecurity value proposition.
A reasonable reference model to drive understanding of the HelpSystems portfolio is the well-known NIST Cybersecurity Framework (CSF). Its broad components cover the range of cyber defenses from early proactive security to later responsive actions. The HelpSystems offering lines up well with the continuous phases of the CSF and can help customers ensure a balanced and complete set of defenses for modern enterprise assets in hybrid cloud configurations. As we go through each phase, all the solutions mentioned are part of HelpSystems’ current cybersecurity portfolio.
The earliest phase of the CSF model involves identification of business assets and risks to support assessment, management, and governance. Beyond Security, Core Security, and Digital Defense, support unique aspects of world-class vulnerability assessment and management, which are essential aspects of the identification process. Powertech, an original offering from HelpSystems, has also always supported governance tasks for customers.
The second phase of the CSF model involves proactive protections via access control, awareness training, data security, and maintenance. PhishLabs delivers awareness training that reduces user susceptibility to social engineering attacks. Vera and Clearswift provide unique data security solutions, and Titus and Boldon James support data classification and security posture management for compliance.
The CSF model continues with the detection of behavioral anomalies and security-related events through continuous protection and monitoring. Digital Guardian offers world-class SaaS-based data leakage protections, which support continuous security. PhishLabs detects threats that pose risk across external environments such as the surface web, dark web, social media, and mobile apps. Digital Defense offers threat assessments which analyze assets for active threat activity and indications of compromise.
The fourth phase of CSF involves respond functions including response planning, situational analysis, attack mitigation, and security improvements. Agari supports many aspects of the NIST CSF model including reporting of potentially fraudulent email sources, thus enabling policy-based response based on the DMARC standard for email source authentication. Agari helps security teams counter advanced email threats using machine learning and phishing incident response automations. PhishLabs brings the capability to mitigate and take down external threat infrastructure through an array of integrations and relationships with hosting providers, registrars, and other service providers.
The final phase of the CSF model involves recover functions which require management planning, lifecycle improvement, and communications. GoAnywhere and Globalscape provides enterprise customers with secure managed file transfer and encryption which are essential to all phases of NIST CSF, but which are particularly useful for security planning and communications.
As will be highlighted in this blog series, enterprise buyers are well-served to partner with HelpSystems to optimize their cyber defenses. As suggested above, the diversity of expertise and insights from HelpSystems, derived from decades of experience helping customers protect everything from mainframes to cloud, results in a unique blend of support that will positively influence enterprise cyber risk management.