Chris Waynforth from Imperva speaks on digital security
Can you tell me about Imperva?
Imperva is the comprehensive digital security leader that aims to protect data and all paths to it - from the edge to the application to the database itself. All of our products are informed by Imperva’s Research Labs and our global intelligence community that helps keep Imperva ahead of the threat landscape and seamlessly integrate the latest security, privacy, and compliance expertise into our solutions.
What is your role and responsibilities at the company?
I’m the Area Vice President for Northern Europe at Imperva, which means I work with organisations of all sizes across the region to provide support and guidance on how they can protect themselves on their digital transformation journey. It’s a challenging role - some of our customers have extremely complex requirements that requires a tailor-made solution, so my day-to-day involves a lot of creativity and problem-solving. On top of that, because the cyber-threat landscape is constantly evolving, we have to keep up with the latest developments.
How does Imperva help protect customers from cyber-attacks through their digital transformation?
As digital transformation projects are accelerating, organisations are more data-driven than ever before. However, monolithic IT environments have evolved into a complex ecosystem of APIs and applications operating in multi-cloud environments that are hard to secure. At the same time, we know that cybersecurity teams are under huge pressure to monitor and react to threats, keep pace with new risks, all while managing an average of 75 security solutions in their tech stack.
In addition, the way in which data is processed within the network, at the edge, and within application or development environments mean that the three can no longer be treated as separate security considerations. After all, they are all intrinsically linked. A key example of this is application development. For years, developers have been building apps and functionality outside of the purview of security teams - yet these apps are constantly accessing critical data so unless app sec, data sec, and DevOps are working in unison, there will inevitably be gaps created which can lead to data leakage and reputational damage to companies.
This is why we’ve built a unified security platform to protect data wherever it lives - from outside or inside the network, to allow our customers to manage complex and automated cyber risks in one place.
What do you see as being one of the top emerging cyber trends this year?
In conversations I’m having with customers, API insecurity is starting to come up a lot. As digital transformation projects proliferate, organisations are increasingly reliant on a growing number of APIs to operate. However, this is only opening more gateways for hackers to attack. Gartner has predicted that API attacks will become the most-frequent attack vector by the end of this year, which makes sense because, since APIs are connected to the data layer, they are effectively a highway to organisation's most important asset – their data.
Importantly, businesses need to understand that many of today’s API security tools are narrowly focused on monitoring the endpoint, but that’s not enough to stop a lot of the breaches we’re seeing. Instead, organisations need to look deeper – into the payload and the data the API is accessing. By taking a data-centric approach, organisations will be able to harden their applications and protect their organisation from the next mega breach.
What can we expect from Imperva in 2022?
Our aim is to be the comprehensive digital security leader, so we’re constantly looking for new ways to help our customers. For example, right now we’re seeing a lot of concern around the rising volume of API abuse, so we’re working on ways that we can enable customers to build security into their operating system at the data-level, and support them to find a new way to approach API protection.
For instance, in talking with customers, we know that simply being aware of how many APIs you have in your environment isn’t enough. At Imperva, we are focusing on protecting the underlying data to help security and development teams work cooperatively without altering code or slowing down the development lifecycle.