The “data platform” is an often-discussed topic, but it remains understudied, according to one chief executive officer.

That’s a problem because, as things stand, the enterprise will find it hard to cope with multicloud-level cyberattacks unless it fully understands how to create visibility on cross-cloud data through a data platform.

“We’ve always approached and thought about securing the cloud as a data-first problem,” said Jay Parikh (pictured), CEO of Lacework Inc. “You want to be driving faster and faster rates of innovation — the cloud provider, the cloud infrastructure, the cloud stack itself is also always adapting, always getting better … multicloud, different technologies. You’ve got different applications that are bringing in different types of services. The only way we have always felt that you can keep up with [and] potentially stay ahead of these security risks is to just drive this through collecting and processing a lot of data.”

Parikh spoke with theCUBE industry analyst John Furrier and Dave Vellante at the Supercloud 3: Security, AI and the Supercloud event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the data platform and its larger role in securing the supercloud.

The old way versus the new

While cybersecurity is a relatively new field, it’s already seen eras marked by increasing complexity as the threat landscape expands. With the multicloud at full force today and the traditional defense perimeter demolished, how can companies stay on the right side of cybersecurity history, especially given the financial and reputational stakes at play?

“I really think it’s just one of these things where [you] just go back to first principles,” Parikh said. “What are we trying to do from an innovation perspective? Know and think through how you’re going to be compromised. How are you going to be attacked in the cloud? With things like artificial intelligence, you’re generating a ton more data, and now you have all of the data that drives business value. But guess what, it’s also very attractive to people who are trying to get in and get that data to do something with it.”

Through its Polygraph Data Platform, Lacework takes on the task of collating data from different first and third-party sources and automating the threat analysis function so that companies can derive tangible security outcomes, according to Parikh.

“Where we get the data is pretty complex, but I would say there’s one broad bucket of data that we get from the cloud providers [and] native services themselves,” he explained. “We get third-party data, we get other real-time telemetry, and there’s a whole set of ever-evolving categories of data that we get and then that comes into our platform. And then from there … these are things you should go investigate because what we detect here doesn’t look like normal behavior in your infrastructure.”

The complexity is in cybersecurity keeping pace as cloud providers offer more services and companies building in the cloud continue to evolve their application stack, Parikh added.

Where AI fits in the mold

AI has a leading role in several computing areas today. For Lacework, AI is helping the company chart normal user behavior and understand the scope of its customers’ operations within their various environments.

“One of the core use cases where we apply AI and machine learning to the technology is really inside of a customer environment,” Parikh said. “Understanding, collecting all this telemetry and understanding what normal behavior is, what your employees are doing, what your machines are doing [and] what are the operational activities that are occurring in your environment. The platform itself has many more capabilities to look for not-as-obvious use cases as that — like where there are little tiptoes happening in your infrastructure, where each one of those taps would be honestly not noticeable. But when you look at 14 of these taps, you’ve been compromised.”

On the other side, attackers are also equipping themselves with AI weaponry. Companies must stay prepared for incoming attack waves wherein malicious actors use AI to fine-tune attacks to be innocuous and near undetectable, according to Parikh.

“Think about the bad attackers out there, the attackers out there use this to actually mask or to be much more sophisticated about the types of attacks that they can do,” he noted. “They can orchestrate things now with AI maybe that they had to do manually through more sophisticated training or scripts and whatnot. They can program these AI systems to explore, to discover in very innocuous, undetectable ways or very minuscule ways.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Supercloud 3: Security, AI and the Supercloud event:

Photo: SiliconANGLE