Cloud-Native Breach Readiness and Response: The Case for Mitiga
Cloud initiatives have demonstrated their ability to deliver significant benefits to user organizations. But in some cases, concerns for security are blocking or delaying cloud deployments. In-house security teams, which may be well-versed in on-prem systems, may not have the expertise necessary to ensure cloud-based security. When cloud initiatives do proceed, enterprises often apply traditional security approaches to cloud environments only to find they don’t work. Simply put, moving to the cloud involves both architectural and organizational dynamics that challenge enterprise information security culture in fundamental ways.
Nowhere are these challenges more apparent than in the case of Incident Response (IR). For the most part, incident response processes and techniques haven’t changed since 1993 -- a fact that cloud migrations make painfully clear. In far too many cases, organizations learn about a security breach after the fact from a third party. And once they determine there was a breach, most enterprises will call in a consultancy that specializes in breach assessment and response to investigate, determine the extent of the damage, and define a response plan.
In the aftermath of a breach, these third-party consultancies are often seeing the company for the first time. Precious time is spent on getting up to speed on the company’s IT stack, tuning end-point protection tools so investigators can analyze traffic, query logs, and fill in the gaps. In almost all cases, the opportunity to improve security posture is lost because the response teams (and the consultants they hire) don’t coordinate findings with the proactive teams that build and maintain security postures. This lack of coordination between the reactive and proactive sides of infosec is a common failing and an opportunity lost that prevents companies from improving their overall security based on lessons learned.
Mitiga’s Approach
Mitiga, a new Cybersecurity startup that specializes in security services for the cloud environment, was founded to address the above problems head-on. It is on a mission to bring enterprise cloud security into alignment with the systems it’s meant to protect. More importantly, Mitiga’s vision is to help the organization improve its breach readiness, bridging the gap between incident response and proactive security postures.
Mitiga is currently in stealth, providing its services to early-access customers. Customers touted these aspects of Mitiga’s services as top benefits:
Rapid, zero-touch remote services leveraging the cloud: Mitiga performs much or all of its work from the cloud, in a completely remote fashion, providing high levels of service even under shelter-in-place conditions.
Smart automation driving scale and performance: Mitiga uses automation extensively to improve performance and deliver large-scale incident response services. Automation, when done right and while leveraging native capabilities of cloud platforms, becomes the force multiplier that organizations need.
Bridging proactive (readiness) and reactive (response): Mitiga treats breach readiness and incident response as a continuum, a consistent modus operandi that starts with readiness and extends through response. Every service component is connected in an intentional and measured way, ensuring that security posture continues to improve based on lessons learned.
Mitiga’s services are grounded in what the founders call ‘offensive readiness’ -- helping enterprises anticipate threats and ensure they’re equipped to counter them. CEO Tal Mozes and William Beer, GM of the Americas, both have extensive experience with Cybersecurity services from the “big four” firms. Ariel Parnes, chief operating officer, was a colonel in the Israeli Defense Force’s 8200 elite cyber unit and commander of the Cyber Special Ops department. Ofer Maor, co-founder and chief technology officer, co-founded Hacktics and Seeker and developed the Interactive Application Security Testing (IAST) technique. This intentional mix of enterprise services, military-grade security, and deep technology experience is also reflected in the backgrounds of the people the founders have brought in since the inception of the company.
Mitiga’s approach brings significant customer benefits. In the midst of the COVID pandemic, Mitiga is seeing a great deal of interest from prospects and customers. As a company that challenges conventional security wisdom, Mitiga is creating large-scale, real-time security and incident response services without the assumption of conventional infrastructure or personnel. That mission is clearly aligned with Rain’s investment thesis, which is to re-architect and reinvent security infrastructure for the modern organization. This, combined with Mitiga’s foundational elements of proactive-response continuum drove our decision to invest in the business.