Transcript
Hi Mike Matchett with Small World Big Data. We're here at Rsac 2025 talking to the latest and greatest cybersecurity vendors and solutions. All the innovative products out there. We're here with Cy4Data labs. We're talking about their role in cybersecurity. And they've got some interesting things to talk about with Lance. Hey, how you doing? I'm doing quite well. How about yourself? Good, good good. Um, so just let's set the stage. We're part of the cybersecurity problem. Are you tackling for people? Uh, we're actually doing it at the data level, so it's it's a little bit different here. What we're trying to do is we're trying to protect data itself in situ, you know, within databases, which is a different view than people normally take. All right. So you're not necessarily saying, hey, it's about access control identity management or XDR, but really protecting the data itself. Protecting the data itself. It has a lot of benefits. So when you actually look at it, when when we take a look at data breaches, you look for a key word, the word record. That's why we know it's sitting in a database. Within a database there's many fields. And what we do is we protect each one of those fields independently with its own encryption key. That gives us a lot of control of who can have access to that data itself. If you don't have the permissions or authorization, you don't get to see that data. Now, when you move data around outside of the database, put it into our ports, share it to another database. It always remains encrypted and we call it protection in use instead of at rest or in flight. All right. So that's kind of cool because normally I'm a storage guy and we talk about data encryption. We talk about data encryption on the disk. We talk about data encryption on the network. But once it gets to an application or a database, it's usually, you know, if you get into it, you got it. That's the floor actually. Normally when databases are operating they have to decrypt it when it comes off the the storage drive. And then now it's in the clear. And if you if you do a query it gets sent to the the user that made the request. It's in the clear. That's the vulnerability all along the way. So at rest and in use has certain levels of protection, certain types of attacks, but not where all of these data breaches are actually occurring. So now when someone breaks into your network or they get to it through an application, they've stolen somebody's credentials, or there's a, you know, some type of vulnerability or exposure, all they get to see is encrypted data in its raw form, and then only when it gets to the endpoint device and it gets displayed is the only time it gets revealed. All right. So this encryption is happening at the point of consumption. The point of consumption. And that's the safest place right. So we take a look at it. We measure at what point in your networks does the security boundary end. Does it when it comes out of the database, is it done when it gets over to the end of the line and on the endpoint machine, is it done or is it when it's displayed. Because for us it lands on the machine encrypted. It's in memory encrypted. It doesn't get decrypted until it's actually physically displayed. I mean, it's pretty interesting in concept that you're taking encryption that far, but I would have a concern as an IT guy about scalability. If you're encrypting every field and every record with its own key, how does that possibly work? You're right. What we're talking about here is millions, tens of millions of keys that are protecting a single database, but it's protecting tens of millions of pieces of data. And the database itself is operating on the encrypted data naturally, just like it is like a foreign language. Databases don't care if it's English, French, German or Italian, right? It's still just as fast. It's the same thing. In this case, the translation is to something very foreign, like maybe Klingon. If you're a Trekkie, right? You can't actually understand it or read it, but it's protected. It's when we translate it back is that when it gets revealed? So scalability exists on the same system that you had before. So for a customer we don't touch their existing deployments. Existing systems, security systems all stays the same. No changes to that infrastructure. All we do is we pull the record out, we encrypt it, put it back in again. Job done. Didn't integrate at the endpoint device. The system runs just like it did before. All right. So there's nothing changing in the database. We don't have to. Other than going from cleartext information to individually encrypted pieces of data. All right. So we're here at the RSA show. There's RSA conference I need to say 25,000 people. There's CISOs and stuff. If you had a message that you wanted to tell everyone about this, this sort of data in use encryption paradigm, what would you what would you say. If you finally want to solve the threat of a data breach? More importantly, you want to be able to detect in real time that insider attack, those loss of credentials. We now, with this granularity, can control access to data down to a single field. You don't have to increase your attack surface and you use everything you've got, all your investments you have today. You get that with the most secured solution. Right. And there's no vulnerable database records out there. Right. Right. Right. Even if you share them, they you still retain control of them. So you embed it into reports. You share those reports. You're sharing encrypted data, right. And this doesn't have to be the whole record. This is field by field. If we want. To, you can make a choice and you can mix and match. You can keep some in the clear. You can protect what you want. The most important personal information, personal health information, those fields you want to protect with its own dedicated keys. That's really cool. So if we're here at Rsac, um, and there are people who might want to dig a little deeper into that, uh, start to maybe understand what we're talking about here, because it's a big shift in paradigm, if you think about it. Uh, where would you have them start their kind of research into adding this, uh, data? Uh, data and database encryption, I guess. Yeah. No, it's, uh, we call it data. Data defined security. Um, you know, we can be reached off. You know, we have our website. It's Cy4Data. Labs.com. That's a place to start. And we can show demonstrations. We have sales folks, uh, in various different channels as well, across the United States. And, um, we can start to do the introductions in the demos so that they can take a look at it. They can try it. We can do sample deployments in POCs And as they go and they learn the fact that they don't change their workflows, the user experience flows, they start to get comfortable with it, and they try it out. And it's a matter of days to get this thing turned on. I know we didn't talk about any verticals, but I know a few that could probably use this in spades right now. We're having some really good success in the financial side. We're also having success on the insurance side. Um, there's there's, you know, a lot of personal information and information that they, you know, people want to retain control of. Very important, the health services we're just now getting into in public sector. We're also very active in. All right. All right. That's pretty cool. Thank you so much, Lance, for. Thank you so much. All right. Take care if you're interested in that data encryption, not just at rest or in flight but in in use in use except when you're actually getting it to the end user. Uh, check out Cy4Data labs. Take care.
