Unisys: cybersecurity strategies in a digital revolution
Unisys is a multi-billion dollar global IT organisation known for building highly secure, modern digital platforms. Unisys provides multi-cloud solutions including cybersecurity, targeting various sectors such as Digital Government, Lifesciences and Healthcare, Financial Services, and Travel and Transportation. The organisation transforms and manages its client’s applications, data, networks and devices.
JP Cavanna is an Industry Director - Cybersecurity UK & EMEA at Unisys and is a strategist focusing on Unisys Stealth®. Since beginning his career in cybersecurity in 2003 with the Metropolitan Police. He believes that cybersecurity has continued to become more challenging in recent years. “Since its inception, cyber is becoming ever more complex as we bolt on solutions to problems that appear that we perhaps haven’t foreseen,” explains Cavanna. “As an example from many, the convergence of IT and OT is a big deal for businesses at the moment because that conversion brings a lot of tangible business outcomes for them but also brings a huge amount of risk too. This is because these operational technologies could only previously be attacked physically, but now if they are connected to an IT system, you can get to them from pretty much anywhere.”
At the beginning of 2020, Unisys announced the launch of the latest version of its award-winning Unisys Stealth security software suite. Stealth strives to give its clients order, resilience and breathing room in their cyber posture so that they have the confidence to handle whatever happens and so providing assurance, reassurance and resilience to the business. “We achieve this by using software defined perimeters and identity-based encrypted microsegmentation to create a zero trust environment, providing hyper secure end to end encryption of data between any two points, anywhere,” he explains. “This is in addition to unique capabilities in cloaking networks (so they become undetectable to attackers – ‘you can’t attack what you can’t see’), dynamic isolation, an industry first that can isolate a rogue endpoint or user in under 10 seconds, and cyber recovery capabilities that will allow our clients to restore their golden copy data safely back into an infected network within minutes of an attack occurring.”
The Stealth solution addresses threats associated with the ever-evolving digital landscape where adoption of cloud, mobile and IoT continues to accelerate. Through its integration with security incident and event management systems, Stealth provides clients with the reassurance of immediate action to respond to security incidents, stopping attacks in progress. “The beauty of it being software is that it overlays network architectures and integrates with applications and security toolsets that organisations may be using,” explains Cavanna. “You don’t need to replace anything, Stealth overlays it nicely.”
This overlay will help to visualise network traffic and the nodes in the computing environment. It collects network traffic data that enables the user to identify the nodes in their environment and their communication paths. “This capability works alone or will integrate with other toolsets you may have in your environment giving unprecedented network visibility and visualisation, an essential component of a zero-trust environment,” says Cavanna. “The Stealth capability consists of several elements mentioned at the beginning of this report, a particularly useful one of which is dynamic isolation. This identifies a rogue endpoint or user and isolates it in under 10 seconds, which is incredibly powerful. If you combine it with encrypted microsegmentation, what you do is you compartmentalise your network so if an attacker or malware gets into that space, it will limit its travel within the microsegment and thus your network will be isolated from malware in time, i.e. in under 10 seconds.”
“Furthermore, this microsegmentation provides granular visibility into your network and, if you want to create a zero trust environment, it’s fundamental that you know exactly what is happening on the network,” he explains. “We call the microsegmentation of a network Communities of Interest (CoI). Aside from the obvious provision of least privilege for users accessing only that data and applications they need to do their jobs, these CoIs help to protect legacy systems in a network as well as IT/OT enabled technology. This principle can be used to provide secure remote access for employees and to reduce reliance on the VPN for such tasks, which is ageing technology that has well documented vulnerabilities and limitations.”
Cavanna insists that the future of the software is bright and adds that there are set to be even more features added in the near future. “Stealth is not a ‘new kid on the block’. It has been protecting governments and commercial organisations for nearly 20 years and is constantly being improved and updated with new features. One key development feature this year is our identity capability.”
Stealth Identity™ is a biometric identity management software and it is a vendor-neutral, highly scalable, multimodal, multi-channel, easy to use, extensible and auditable system that securely stores verified biometric identities and supports the complete biometrics identity lifecycle. “We’ve been protecting borders with it for 20 years,” he says. On other features, “We’ve also enabled iOS and Android devices along with updated Stealth dashboards to provide even better visibility, so you can see we’re continuously seeking to expand and improve the functionality of this very powerful software.
“If you think about the challenges of cybersecurity today, it’s all about protecting data. In the old days, we used to try and create an impenetrable fortress and protect everything at the perimeter,” he explains. “Now we’re all connecting into company data, which is the most precious asset, by different means, be it corporate laptops, mobile devices, tablets etc. So, where is that perimeter today? The new perimeter is arguably us humans. With its ability to reduce the complexity of your environment, encrypt your data in motion hyper-securely between any two endpoints anywhere, bring visibility and control to your network with identity-based encrypted microsegmentation, and to stop attacks in their tracks at malware speed, Stealth brings order, resilience and breathing space to your organisation.”
Anupriya Ramraj is Vice President of Cloud Services at Unisys and has spent a large portion of her career with Hewlett Packard Enterprise leading engineering efforts for cloud software and as Director of Cloud Practices at DXC before transitioning into her current role with Unisys in November 2019. Ramraj is responsible for accelerating and securing the cloud journey for Unisys customers leveraging CloudForte® software. She likens cloud migrations to a space odyssey. “Depending on whether you want to go to the Moon or Mars, you’re going to need a different set of landing gear and that’s how we view multi-cloud migrations,” she says.
