William McCormick
Beau Hutto, vice president of Federal for Netskope, recently spoke with ExecutiveBiz regarding his years in the cyber and federal sectors as well as the core values he believes in to improve customer satisfaction and create company growth in the publication’s latest Executive Spotlight interview.
In addition, Hutto also discussed Netskope’s platform capabilities in SASE and Security Service Edge (SSE) as well as the challenges federal agencies face to replace legacy platforms with zero-trust principles and the necessary steps we need to take following the recent Log4j breach.
“The biggest thing that’s come out around Log4J has been that zero-day vulnerabilities have demonstrated the greatest advantage to have a cloud-based security service edge solution. That is the first stop for all your users and data to go through.”
You can read the full Executive Spotlight interview with Beau Hutto below:
ExecutiveBiz: With more than two decades in the federal sector and in the cyber space, what do you believe are the most important core values to build success with your customers and growth for your company in such a competitive landscape?
“Since I entered the business in 2000, there’s been a massive amount of change across both the public and private sectors. While there’s been a lot of innovation, threats have become more advanced and our nation’s attack surface has increased significantly—it’s never been more challenging for federal agencies to defend their critical systems and data.
Collaboration and determination are two of Netskope’s core values, and I think it’s the combination of those two in particular that have best served our customer base.
Federal agencies have unique missions, and the networks they run are unlike any other in the commercial world, so success really requires partnership across public and private sectors and collaboration towards a common goal. Success for Netskope means success for our customers—and when your customer is the federal government, that means success for our nation as a whole.
“Dream big and be innovative” is another one of Netskope’s core values. When I think back over the last 20+ years in the industry, I’m always amazed at the challenges that technology has helped our customers overcome and the enhanced capabilities that they can leverage today as a result of not just the technology innovations, but the creative minds and endless engineering experiments that brought those advances forward in the market. It gives me hope and confidence for a more secure future, and a more efficient and effective way of maintaining operations and sustaining agency missions.
The last core value that I’ll mention is “no politics or bureaucracy”—and for me that really is a reminder to keep things simple. Many of the federal organizations that I’ve worked with over the years have three common problems: They always have to do more with less, their visibility is limited by legacy tech, and their networks are so big and complicated that no matter how many tools they’ve added over the years, they still never really have an accurate measure of risk facing their organization—they don’t know when red really means red.
The ability to give customers a context-rich view through a single console—and to ultimately give them the power to do more with less—is the level of simplicity that federal organizations need to be successful in today’s environment.
Traditional security approaches that are rooted in legacy tech and complex approaches just won’t cut it in today’s environment. That’s one of the reasons I came to Netskope, and why we’re able to help federal customers. Our platform is fast, simple, data-centric, and cloud-smart.”
ExecutiveBiz: With the recent cybersecurity executive order signed last May, what can you tell us about Netskope’s platform capabilities to ensure data security and other aspects like SASE and Security Service Edge that work to improve digital transformation?
“SSE, as defined by Gartner in 2021, is a set of security-focused services delivered through the new, SASE cloud-native security architecture for better end-user experiences when securing any user on any device to any service running in public or private clouds.
Put simply, SSE describes the evolving security stack that sustains the SASE journey—more specifically, a set of capabilities necessary to achieve the security SASE describes.
Much in the way that federal agencies have realized that Zero Trust is a journey, not a destination, SSE will require a very similar approach. Maintaining a good security posture in today’s environment requires the ability to follow agency data, regardless of where it is.
With SSE, agencies can gain context-rich information about what’s happening across the enterprise with an understanding of the data or object level (e.g., Word document, or Excel sheet). SSE provides distributed points of presence to ensure that the user gets as close as possible to where and how data is accessed, whether it’s in the cloud or a private application, ultimately providing agencies with greater visibility and control.
If we usefully organize how SSE solves what security must do in this newer world of keeping data safe in the cloud, there are four core principles:
1.) Security must follow the data
2.) Security must be able to decode cloud traffic
3.) Security must be able to understand the context surrounding data access
4.) Security can’t slow down the network.”
ExecutiveBiz: When it comes to Zero Trust adoption, what are the most significant challenges facing federal agencies as they work to replace legacy platforms with zero trust principles and data-centric approach?
“First, agencies have to come to terms with the fact that legacy systems weren’t engineered with Zero Trust in mind, and as such, legacy is really synonymous with vulnerable in today’s world.
Most legacy solutions were designed under the castle and moat model—they simply cannot follow the data wherever it goes. But to be secure, that’s exactly what you have to be able to do.
Second, just as security products age, so do federal requirements. A requirement that was accurate when written a decade ago may very well be obsolete at this point—but if an agency is still making decisions based on that dated requirement, then their approach to security may be just as antiquated.
Lastly, agencies need to keep in mind that there’s no such thing as a zero trust solution or easy button. The idea of zero trust represents a framework or an approach, but there’s no silver bullet and an effective implementation will take time and resources.
No two implementations should look alike, as there are a wide variety of variables affecting each, but regardless of the difficulty level, adoption is no longer optional.”
ExecutiveBiz: What gaps have been exposed with the recent Log4j breach and how do we begin to find solutions to those networks and systems flaws to ensure greater data security?
“Fundamentally, Log4j is a cyber hygiene and visibility-and-control issue. Federal agencies can leverage technology solutions to identify what apps they have running in the cloud, but the problem is that agency infrastructure isn’t always built in a way that effectively takes advantage of that visibility.
One of the big challenges is identifying all of the compromised assets, as the Log4j Apache Java-based library can be used with a number of applications, not to mention IoT and legacy systems maintained for backward compatibility.
It’s critical for agencies to modernize their infrastructure in order to get at the root of the problem. A modern infrastructure needs to offer granular visibility, context, and latitude to take action, without wasting precious time and resources.
Many agencies are moving towards Secure Access Service Edge (SASE), an architecture that combines several different security and networking elements, at one time siloed, for enhanced security in federal enterprises where cloud access and applications are now ubiquitous.
Security Service Edge (SSE), an important concept for understanding the journey to a SASE architecture, represents the evolving security stack needed to successfully achieve a SASE convergence, including technology capabilities such as cloud access security broker (CASB), cloud-native Next-Gen Secure Web Gateway (NG SWG), Firewall-as-a-Service, and zero rtust network access (ZTNA) that are core requirements for that stack.
The Netskope SSE solution is integrated on a single platform and includes:
- Cloud-native Next-Gen Secure Web Gateway (NG SWG), multimode cloud access security broker (CASB), and zero trust network access (ZTNA).
- Additional converged capabilities include data loss prevention (DLP), advanced threat protection (ATP), cloud firewall (CFW), remote browser isolation (RBI), user/entity behavior analytics (UEBA), and Advanced Analytics (NAA), all within a single-pass architecture, delivered from a single platform, managed by a single console, and driven by a single policy engine.
- Complete threat and data protection with sensitive data awareness and real-time enforcement and at-rest inspection, with the combination of inline traffic analysis and cloud API interaction.
- Resilience and availability with cloud-hyperscale design, cloud-native infrastructure, and NewEdge, with industry-leading uptime/availability and latency SLAs.”
