Equating business with military strategies and tactics has been popular for years. In fact, not too long ago, you could scarcely attend an industry event or company conference without finding executives waxing poetic about the commercial usefulness of musings by Sun Tzu and Carl von Clausewitz.
While many of these notions stretch credulity, some offer common wisdom that is applicable to specific business circumstances, including the development of innovative new digital transformation solutions.
For example, IBM’s planned acquisition of Randori, a leading attack surface management (ASM) and offensive cybersecurity provider, clearly evokes Sun Tzu’s famous comment in The Art of War: “Know the enemy and know yourself, and in a hundred battles you will never be in peril. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant both of your enemy and of yourself, you are certain in every battle to be in peril.”
Let’s consider this point more closely.
IBM, Randori and the ‘Attacker’s Perspective’
Evidence of the dangers that enterprises and public sector organizations face from cybercriminals has become increasingly commonplace during the past decade. Thefts of consumer information troves, exploits targeting valuable intellectual property and ransomware attacks that effectively cripple or shutter operations have all been rising.
There is no shortage of supposed solutions. But preventing cybercrime has come to resemble a game of Whack-a-Mole—stop one attack and others quickly pop up to replace it.
What does any of this have to do with IBM’s interest in and acquisition of Randori?
Randori describes itself as “a hacker-led company” whose cloud native solution is designed to help customers discover security gaps and exposure points, assess potential risks, and improve their security posture. The company’s attack surface management solution uses “adversary” logic—looking at circumstances from the point of view of bad actors based on real-world cyberattacks—and offers recommendations based on both risk levels and asset attractiveness.
In other words, exactly the strategy that Sun Tzu recommended.
The process begins with Randori entering an email domain to map a customer’s attack surface, a process that helps identify entry points for ransomware attacks, shadow IT risks and other problems. The company also offers a solution that combines attack surface management with continuous automated red teaming (CART) to stress test defenses and train incident response teams.
According to IBM, Randori will advance its hybrid cloud strategy and strengthen its AI-enabled cybersecurity portfolio. After the acquisition closes, IBM plans to integrate Randori’s attack surface management software with the extended detection and response (XDR) capabilities of IBM Security QRadar. That will provide real time attack surface visibility to enterprise customers, enabling them to enhance threat hunting, incident response and alert triage processes.
Randori-based insights will also be offered through IBM’s Managed Security Services organization. The acquisition is expected to close in the next few months.
Also see: The Successful CISO: How to Build Stakeholder Trust
Know Them, Know Yourself
One of the most challenging points that organizations face in dealing with cyberattacks is unfamiliarity with the sociopathology and other tendencies that drive criminal and rogue organization attackers. Simply “latching” virtual doors and windows seldom offers true security. It is better to understand how cyber enemies think. That is, to know them and to know yourself, as Sun Tzu famously noted.
That point is vital to understanding both the value that Randori offers businesses and IBM’s desire to acquire the company and integrate its solutions into the IBM Security portfolio. Overall, this is a deal that should provide essential value to IBM and Randori, and to both companies’ myriad customers and partners.
Also see: Best Website Scanners