dcsimg
 

BlackBerry and Cylance: Moving Aggressively to Secure the Coming IoT World

Monday Nov 26th 2018 by Rob Enderle

BlackBerry is working hard to become the go-to vendor for IoT security, including with a Cylance acquisition.

We are rapidly moving to a world in which virtually everything that is plugged in, and a lot of things that aren’t, will be managed by some central IoT controller. The promise is that our electrical bills will go down, and our appliances, lights, doors, HVAC systems, and transportation systems (including elevators) will dynamically and automatically adjust to our preferences. The problem is that much of the technology is not only not secure, so it could be used to aggravate or harm us, but it isn’t powerful enough to run traditional PC or even smartphone-level security.

This means that a very different approach is required to how you successfully secure these things, and that approach is the reason behind BlackBerry’s acquisition of Cylance. At this writing, the market appears to be receiving news of this acquisition very favorably.

Why Existing Security Approaches Don’t Work

BlackBerry initially attempted to embrace IoT with its own deep portfolio of security offerings, which largely evolved out of its smartphone efforts. While there are a significant number of devices, particularly those that are wireless, that would handle this overhead, the vast majority of coming sensors and devices probably would not. As noted above, this is largely due to the lack of processing overhead. One of the markets most impacted by this problem is the petrochemical market because, from refineries to oil fields, it deploys a massive number of sensors to detect problems before those problems become catastrophes. The more sensors, the safer and more productive the related plant but, should someone compromise a sensor and cause it to misread, the outcomes could range from a contaminated or sub-standard product to an explosion big enough to critically damage a city or country.

Cylance

To address this concern, Cylance developed an extremely thin solution which was cloud independent, wired, and would require a far lower number of updates than most systems. This is one of the newer solutions that makes extensive use of AI to focus on where the attack is occurring, at the endpoint, and provides an in-depth approach to protection.

It gets there by managing the IoT deployment like a system, where each part has its purpose and if it acts contrary or outside of that purpose, the AI is designed to identify and then mitigate the threat. It also ensures that no unauthorized device is introduced successfully onto the secure IoT network and analyzes applications in real time to make sure they are authorized and operating within their approved scope.

Designed with the idea that the network will be penetrated likely by an attack not seen before, the AI looks for unusual events like a misuse of memory and then responds to the threat instantly if such misuse is discovered. In the design, it appears to have specifically focused on zero-day attacks, recognizing that often prevention isn’t available until well after the successful attack is discovered because a script then typically needs to be created and distributed. With the scriptless AI-based solution, there is no delay; it moves to mitigate the attack close to instantaneously.

It is interesting to note that many think this may be the last large acquisition of technology in this class because there really isn’t much left focused on IoT that can be acquired anymore.

Acquisition Process

One of the problems with most acquisitions is that firms do integration mergers, which destroy the asset. While Cylance won’t be fully independent, the plan is to largely leave it alone as a separate division, lowering the risk of unplanned employee departures and allowing the firm to continue to execute. This is basically the process that Dell has proven is so successful and it should preserve the company while BlackBerry works to integrate the solution into its portfolio.

Wrapping Up: BlackBerry and IoT Security

BlackBerry is working hard to become the go-to vendor for IoT security. It is largely immune to invasive moves by either the U.S. government or Chinese government because it is based in Canada and so can better resist attempts to compromise its solution by these ever more aggressive players. Cylance fills a very important gap in the security solution and the merger approach appears to mirror best practices developed at Dell and IBM, which should assure its survival. The result is that the BlackBerry position is substantially improved with this acquisition and those that use it should be far more resistant to the increasing number and level of attacks, some state-sourced, that we all are experiencing.

Rob Enderle is President and Principal Analyst of the Enderle Group, a forward-looking emerging technology advisory firm.  With over 30 years’ experience in emerging technologies, he has provided regional and global companies with guidance in how to better target customer needs; create new business opportunities; anticipate technology changes; select vendors and products; and present their products in the best possible light. Rob covers the technology industry broadly. Before founding the Enderle Group, Rob was the Senior Research Fellow for Forrester Research and the Giga Information Group, and held senior positions at IBM and ROLM. Follow Rob on Twitter @enderle, on Facebook and on Google+

 

Home
Mobile Site | Full Site