ERP giant Infor has awarded a contract to Cyberbit for its Endpoint Detection and Response solution. The system is to protect the internal systems at Infor as it continues to expand. The press release is light on details of the size of the contract and who will run the Cyberbit EDR solution.
According to Stephen Thomas, VP Sales at Cyberbit: “We are excited to be working with Infor to complement their forward-thinking IT security strategy. Innovative IT organizations such as Infor are adapting this proactive detection-based strategy and I look forward to supporting their organization.”
How does Cyberbit EDR work?
Cyberbit’s EDR platform is an event driven solution that picks up data from all the endpoints on the network. That data is then analysed to detect anomalies on the network to detect malware and security attacks. When an attack is detected the entire chain of events is presented to the security team. This last step is critical. It allows a security team to track how the malware entered the enterprise and what other machines/systems it has impacted.
This is not just about detecting malware. By focusing on events, Cyberbit is also looking for unexpected behaviour patterns. These identify malicious insiders and the use of stolen security credentials.
Earlier this week Carbon Black announced its new Streaming Prevention solution. This is also an event driven security solution. The growth of these systems is being driven by the continued struggle of existing endpoint protection to deal with 0day attacks and ransomware.
Is the start of an Infor security programme?
It is an interesting question. The press release focuses on this being to protect its own in-house systems. However, if successful, this could become a much deeper arrangement. Infor could choose to integrate Cyberbit’s EDR platform into their own solutions. This would be good news for its customers and a significant boost for Cyberbit.
Infor could also make an offer for Cyberbit. Infor certainly has the growth and probably the money available to make that move. It would be a smart move for Infor especially as it continues to push into the cloud. This would allow it to offer customers a cloud-based security solution to protect their cloud-based ERP assets. It is a surprise that none of the big ERP vendors have taken this leap yet. Infor could be the first.
Cyberbit also has several Cyber Ranges around the world. This week it signed a deal with the government in Japan for a Cyber Range. This is to help train a new generation of IT Security professionals. With the Tokyo 2020 Olympics coming up the threat from cyberattacks is high. Infor could choose to setup its own Cyber Range or work with Cyberbit on creating one for its own customers. There is a growing realisation that corporate IT teams need better cybersecurity training.
There is also growing demand for Incident Response training. This is where Cyber Ranges are very effective. They can simulate an attack and give a company an opportunity to test and refine their response planning. This covers everything from locking down systems to forensic analysis of the attack and the simultaneous management response. The latter includes who to contact, how to contact and covers the C-Suite, HR and Legal teams.
This is a great deal for Cyberbit and has a real potential for both it and Infor. While Infor is talking about this to protect its own systems it could also be that it plans to use it to protect its cloud-based solutions. Infor runs this software so protecting it with the Cyberbit EDR platform makes sense. It also allows Infor to get experience of the solution potentially as a precursor to offering it as a solution for its own customers.
How far will this relationship go? Watch this space because we’ll be watching them.