Ivanti, Cellamare: "Safe business systems only with hyper-automation"

• Cyber Security The Regional Sales Director for the Mediterranean area: "Technologies make the difference with the everywhere workplace: thanks to artificial intelligence, machine learning and zero trust approach, the best results are achieved, freeing up staff for higher value activities added" 18 Feb 2022 Antonello Salerno "Nowadays it is no longer possible to talk about the security of a company's IT infrastructure and more generally about cybersecurity without an approach that puts automation and hyper-automation in the foreground. The threats are now increasingly sophisticated, and there are no longer perimeters to defend, as demonstrated by the Covid-19 emergency. People also work from home and use all kinds of devices, even personal ones. And this has paved the way for threats that must be faced with a new approach compared to the traditional one, making use of the possibilities offered by artificial intelligence to prevent accidents or attacks ". The picture of the new cyber threats and the most effective technologies to counter them is in this interview with CorCom Marco Cellamare (in the photo below), Regional Sales Director for the Mediterranean area of Ivanti, a company that has made the "everywhere workplace ”its own mantra. Can Cellamare tell us something more about Ivanti, about his presence and his goals in Italy? In the past year we have faced an important growth process, with four acquisitions and a series of organizational complexities for the integration into the group of the skills and peculiarities of each "new entry". We are now in the phase of growth - also in terms of staff - in Italy and on a global scale, which also closely concerns the sales department. Important investments have been made for the development of the sales organization: we will expand our staff in the sales area by 20% in the Mediterranean area alone. This development follows the growth in turnover, which has passed, also thanks to the acquisitions - primarily those of MobileIron and Cherwell - from 520 million dollars at the end of 2020 to 1.5 billion at the end of 2021. The objective of these operations was to develop and consolidate a unified IT platform to better serve the new hybrid business model, enabling people to work from anywhere, at any time and with any tool, thanks to a unified IT offering. Thus was consolidated Ivanti Neurons, the automation platform for unified endpoint management, Zero Trust security and enterprise service management solutions. A unified IT platform that allows devices to self-repair and self-protect, which today has over 45,000 customers, of which 96 are part of the Fortune 100 ranking. Companies that have chosen Ivanti to protect and manage their IT resources from the cloud at the edge, ensuring quality user experiences for users. How important has the pandemic been in the development and success of this approach? The first impact of the pandemic, from the point of view of companies, was the need to provide devices to everyone to work remotely, making them safe and being able to manage them remotely without invading the privacy of individuals, providing secure access to corporate resources from remote. But to be honest, all the attention to cybersecurity had grown significantly already in the year preceding the pandemic, for example for the protection of mobile devices thanks to anti-malware. In all this, however, the attack vectors have often remained the "traditional" ones, such as malware. How can we photograph the situation today? We dedicated the Ransomware 2021 Year End Report to this topic, which highlighted four main trends, starting with a 29% increase in attacks. The main attack vector, according to the data available to us, is unpatched vulnerabilities. Against 65% of new vulnerabilities detected, it emerged that a third of these had already been exploited in the past, and that 56% had already been identified before 2021 and yet continued to be exploited. Compared to the patch strategy, it is essential to think first about critical assets, if possible by automating processes, with tools that are able to automatically detect vulnerabilities and solve problems without manual intervention. The second trend is that hackers exploit zero day vulnerabilities before they are made public. This makes it increasingly necessary for an agile response from vendors in detecting security issues and releasing patches. The third trend is the growing prevalence of supply chain attacks, dangerous because they can cause widespread damage, with chain compromises. Finally, the fourth trend is that which highlights how cybercriminals are increasingly inclined to share their services with third parties, following the model of legitimate software solutions as a service. In short, a new business model in which ransomware developers offer their "services" to other criminals in exchange for a payment. What are the cornerstones of your "automated" approach to cybersecurity? At the heart of our strategy is the goal of offering an approach based on artificial intelligence, machine learning and hyper-automation, thanks to Ivanti Neurons. In practice, it is a question of identifying, detecting and resolving threats in the simplest and fastest way possible, starting from the observation that the human factor for the hygiene of an IT infrastructure is no longer sufficient. In practice, our approach consists of 4 phases, starting with the "discovery": it is essential that the IT team is fully aware of 100% of the company's infrastructure. So what are the devices that are part of the network and that connect to it, with tools that allow you to have a dynamic picture of the infrastructure, to understand the context and apply the correct management policies. The second phase concerns the management of the devices, to keep them under control based on type, properties, location and use. The third concerns security: in this case it is a question of protecting the endpoints and devices that are part of the network. Starting from the now common consideration that passwords are no longer an effective means of keeping company data safe. We thus focus on different authentication methods, which involve the use of biometrics or multiple factors. The last phase is to provide a service, then to assist users in accessing and using the devices. In this context, automation is not limited to preparing and installing patches, or guaranteeing user productivity, but also serves - as we said - to free up resources for the IT department, continuously monitoring the protection status of the infrastructure. for example by correcting critical issues without having to open a ticket. How do the "best practices" in the field of information security apply to IT service management, and how can they contribute to the improvement of internal company workflows? IT service management is complementary to security. Today, IT infrastructures are designed for companies "spread" in the area, which integrate the office and workstations remotely. It is a question of optimizing IT for these needs, and to achieve this it is central to implement a zero trust structure, based on the principle "never trust, always verify", regardless of the rights assigned to each user. Another best practice is to know the infrastructure 100%, with an automation of the service desk. Having automation, visibility and more time to devote to new requests is essential, also because IT budgets often do not increase in proportion with the workloads of dedicated teams. With remote work, IT has become a strategic partner, and the company that is able to rely on hyper-automation for digital transformation and protects itself thanks to zero trust has requirements to conduct business in a more secure and effective way than competitors, gaining competitiveness.