Cybersecurity is more important than ever, but do you know the basics of this exciting industry? For example, do you know the difference between cloud security and device security? In this Fool Live music video, recorded May 28th, Tim Foolers, foolish analyst, gives growth general manager Anand Chokkavelu a summary of the basics about cybersecurity that investors should know before starting to analyze space stocks.
Anand Chokkavelu: Before I start with the list, I think many of our viewers are probably like me. Once you start dedicating yourself to technology or tech people, I know I can’t tell a front-end developer of a database developer from a lead developer. We divide it into a category as people who understand the code compared to people who don’t. I think there is something similar with cybersecurity. I think there are many facets of cybersecurity, but many of us combine them all. These seven companies are in different fields. Once you start reading, even the companies themselves not only have similar things, but the jargon is a little different. Get words like endpoint security, cloud security, network security, virus protection, local hardware solution, independent security vendors, perimeter security, point cloud solution provider. Tim, what’s your mental frame as you think about space and capture companies?
Tim Beyers: You mentioned many different descriptions and not all of them are acronyms, but they all mean something related but different. I think one of the most useful descriptions I’ve ever heard and that I’m not a security expert, there are often security experts and we have members coming in and giving us help here. A common term, used a little less lately, but I think it’s a little timeless. The idea is called defense in depth. Of all the things you’ve talked about, there are different types of security. But overall, you can create a defense with some depth because you’re taking steps in many different areas.
For example, a security category would be identity management or identity governance and these two things are similar. All it means, honestly, is that Tim Beyers is who he says he is. I hate to refer to myself in the third person. You all say Matt Frankel is who he says he is. The idea is that Matt has an identity. This identity has a username. There is a password. There are some permissions that go with this. So governance is Matt’s idea that he can only go to certain places. If it goes beyond that, if we find it, go, you know what? If your kids place cookies at midnight, this is a governance issue. They should be in bed. Basically that’s what we’re talking about.
In-depth defense is this idea of an end point. This is an end point: an iPhone, a computer. This is an end point. What is endpoint security? It’s about protecting devices that connect to a network and connect to the Internet. Perimeter defense is classically what we call firewalls. Something is in front of the net and he does what Gandalf does: “You won’t pass.” This works until it does. You want to have many different ways to defend your data and defend your users, and in a cloudy world, it’s harder because there are no defined boundaries. Things are everywhere. We have many different types of technologies that help us with this, but they are all related. When we are in the place of saying, as a head of information security, we work out many different ways to defend the data we hold as a company. Does that make sense? Hopefully, this is clearer than where we were three minutes ago.