Cybersecurity company Forcepoint, as part of its intensifying focus on what it calls “human first security,” is buying RedOwl, which specializes in using data analytics to measure and manage insider risk.
Austin, Texas-based Forcepoint announced the acquisition Monday, saying RedOwl’s analytics platform would be on sale immediately and over time would be integrated into its full range of products. Executives declined to reveal the terms of the acquisition.
“If the cybersecurity industry fails to put people at the center, it is certain to fall short in helping customers protect their most vital assets,” said Forcepoint CEO Matthew Moynahan, in a statement. “Forcepoint is absolutely committed to empowering customers with human-centric security systems,” and the Baltimore-based RedOwl “fits squarely into this promise,” he said.
Cloud computing, mobile technology and rapid changes to infrastructure are making traditional perimeter cybersecurity “a fallacy,” explained Bharath Vasudevan, senior director for Forcepoint’s data and insider threat security business.
“By focusing on how, when, where and why people interact with critical data and [intellectual property], organizations can more effectively identify and address risk,” he said.
The combination of the two firms’ technology would provide a “comprehensive solution for understanding and responding to the behaviors and intent of people,” Vasudevan said.
Forcepoint’s “human-centered” strategy starts with the view that people — rather than technology — ought to be the focal point for cybersecurity, explained Vasudevan in an email to CyberScoop. The market for it is driven — in part — by recent policy changes governing federal contractors, who are now required to have an insider threat assessment program.
“The integration of RedOwl’s user and entity behavior analytics [or UEBA] technology across the Forcepoint portfolio helps enterprise and government customers deploy these capabilities to analyze large amounts of complex data, assess high-risk events and behaviors, and enact centralized and supervisory oversight to satisfy both security and regulatory requirements,” he wrote.
Since 2011, RedOwl has focused on delivering capabilities “that provide visibility into the holistic activities of people, including cyber, physical and financial … This platform delivers real-time insight into anomalous interactions and access across people, data, devices and applications,” according to the acquisition announcement.
“As I’ve watched Forcepoint’s story unfold, it is clear we share the view that a human-first approach must be the path to addressing cybersecurity and internal risk,” said Guy Filippelli, chief executive officer at RedOwl.
Filippelli and his team will continue to be based in Baltimore, Vasudevan explained. “RedOwl departments will be merged into the corresponding Forcepoint organizations” and Filippelli will join the data and insider threat security organization led by Heath Thompson, a Forcepoint senior vice president and Vasudevan’s boss. Filippelli will report to Thompson, the company said.
“Context is everything, and we look forward to helping customers differentiate between carelessness, compromise and malice in the most efficient way possible, Thompson said.