Forcepoint’s deep secure acquisition shapes the future of malware protection within cross domain solutions and data-first SASE

Sean Berg, President of Global Governments and Critical Infrastructure at Forcepoint, elaborates on how Forcepoint’s deep secure acquisition shapes the future of malware protection within cross domain solutions and data-first SASE.

With our growing need to use and share sensitive data from any location, vulnerabilities abound for malicious actors and nation-states to manipulate, corrupt, or steal sensitive information. Content, Disarm, and Reconstruction (CDR) technology is a new and groundbreaking method for protection against potentially disruptive and dangerous security breaches using malware in commonly used files.

CDR protects enterprises by deconstructing and disarming commonly used files, including MS Office, PDFs , images, etc, and rebuilding them to new, sanitized file. Through this process, malicious content is removed. After processing via CDR, these files can then be passed securely to government, critical infrastructure, and enterprise users without taking on risk of the file containing malicious content.

Malware threat removal is a game-changer for mitigating compromised data that could lead to breaches. Fending off ransomware attacks that happen nearly every 11 seconds, requires non-stop protection of mission-critical data. Governments and enterprises need advanced malware removal with a strong set of security capabilities that can be deployed as required and delivered wherever their data must be securely shared.

This is why we’re excited today to close the acquisition of Deep Secure, a UK-based leader in cybersecurity. The Deep Secure Threat Removal platform with CDR addresses the need for next-generation protection that goes beyond detection-based anti-malware.

Since 2010, Deep Secure has been ensuring organizations can safely exchange information with trusted and untrusted sources. They treat every piece of incoming data from a Zero Trust perspective, meaning everything goes through a content disarm and file reconstruction as if it contained malware. Unlike traditional security inspection products, Deep Secure’s Threat Removal platform is less about detection and more about proactive prevention to achieve a high level of efficacy, along with a great user experience, flexible deployment, and proven ROI.

Forcepoint’s vision and mission is to protect data everywhere. Deep Secure’s data-centric innovations and extensive experience working with many of the world’s most security-conscious organizations, such as government, defense & intelligence, law enforcement, critical national infrastructure and finance, make it a perfect fit. The integration of Deep Secure’s team and defense-grade CDR capabilities will simultaneously increase the depth of Forcepoint’s industry-leading Cross Domain Solutions (CDS) portfolio and extend our Data-first SASE, Zero Trust, architecture for our global government, critical infrastructure, and enterprise customers. The team also has a strong UK presence to help support EMEA and NATO organizations.

For government and critical infrastructure customers, the Deep Secure CDR capability will work with Forcepoint’s existing Cross Domain Solutions. Deep Secure’s High Speed Verifier (HSV) will be used for high-assurance data connectivity to high threat and risk networks. The HSV provides one-way data transfers and data validation that meets both the UK’s requirements for high-assurance data transfers and the U.S. National Cross Domain Strategy and Management Office’s (NCDSMO) guidance under Raise the Bar (RtB) for connecting to high-threat network.

With HSV, agencies can physically segment and isolate high-assurance networks by performing hardware-based unidirectional data flows along with data validation. This data inspection is not possible with a traditional, optical-based, one-way transfer solution. Forcepoint, with the Deep Secure HSV, is now in alignment with the NCDSMO’s requirements for hardware based, data inspection requirement using Field Programmable Gate Arrays (FPGAs).

Said another way, our government customers operating on classified networks can safely access, process and share data from unclassified and other high threat networks without concern. Together with Deep Secure, our capabilities will also help civilian, intelligence and military agencies achieve the Biden Administration’s goal to “identify, deter, protect, and respond” to cyber threats. The Administration has made cybersecurity a focus of their agenda, particularly in light of the recent spate of data breaches.

For commercial customers, we will add Deep Secure CDR capabilities to the following products in our Data-first SASE architecture:

  • Forcepoint Cloud Security Gateway (CSG), which already combines the capabilities of Secure Web Gateway (SWG) and Cloud Access Security Broker (CASB) into a single cloud service
  • Remote browser isolation (RBI)
  • Email gateway
  • Next-Gen Firewall (NGFW)
  • Zero Trust Network Access (ZTNA) gateway

The combined technologies will sanitize downloads, attachments, and other transferred documents. That means users can safely browse untrustworthy and unknown websites and download data into the enterprise once the CDR has removed hidden threats, ultimately under Forcepoint’s unique, risk-adaptive control.

We will continue to enable productivity, while ensuring the highest levels of proactive security and allow our customers to easily acquire and implement these integrated capabilities when they’re ready. And that’s essentially why we sought out Deep Secure. To the team, who will become my new colleagues in the Global Governments and Critical Infrastructure organization, I’d like to say, welcome to Forcepoint. We can’t wait to work together.