CloudForte is a comprehensive services offering to help accelerate secure migration and transformation of data and applications to a cloud that best fits the customer needs including private clouds, and hyperscalers like Amazon Web Services, Microsoft Azure and Google Cloud. Customers in the commercial and public sector leverage CloudForte and Unisys’ expertise to transition to the cloud. CloudForte managed services are subscription-based, so users can seamlessly access and innovate leveraging the full potential of cloud across any scale and optimise resources, facilitate day-to-day cloud operations, manage hybrid infrastructures and drive down costs.
“We bring in our own unique IP and third-party products from our partners, value-driven processes, and certified cloud experts to offer the best solutions for our clients,” says Ramraj. “Rapid provisioning and high availability are a key focus. A public sector agency that was looking at three months to provision any hybrid-cloud workloads due to a lot of manual processes they had in place. Using Unisys CloudForte solutions, we were able to hyper-automate and bring down the provisioning time to less than 30 minutes with the right security and operational governance built-in. CloudForte enables innovation with cloud services. For example, we have a large public university with over half a million students and for this client we set up a cloud data lake powered by AI services. We are now able to predict and drive student graduation rates with timely intervention. That’s the power of cloud to drive the right business outcomes.”
“Cloud adoption needs a solid understanding of the shared responsibility model for security between the organisations and the cloud providers. This varies based on whether they are adopting IaaS (Infrastructure as a Services) vs. PaaS (Platform as a Service) vs. SaaS (Software as a Service). When customers are adopting IaaS, they’re still responsible for the workloads, e.g. making sure the virtual machines are patched to avoid being vulnerable to the increasing threats. In the case of SaaS, clients are still responsible for the data and access controls. Cloud Service Posture Management (CSPM) is increasingly important as organisations have rushed to the cloud in the pandemic, and need to realise that mis-configuration is one of the leading causes of security breaches.”
Newly released CloudForte capabilities include over 2,000 automated security policies and support for over 15 compliance standards (e.g. GDPR, CIS, NIST, HIPAA). They include checklists that enable well-architected reviews across multi-cloud deployments, accelerate application modernization and secure Kubernetes deployments. With a comprehensive Cloud Management Platform and blueprints and accelerators, CloudForte helps organisations with brokerage across their multi- and hybrid-cloud environments, and provides an automated and optimised way to continually manage overall cloud environments including cost, security and performance.
Jamie French is Director of Strategy and Portfolio - Security Solutions at Unisys and oversees TrustCheck. French says that he sees cybersecurity getting more challenging for customers, rather than easier. “It’s getting more confusing for customers to choose from all the options out there because there’s thousands of companies that are claiming the same things,” he says. “I believe in the zero trust principles and philosophy and everyone says they do zero trust but it’s important that if you’re a consumer that you strategically decide where you should focus the security programme on because you don’t have unlimited funding to address these problems.”
TrustCheck is a new service that draws on the strength of an analytics model used in the cyber insurance industry to quickly and easily access the potential financial impact of cyber risks. Unlike the other risk assessment offerings, TrustCheck is a security service delivered on an annual subscription basis, providing security professionals with updated information on their organisation’s cybersecurity posture and helps them understand where they have risk and where they should focus to reduce risk further. “It’s a portal where we help customers understand risk in financial terms,” explains French. “When we looked at the market, we identified a communication gap where people were talking about implementing different projects and would say they needed a next generation firewall and would present this to decision makers. However, they didn’t see a return on investment and the language in the boardroom is dollars and cents. TrustCheck translates that risk and places a value on it. There is a feature called scenario lab which offers the ‘what if’ scenario and allows the user to apply a baseline to find the benefits and determine a cost. TrustCheck provides that level of confidence that an organisation is going in the right direction.” French affirms having an agile and proactive approach to the security landscape is essential. “It was important before COVID but it’s even more important now,” he says. “If organisations were doing something to reduce risk and secure their organisation before, then it was a step in the right direction. However, now, companies have a bit more of a limited budget in lots of cases and there is a bit of tightening of the belt. Now, making a mistake might be fatal whereas before it might just have been a lesson learnt. It’s a really important aspect to consider today.”
French believes that the three solutions: Stealth, CloudForte and TrustCheck, compliment one another well. “I’m a firm believer in defence-in-depth and I don’t believe there is a silver bullet out there,” says French. “Organisations need help understanding and communicating to boardrooms about what to invest in, which is why TrustCheck is so useful.” Ramraj likens the three services as a layered cake when combined together. “The cloud providers are covering off the data centre and physical security, we have the network elements that we have Stealth to cover and the cloud workloads, configuration, data and applications are protected by CloudForte,” she says. “These products are all complimentary to address all the layers of that cake.” Cavanna agrees and affirms that the three tools are a great foil for the other. “A lot of organisations are realising that VPN probably isn’t the way to go anymore and cloud is becoming the choice,” he says. “We have that ability with CloudForte to ensure everything is considered properly. With Stealth, you have the security overlay and if you implement Stealth with the microsegmentation it reduces your cost in relation to manpower and decreases the reliance on dozens of different security tools and reduces complexity massively. These three tools compliment each other fantastically well.”