Jared Shepard, chief executive officer of Intelligent Waves, recently spoke with ExecutiveBiz about the company's evolution of its cybersecurity platforms, how CMMC will shift the government contracting (GovCon) sector and the ways that COVID-19 will transform business moving forward.
“The advanced threat capabilities that we’re facing from the enemy right now is mind-numbing. Intelligent Waves has spent literally millions of dollars in cyber technology and defense. Yet, we could still be hit by an attack. You have to make that investment. It’s just the cost to play.“
ExecutiveBiz: How has Intelligent Waves developed defensive cyber operation strategies to reduce cyber vulnerability and prevent cyberattacks against critical infrastructure?
“It’s a very real challenge. Intelligent Waves started in Iraq supporting the warfighters. Since then, we've been in every war zone you can shake a stick at and we focus on the most tactical of technology. It's in our DNA.
The cyber-world has really evolved to become as dynamic, or maybe even more so than any traditional battlefield. Intelligent Waves constantly strives to evolve with the threat to enable our technical defense. We’re implementing requirements such as Microsoft GCC, embracing technologies that make us aware if the dark web flags our specific Intellectual Property (IP) or customer information; implementing Hypori, a secure “˜Bring Your Own Device' (BYOD) capability while defending our infrastructure with traditional methods such as security appliances and practices.
We also participate a lot in the defense communities that have emerged such as the Defense Industrial Base (DIB), their Cyber Consortium, as well as other technical and commercial consortiums to defend, protect, and enable our information. It’s a constant battle and it evolves every day.“
ExecutiveBiz: With the new CMMC regulations released in Jan. 2020, how will Intelligent Waves modify its Cyber and Security Architecture division moving forward?
“I think CMMC was actually way overdue and we needed to respond to it because of this constant, evolving, emerging and really effective threat by national state actors, criminal organizations, and by people who are simply looking for financial exploitation or just to do harm.
All those things are constantly presenting a threat to companies, like mine, that have IP or work with sensitive data that we need to protect while providing a service to the Department of Defense (DoD). Nobody’s invulnerable to these measures, CMMC is the way the government will force it down government contractors' throats, but in reality, the industry should have been doing it all along.
If we were being responsible for our Cyber domain in the first place, CMMC is not going to be a massive change to what we are doing. It may add some things that we have to change here and there, but a lot of these (CMMC) requirements were well thought out. DoD didn’t just come up with that stuff randomly.
We maintain our ISO 27001 certification showing diligence in our security process. We're a member of multiple working groups such as the GIAC board and we’re working on our NIST 800-171 compliance. All those things are constant levels of effort. It's a complex and intense challenge.“
ExecutiveBiz: How has the company advanced its solutions and actions to keep up with the emerging threats from cybersecurity?
“Intelligent Waves owns Hypori. Hypori is a National Security Administration (NSA) Certified Commercial Solutions for Classified (CSfC) secure Virtual Mobile Infrastructure (VMI) that doesn’t require access or control of your edge device but allows secure access and interaction with controlled data with zero controlled data in transit or at rest. It provides true separation between corporate or government data from what’s actually on the edge device itself, your personal information.
What we’re all ultimately talking about is how does a corporation, or how does the government enable data access on the edge? How do I enable my secure enterprise information to be accessible, manipulated, and essentially leveraged by edge devices?
Attack surfaces are inside every application, every network card, every device, and download. Hypori changes all of that. We flip the idea. Instead of extending data to the edge, we allow you to contract your security enterprise to your enterprise edge yet still allow external devices a one-way viewer into your security enterprise, but without the ability to compromise, lose, corrupt or intercept that data.
It essentially allows a real-time streaming deal AES256 bit encrypted picture to be real cast to your edge device and you can then interact with the picture. You’re interacting with it as if the data is actually on your device, yet in reality, it's simply a streaming picture of the data, not the actual data.
There's no additional device, there’s no data at rest, meaning that the data has never actually come to your device. If your device is compromised, you've lost nothing because the only thing in transit is that dual AES256 picture of the data inside your secure enclave. If your device is hacked, you have malware, the “˜man in the middle' attack, it doesn't matter. Because we don't move your data out of your security enterprise, your data isn't at risk in transit or on the edge.“
ExecutiveBiz: How has the company leveraged mobile application management (MAM) and mobile content management (MCM) to secure corporate data and ensure productivity?
“This is the BYOD zero client technology that truly separates corporate secure data and the secure enterprise from edge devices. This is going to be the future of cyber: how we simplify security and data protection and minimize those attack surfaces.
It makes it easier for you, from a resource standpoint, to defend; as opposed to being exposed in a million ways and then having to defend a million different points of contact. Isolate and reduce those points, consolidate your defense capability, and you can protect your data more effectively.
Hypori fixes this problem through the idea of virtual access. Essentially, you have a true zero client capability that enables the two-way interaction with data, but without ever actually exposing the corporate data to the edge device. Because there’s no data on the device, there’s no need for control of that device providing a true separation of personal data from corporate data. No privacy issues, no liability issues, you inherit no risk from users’ BYOD devices.
We’re eating our own dog food and that’s how we’re deploying and beginning to limit access to data itself or exposure of data itself to all of our end users and remote workers.“
ExecutiveBiz: How has COVID-19 transformed your technology and security offerings moving forward?
“From a business standpoint, COVID-19 ended up being a tremendous opportunity for Hypori because our technology was built around remote secure access to data. All of a sudden, we must tell people to stay at home and work from home, but most businesses and even the government were not prepared with an infrastructure in place to support those kinds of functions.
Hypori is an NSA CSfC certified product that, once deployed, can enable true Bring Your Own Device (BYOD) capabilities. This brings many advantages beyond simply data security; it enables desktop consolidation or reduction in the cost of infrastructure. I don’t have to buy you new laptops. I don’t have to put in a new Virtual Private Network. I don’t have to put in new circuits. I don’t have to do anything else like that. Hypori enables any existing infrastructure on the edge to be secure, from Android, Apple, or Windows.
We were successful inside the unique parts of the DoD and IC, but three months ago if we would have told the DoD they needed to be prepared to implement a COOP / Disaster Recovery program that required most employees to work from home, we would have been laughed out of the room. Today it's a top priority. The department is now evaluating the potential of deploying millions of licenses across the entire DoD to enable remote secure access to government networks, without having to build out another entire infrastructure, being able to do so in weeks instead of years, with technology their employees already possess.
Hypori is in the process of explosive growth and opportunity because COVID-19 demonstrated how important secure, remote access to data is and how the old and traditional approach is difficult to scale. It’s a perfect opportunity for us to demonstrate why an evolving technology like a VMI and BYOD is the way of the future for secure access to your data.“