Interview: How Unifying Your Cybersecurity Tools Improves Security Outcomes

Security teams around the world are dealing with immense pressures including rapidly changing threat landscape, changing user demands and working behaviors, talent shortages and budgetary constraints. Adding to this list is the increasing complexity and variety of cybersecurity technologies, which are often fragmented across verticals – meaning separate tools for email, firewalls, endpoint protection, identity management and more. 

For this reason, consolidation of tools and processes has become one of the ultimate goals for many security teams. Analyst firm Gartner has predicted that by 2025, 80% of enterprises will adopt a cybersecurity strategy to consolidate and unify their web, cloud, and private applications under a single vendor’s security platform.  

To discuss the importance of consolidation, the threats driving these trends and the best way for organizations to stay protected, Expert Insights spoke to Morten Kjaersgaard, CEO of Copenhagen-headquartered cybersecurity provider Heimdal Security. Our interview covers the Heimdal platform, the importance of security consolidation, and his advice for organizations to stay protected against advanced cyber-threats. 

Can you start with giving as introduction to yourself and your background?

I think my background is a little bit of an odd one! I was a mega geek when I was younger. I was very tech oriented, not a developer but a very tech-oriented background. So, I loved playing with computers and everything that came out of that. Really a Windows geek at the time!

And my background in cybersecurity was through sales. I find myself to be a very persistent salesperson, I wouldn’t say necessarily a great salesperson, but a very persistent one. Which of course, can also bring results!

 So, regarding my skill set it’s really combining that geeky background with good sales skills, which is also what I believe has driven us to having an absolutely amazing platform here at Heimdal. Because, being techie, we want to be market leading, but at the same time, of course, we want to be driving it into the market.

Can you give an overview of the Heimdal Security platform, and what sets you apart from other providers in the space?

We offer nine products in one overarching solution. We have DNS, where my firm belief is that we’re the technology market leader. Everything we have on that platform is AI driven; we don’t use traditional white and blacklist like everybody else does. Everything we do is based off AI, which allows us to predict tomorrow’s threats today. The platform is very easy to use and very easy for the customer to deploy.

Then we’ve got a patch management solution, which also includes asset management and vulnerability management. Here, I think we also have something which is, from a concept standpoint, absolutely unique in the market, because we bring the infrastructure to the customer. We deliver everything in a very secure way through a very secure system and we don’t leverage third parties in that system. It’s really cool and extremely automated. 

We also offer an AV solution, where I’ll be very honest to say it’s not our core focus, as there are so many AV solutions on the market today, but many of our customers want this to be included as part of our wider platform. It’s a great offering; the detection rates are fantastic. We also offer a ransomware-specific product which adds to any AV by scanning the disk structure, to look for changes on in structure or malware trying to modify the disk structure in a negative way. That’s an excellent bolt on for any customer. 

Then we have a privileged access management offering. For PAM, we have a desktop rights management solution, which is very unique because it integrates with the AV solution we offer, with the DNS solution we offer, and the ransomware offering we have as well. So, if you want to grant elevated rights to the desktop you can connect that to the security parameters you need as well. So, if you have an infection or somebody’s trying to connect to your computer, we can see all that telemetry coming through.

We also application control, which integrates with the privileged access management solution. Which is a great way of doing it. Of course, there is a limit to how unique you can make application control, because it’s white and blacklisting of applications. But the way it integrates with the PAM really makes it stands out, as you can contain the elevated rights of the user. 

And we will offer email security, which is also a great offering because it is integrated, it all works within the same kind of solution, the same dashboard for our customers. And on top of that you can connect to all the endpoints, servers or mobile devices, directly from the dashboard. So, you can service all of your users through the remote desktop tool we have integrated. 
And we are still talking about just 1 platform.

And then kind of overarching that, we have a service offering where we offer a SOC solution based on our own suite of XDR products. So, there we’ve got something absolutely unique. 

Clearly, we can’t be market leaders in all of those areas. But I do think that in four of them: the DNS, the ransomware, the patching, and PAM we are absolutely up there, if not the leaders in those areas. 

You mention there that for DNS, you leverage AI technologies over the traditional security paradigm of using allow/deny lists. What security benefits does this approach provide?

The best way I can really explain that is that if we look at how that actually works in real life. As an example, with our DNS solution, because it’s very easy to translate into common language, we can actually predict what websites will be malicious tomorrow. That’s pretty insane when you think about it. 

