We would like to take this opportunity to wish you a “Merry Christmas” and “Happy holidays”! We sincerely thank you for talking with us, helping us, working with us, or connecting with us in this very unusual year. Special thanks to our customers, partners, and investors who trusted us on this journey in 2020.
This year was exceptional with pandemics and lockdowns. However, I think we as a society navigated successfully with the increased use of technology and the internet with virtual working from school to offices to ordering groceries. While technology enabled us to do business and survive in this unusual pandemic, nature also hinted to us that how important personal interaction is when we had to miss it for a long time. I definitely hope we will learn from this and march successfully in 2021 and beyond.
In the context of what we do here at Ardent, the importance of security and privacy becomes even more relevant with a remote workforce, children attending schools online, the occurrence of a record number of data breaches, and much more. It is becoming even more clear that implementing Data-Centric security is most important to protect data in potential breaches or minimize the impact of breaches. That is the DNA of Ardent and we are making great progress in delivering that.
The FireEye / Solarwinds breach was again a classic example of another compromise that occurred from a supply chain attack. While most of the discussion is around what/how happened and which exploit was used, I think it is important to look at the basics of security engineering in each organization to prevent data loss and protect enterprises. We need to focus on what is impacted (data or sensitive assets) versus what impacted it(malware, exploits). If we know what will be impacted when attacked, we will be in a much better position to secure that in the future.
We need to focus on fundamental security engineering principles like what data we are protecting, do I know all my sensitive data assets? Do I have inventory data assets or crown jewels? Do I know where are assets located within infrastructure? Am I practicing data minimization while storing sensitive data, Am I getting rid of excess data which can be my liability? Do I know what data adversaries would be interested to get when they try to attack us? Are my current security controls and technologies focused or prioritized around that?
I went through this as a Security Engineer, Big 4 auditor, and Product architect throughout my career and that is what keeps me alive every day when we try to solve these problems. Technology is an enabler for security but it more about it is really done(housekeeping) and how we prioritize security controls. That will define resiliency against the next data breach.
I wish you great holidays again and feel free to talk to us if we can help you in 2021.
Founder and CEO