Cybercrime is on the rise, with hackers deploying increasingly sophisticated tactics to breach organisations’ business-critical systems and target their data.
For example, Gartner predicts that 45 per cent of organisations worldwide will have experienced a breach of their software supply chains by 2025, a three-fold increase from 2021. Meanwhile, the Microsoft Digital Defense Report 2023 showed that attacks targeting open-source software have grown 742 per cent on average since 2019. And 48.8 per cent of executives surveyed for a Deloitte Center for Controllership poll expect the number and size of cyber events targeting their organisations’ accounting and financial data to increase in 2023.
In this constantly evolving data security landscape, Secude has created two enterprise digital rights management (EDRM) solutions designed to enable organisations to confidently and effortlessly shield their most sensitive data.
“In the last year, we’ve seen a significant rise in targeted attacks,” says Mario Galatovic, CEO of Secude. “These attacks are not just more frequent but also more sophisticated, often designed to exploit specific vulnerabilities. The shift to remote working accelerated by the pandemic has also expanded the number of vulnerabilities for organisations, which now have to secure data across a distributed environment, adding layers of complexity.”
Secude’s flagship products, HaloCORE and HaloCAD, work by safeguarding company data the moment it is extracted from computer-aided design (CAD) and SAP-based software.
“Secude’s mission is to protect a company’s most valuable asset: its data,” says Galatovic. “We specialise in extending Microsoft Purview Information Protection (MPIP) to deliver zero-trust security to SAP and CAD data, which is crucial in sectors like manufacturing, engineering and defence. Our flagship products are testament to our commitment to innovation. They’re easy to find, purchase and access using the Microsoft Azure Marketplace. They are directly embedded into the end-user applications which creates a seamless experience where users can leverage their existing knowledge of these applications to use Secude solutions. What sets us apart is our ability to extend MPIP to critical systems.”
HaloCore works by scanning all data coming out of SAP and classifying it based on user role and authorisation levels, before protecting the data with strong encryption. Using integration with MPIP, HaloCore reads the metadata tied to the data in question and applies the appropriate security label to ensure it is only used or shared with accounts authorised by MPIP.
Meanwhile, HaloCAD extends the security provided by MPIP to the complete lifecycle of CAD documents. Engineers and industrial designers creating CAD files can apply the appropriate level of access for sharing and editing rights. These protections remain, regardless of where the file goes inside or outside the organisation.
Secude has worked with the US Department of Defense (DoD) to help an aerospace/defence engineering company comply with the Cybersecurity Maturity Model Certification (CMMC) for controlled and least privileged access to proprietary CAD designs, which comes into force for all DoD contractors in 2024. “The company was using Microsoft Azure Government Community Cloud (GCC) High, which has additional restrictions and different defaults than commercial Azure services,” explains Galatovic. “We delivered HaloCAD on GCC High to protect the company’s sensitive CAD files, which are now CMMC compliant.”
Microsoft also relies on Secude’s HaloCore to keep its own enterprise-wide SAP systems secure. In addition, Secude is a member of the Microsoft Intelligent Security Association (MISA), which enables it to use Microsoft technology to strengthen its security solutions.
“Our partnership with Microsoft enables us to offer solutions that are not just robust but also seamlessly integrated into our clients’ existing ecosystems,” says Galatovic. “Being a MISA member has provided us with direct access to the Microsoft partner marketing team and Microsoft engineering, which has enabled us to create deep hooks into the MPIP technology and integrate it seamlessly into SAP and many CAD and product lifecycle management solutions. It has also allowed us to bring joint MPIP and Secude solutions to Microsoft customers.
“Put simply, our MISA collaboration with Microsoft enables us to deliver comprehensive, cloud-based security solutions, helping organisations tackle modern cyberthreats.”
This article was originally published in the Winter 2023 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.