Security tools are only useful if their warnings are heeded. Yet one of the culprits behind the infamous 2013 data breach at Target was the company’s decision to ignore its own alert system. The result: Tens of millions in fines, the compromise of 40 million shoppers’ credit card data, and the departure of its chief executive.
Eastwind Breach Detection is emerging from stealth with a software-as-a-service tool that does its best not to be ignored. The post-breach detection software will send alerts to anyone who’s supposed to receive them — incident responders, a company’s leadership team, the IT department — until the problem is addressed.
“The interesting thing about [breaches at Home Depot, OPM, and Target] is that the alerts fired just became part of the noise,” says chief executive Paul Kraus. “If our systems don’t see a change in behavior we’ll alert again. And we send out an insight report the day the breach is identified and then again every week after.”
Eastwind also offers context around the breach. Instead of holding information for a few days before trashing it, the company monitors its customers’ data for 200 days to offer an idea of what happened before, during, and after a breach. This data is then collected and shown in the weekly reports sent to its customers.
It’s a bit like marrying your high school sweetheart: This person knows what happened before any problems occurred, watched them take place, and will presumably be around to make sure the issue is taken care of. (Trust me on this one.) Eastwind is meant to remain constantly vigilant, and its memory is long.
The company has other features that are supposed to differentiate it from its competitors, including a mobile application people might actually want to use; a service that can operate on Eastwind’s cloud or other tools like Amazon Web Services; and the ability to detect when a breacher has stolen any information.
But perhaps Eastwind’s greatest strength is that it was built to make it so anyone could use it. “I’ve had the opportunity to sit with [leaders of] Fortune 100 companies that have said, ‘I’ve taken the traditional security solution and give it to really smart guys to analyze,” Kraus said. “It hurt me to think that a Fortune 100 company would have a monopoly on smart people, or that the problem was so complicated that only PhDs from Stanford or PhDs from MIT could solve it.”
Eastwind is Kraus’ response to that concern. Its mobile app is designed to be easy for anyone to learn about the health of their company’s network. Its team was assembled to be the “really smart guys” behind the service obviating really smart guys. And the company’s reports are meant to do the thinking for users.
All together, this means Eastwind isn’t going to forget anything that might help it detect a breach, and it won’t stop warning its customers about the issue until it’s been resolved. Maybe these features will be enough to convince the companies responsible for millions of people’s private data to heed alerts about a threat.
Eastwind leaves stealth to help companies respond to cyberattacks originally published by Gigaom, © copyright 2015.
Related research and analysis from Gigaom Research:
Subscriber content. Sign up for a free trial.
