In a world where rapid technological changes dictate the business reality, the advantage is on the side of the court of the start-up companies. On the other hand, major technology corporations that consolidated their status in the previous decades mainly on the basis of IT solutions find it difficult to catch up and close the gaps. The main reason for this difficulty is a massive and bureaucratic organizational structure that is incompatible with the rapid technological changes today's clients demand. In the field of information security and cyber technology, this is a substantial gap.
In order to reduce this gap, global corporations that sell technological products are currently acquiring start-up companies for two main reasons – to retain the innovative edge and to reduce the cost of the product development process. Executives in start-up companies realize that the power of the corporation is in international marketing, in client confidence developed over many years, in regulation that demands the supplier of the solution to undertake commitments that necessitate deep pockets, and in the inability of the end client to cope with the flood of products in the technological market. At the same time, the same executives understand that it is very difficult to retain the innovative spirit in such massive organizations. The second reason has to do with the cost of developing new products. If the cost of the start-up company is lower than the cost of developing the product in-house, acquiring the start-up company will be the preferable alternative.
"In the Israeli context, most of the global corporations acquire start-up companies in Israel and convert them into the corporation's development center in Israel," explains Dr. Yaniv Harel, General Manager of the Cyber Solution Group at Dell-EMC. "The challenge with such a move is to introduce a start-up company into the culture and rules of operation of the international corporation. In some cases it takes years, and it does not always succeed.
"Contrary to standard market practice, we initiated, about two and a half years ago, a process of germinating innovation within the company under an initiative led by Dr. Orna Berry. The objective was to establish within the company a solution group that would conduct itself like a start-up company, while at the same time 'playing' according to the rules of a major international corporation. In this way, we can deliver innovative solutions to the clients in a manner that is faster and better synchronized with the company's operations. At the present time, this is a unique model that operates at the Israeli branch of Dell-EMC.
"In our cyber solution group we look at all of the members of the group and germinate new solutions. It may be a solution that integrates existing products, or a solution developed from the ground up by the group. That is the reason why we are regarded as a development group. Dozens of people work within the group, and it operates out of the Dell-EMC facility in Beersheba, which has already crossed the 200 employee line."
The solution group led by Dr. Harel is involved in three primary fields of activity – simulation and cutting-edge technologies, CERT management systems and security for private cloud services.
In the simulation field, Dell-EMC decided to focus on network penetration testing or PT. This is an activity required by regulation in certain content worlds like finance, and in the absence of mandatory regulation, it serves as a tool that enables executives to understand where the risks are within their network.
For their solution, Harel's group uses, among other things, the tools offered by VMware, a member of the Dell group, to virtualize the client's network. Duplicating the client's network in a virtual environment makes it possible to conduct automatic penetration tests at maximum intensity with no fear of damaging the operational network.
"We can take an extensive range of attacks and test them against the client's virtual network," explains Harel. "As we developed the system with an open-ended configuration, clients can insert their own attack generators as well as those of third-party companies from around the world that develop attack generators for PT purposes.
"This is a field that enables us to perform automatic penetration tests in a virtual environment. You can run the test for a specific segment of the network or for the entire network. The fact that it is a simulation of the real network enables the testers to inject any attack they want, on any scope, without any concern of disabling the operational network. The advantage of the automatic solution for PT is in the fact that it runs continuously. In most cases, human-run penetration tests are conducted once every three months or once a year, and that is a reality that leaves the organization with security gaps.
"The option of running PT on a virtual environment with no concerns enables the client to enforce the regulation more effectively. When an operational network is tested, the client may tell the tester not to test areas he defines as sensitive to the business activity. In such cases, the regulator does not always know what was actually tested – but only that the company had conducted PT on their network. As far as the regulator and the organization being tested are concerned, the simulative option is a Win-Win proposal."
The second field of activity in which the solution group is involved is the field of SOC (Security Operations Center) and CERT (Cyber Emergency Response Team) management systems. "We started off with a SOC management product by RSA, SecOps Manager. On top of this product, we developed a solution that enables adaptation to the client's needs. As far as we are concerned, it does not matter what SIEM (Security Information & Event Management) system you have – our product will be installed on top of it, as a tier that runs processes on the basis of a structured methodology," says Harel.
"Along with our SOC management product, we have a development of a CERT center at the state or business sector level. In Israel, they developed a national CERT model plus sectoral centers for the energy sector, the finance sector and so forth. These centers are designed to provide information and response teams in cyberattack situations. We established a coalition with IBM and Rafael and won the CERT tender about eighteen months ago. Since then we have been engaged in accelerated establishment activity in Beersheba. The third activity of the group revolves around security solutions for private cloud services. This activity is still under development so I cannot elaborate any further at this point."
At the same time as its development activity, the group is engaged in an on-going dialog with the marketing and sales units of the company as well as with the clients. "That is how we select the fields of activity for the group," explains Harel. "Security for private cloud services is an example of a solution development process synchronized with the company's objective of selling private cloud solutions.
"The time it takes the group to develop solutions varies in accordance with the distance we have to cover. In the case of integration for existing products, the development process will be completed faster than the process of developing something from the ground up. We also cooperate with the Israel Innovation Authority in order to develop unique products.
"Please bear in mind that at the end of the day, the objective of the solution group is to generate innovation within an international corporation. The combination of independent development capabilities, access to all of the group's products and the dynamics of a start-up company – all of these elements provide Dell-EMC in Israel with an innovation generator that offers our clients solutions at the cutting edge of technology, with the confidence and reliability of an international corporation."