Guidance Software’s Principles of Safety

CEO Patrick Dennis details how his organization stays ahead of the cybercriminals—and how other executives can do the same

Cybercriminals are becoming faster, stronger, and more advanced every day. Companies are hit more frequently by complex attacks, while the public demand safety and privacy of the highest order. According to some estimates, professionals discover more than fifty thousand pieces of malware and ransomware. And that’s just scratching the surface.

Patrick Dennis is the CEO of Guidance Software. His organization aims to find order in the chaos that is modern cybersecurity. Guidance helps companies and customers find the comfort and safety that they need. While organizations and individuals have deployed their applications on about thirty-four million endpoints in collaboration with other leading enterprise technologies since 1997, Guidance continues to forge new paths that will keep the organization at the cutting edge.

Dennis spoke with Sync about the principles that guide the organization, how they approach the increasingly mobile and connected world, and what executives can do to help keep their organizations secure.

What are the keys to the success of your organization? Do you have a particular leadership style that drives this success? Or are there key cultural qualities that your employees share?

We have four core values at Guidance. These are something we look for in all of our employees, or as we call them, Guides, and I also try to embody them as a leader. First, we work collaboratively to execute and take accountability. We call this “One Team, One Mission.” Second, we put customers first and work to exceed their expectations at every opportunity. Third, I ask our employees to put heart into everything they do. We are humans first and care deeply for our customers, coworkers, and the communities in which we live and work. Finally, our entire leadership team commits to the value of open leadership. We believe in transparent communication and developing, rewarding, and celebrating achievement.

Can you give me some detail on Guidance Software’s recent projects? What has you excited about the organization currently?

Over the past few years, Guidance has embraced a partner ecosystem. We take pride in our partnerships and integrations with some of the best organizations in security. It is core to our strategy. Doing so makes us faster, better, and improves results for our customers.

A great example is the recent release of our market-leading endpoint detection and response (EDR) product, EnCase Endpoint Security. This release integrates threat intelligence from Webroot directly into our product. This will allow our customers to detect and respond to threats even faster. EnCase Endpoint Security also features a complete UX and UI redesign built around the personas of security operations professionals. The software is easier to use for people that are new to security—and the release does not compromise the deep technology we are known for. Additionally, we built in key automation capabilities to reduce the amount of manual work required, freeing up security resources.

What about the mobile arena?

Mobile is a critical area for us. With all the fuss we have been making about mobile and social, we needed to step up with a product built to address this segment. In May, we announced EnCase Mobile Investigator. Again, working with our partners, this time at Paraben, we brought the power of EnCase to mobile. The comprehensive solution supports iOS, Windows, Android, Blackberry, and even older phones so forensic investigators can quickly find the information they need regardless of the device they are examining.

We focus on solutions for endpoint detection and response and mobile because we believe that today’s mobile technology will play an increasingly important role as the Internet of Things (IoT) space grows and develops. The application of IoT will go beyond consumers and weave into the fabric of our businesses. That means we need to start realizing that there will be a subset of IoT-based endpoints that demand a very high level of security
services. We call these edgepoints. Edgepoints are the subset of IoT devices where security is tightly coupled with a high-impact outcome. For example, security in a connected car is really about safety. As the universe of connected edgepoints grows, the challenge is offering a service level of safety and privacy without creating too much friction in the user experience.

With major extortion hacks and worldwide cybersecurity breaches, what value can Guidance provide to partners?

Guidance exists to turn chaos into order. Breaches are an unpleasant fact given the volume and complexity of today’s cyberattacks. We help our customers achieve peace of mind by providing forensic security solutions that help security teams identify and respond to security incidents before they become major breaches.

When needed, we provide tools for deep forensic analysis and investigation. Finally, we help our customers proactively identify and safeguard their most sensitive information. Guidance works with thousands of customers worldwide, including seventy companies of the Fortune 100, to protect their most valuable asset: information.

Your organization has a worldwide reach. How does that influence the way in which you work, and what advantages does it offer you?

Cybersecurity is an international challenge. We work with many of the largest organizations in the world, which face constant threats from every corner of the world. This global perspective helps us understand both the unique and shared challenges that our customers face in different regions.

What are some key tips for leaders at organizations looking to keep themselves safe from these advanced cybersecurity concerns?

Don’t fear the breach. Too often, executives make security decisions based on fear, and that fear produces unintended consequences. Organizations build higher walls and deeper moats, but the fact remains that almost all businesses operate today in a state of continuous compromise. The first question executives should ask is, “How mature is our prevention capability, and how mature is our response capability?” Every organization needs some level of both, not one or the other. Once that question is answered, the team can make some decisions about how to shift spending and how to build a more robust operation that balances both the need for prevention and response. Without the ability to rapidly detect and respond to threats that bypass perimeter defenses, it becomes a matter of if—not when—an organization will have a major incident.

How do changes like advanced integration through IoT affect how companies must prepare their security plans?

Gartner estimates that the universe of IoT devices will be somewhere in the order of magnitude of 20.4 billion devices by 2020. That radically increases the attack surface area. The traditional network perimeter is crumbling, if it’s not gone already. The IoT only enhances the need for a shift in thinking about security from a focus on building the right system (the impenetrable data fortress) to building a process for preventing attacks, identifying threats, and responding to issues before they become a crisis. Leaders then need to implement a process for constant testing and self-evaluation to find and fix weaknesses.

What do you foresee in the future of data security? Are there any interesting advancements coming down the line?

Criminals—in the traditional, real-world sense—take risks. For example, bank robbers face serious jail time if caught. Today, most cybercriminals never see the inside of a jail cell. Without a deterrent, cybercrime will continue to grow. We don’t have policies and infrastructure built yet to prosecute these crimes. This is one reason that forensic security is so important. Forensic security tools, like those we offer at Guidance, can gather information that is court-accepted when responding to security issues. If, in the process of securing networks, we can begin to more effectively prosecute cybercrime, we may start to reduce or at least disrupt some of this activity. That’s the underpinning of the rule of law: the chain of custody and high-quality evidence brought into a courtroom to prove someone guilty or innocent. We need to bring that same thinking and methodology to cybercrime.