We can actually tell you which command-and-control servers will be spun up tomorrow. And we don’t need to populate the lists because we already know. So, when you query our system, it can already tell you which ones will come online tomorrow from a command-and-control standpoint, and it can protect it based on all of these parameters that we use to feed and train the system. 

And we have some very unique technology coming off the back of that as well where we can pixelate websites and I think that will also be a game changer for customers.

Who are your typical customers, and what are the main challenges that they are facing today?

Our customers range from very small to very big. They range across all verticals, which really makes Heimdal unique because you’ve got some of the players in the market addressing the very big Fortune 500 segments and some addressing the very low ranges. We address all of them, but focus on the mid-market. 

And then, of course, it also makes the challenges in some ways diversified. But at the same time, they’re very similar for all of them! Typically patch management is a hurdle. There’s the whole privileges piece, which is also a concern for customers; how do they manage rights and privileges? There are also things like compliance. Also patch management or vulnerability management.

But the biggest one that we see coming through now is probably still ransomware. 

What are the biggest challenges customers face when trying to solve these challenges? What are the roadblocks? 

Most frequently, what we hear from customers is that it’s the dispersity of the products–the fact they are not all in one place. So, you might buy a Patch Management solution for one thing, but then need a PAM solution for something else. 

Because it’s not all in one place, the tools don’t get used as frequently or even at all. The rollout tends to be very complex. And it just creates a lot of hurdles. It removes the benefit to the customer of implementing those solutions, because the obstacles in getting it implemented simply becomes too big vs the gains the customer has. 

This is an increasingly common issue we’re seeing is the difficulty teams are having in managing multiple different solutions, tracking and monitoring those. It does seem like the trend in the industry seems to be toward consolidating, away from the approach of trying to get the best possible solution to fill every niche. Would you agree with this assessment?

Yeah. In my view, you’ve really got a few options. Either you go with Microsoft, you go with Heimdal or you mix from the market. I think we had the right foresight in terms of where the market was moving. Back in 2020, we started bringing out all of these unified solutions. 

And I think it’s a really cool thing for the customer. Everything is in one place. It all works together. The more products you have with us, the more benefit you get out of your platform. And you’re right, we’re hearing exactly the same thing now in terms of where the market is. We’re seeing an increased uptake across these modules with our customers and they really like the fact that they can do everything in one place. 

What are the key benefits of consolidating security tools? Is it all about the management overhead, or does it have other benefits, like improving the end-user experience?

I think for many smaller businesses, it’s also a big part about user expierence. For the bigger businesses, typically they are so well-trained in terms of rollout that users don’t even know what’s on their device. So, for small business, absolutely yes. But for the bigger businesses, in reality, it’s a no. It is more the management overhead for the bigger businesses.

When we do have this unified suite, there is also more and more of a push for us to develop it. There’s more pressure on us to develop it continuously and make it better and better in areas that were not necessarily our focus historically, because we see bigger customers coming through and wanting to get rid of that overhead. 

I think another thing that is happening now is that things are moving so fast, there’s no way that customers can keep up. Depending on where you look data will vary, but last year 30% – 50% of all businesses had a ransomware attack. Some were detected before completion, but some attacks were completed. That means the movement of the market is so rapid that there is no way customers can keep up if they need to look in ten different places. 

Finally, what is your advice to organizations that are struggling to deal with the challenges we’ve discussed around implementing tools, ransomware, and as you say, the pace of movement in the industry? How can they improve cyber-resilience?

When companies go and look for solutions, they’ll have a range of problems. They’ll have problems like patch management, they’ll need antivirus and a firewall. These are very logical things. And I would not necessarily go with the best of the breed. I would go with the one that in the best possible manner, in the most efficient manner, solves my problem in a unified suite. 

And that, of course, sounds super subjective because that’s what we offer! But of course, there are also other offerings, you can delve into, not necessarily just being Heimdal. But the fact of the matter is, if you don’t implement just one solution, the likelihood is you just won’t end up using it. 

And I see the same in my home! If I can’t turn on all of my lights from one app, if I have to use both Phillips Hue, and IKEA, it becomes simply too cumbersome to use it, it has to be in one place. 

Learn more about Heimdal Security: https://heimdalsecurity.com