Justin Lachesky, Director of Cyber Resilience at Redis, explains how his team approaches security in a cloud-native environment. He talks about the limits of prevention, the value of speed during an incident, and how working with Mitiga has changed how Redis prepares for and responds to threats.

‍

Featuring: Justin Lachesky
Director of Cyber Resilience, Redis

‍

Justin Lachesky:

We think about the security of the environment to have controls and preventions in place in order to keep attackers out. And as good as those preventative controls can be at helping to mitigate some of those risks, they don’t ultimately help us solve the problem of being able to respond quickly, efficiently, and effectively.

We need to be able to investigate, analyze, and understand them in order to be able to respond effectively and ultimately mitigate that risk to the business.

Brian Contos:

Hey Justin, who are you, and what do you do?

Justin Lachesky:

Yeah, my name is Justin Lachesky. I’m the Director for Cyber Resilience at Redis. Redis is primarily an in-memory database company, but it's really all about getting your data to you fast. Traditionally working in caches but also in the AI space, really pushing the speed of modern applications.

Cyber resilience for Redis is really our ability to withstand the constant pressure of today’s cyber threat landscape. As a cloud-first company—and a cloud-native company—that means being able to defend our cloud infrastructure, being able to defend our assets and resources.

The challenge we were facing when we were considering Mitiga was really two parts. One was our confidence and comfort in our preparation in terms of being ready to respond to cyber threats or incidents. And that directly fed into the second challenge, which was our confidence in our ability to respond quickly.

It might seem kind of cliché because Redis’ brand is really built around speed and being fast, but for incident response, being fast is one of the last advantages that defenders have. What we’ve seen time and time again is that the difference between a near miss, a minor event, and a catastrophe can ultimately come down to: how quickly can we identify a threat? How quickly can we understand it? And how quickly can we respond to it in order to mitigate the impact?

Brian Contos:

How did Mitiga solve these challenges?

Justin Lachesky:

It’s one thing to be able to identify or detect a threat, but it’s an entirely different thing to be able to analyze, understand, and investigate it. What we found was detecting it isn’t enough. We really had to be able to do that investigation as well.

Mitiga brings a team of experts that we’re able to leverage to help us be better prepared—people who are experts in cloud technology, cloud environments, and the threat landscape, and who know how to respond to those types of threats.

They bring a technology platform and a capability that gives us a way to quantitatively measure our preparation in terms of the data we have available, and whether or not we have what defenders and responders are going to need in order to respond to incidents or security events.

So, when you take that expertise and combine it with the technology platform, it really put us in a position to feel confident and comfortable that we had what we’d need when the time came to respond. And that we had the expertise and support of partners in order to be able to respond quickly and efficiently.

Brian Contos:

So, why are preventative controls not enough?

Justin Lachesky:

I think the prevention tools are critical technologies. We think about resilience in terms of security—how do we keep threat actors out? And I think that’s the sweet spot for preventative controls. How do we make sure things are configured the right way, that we have the right rules and policies and preventions in place to make it a really hard environment for threat actors to target?

But that’s not enough. That’s just one side of the equation.

Where we see the preventative controls come up short is: what happens when an attacker does have success, when they are able to get into an environment? Suddenly we go from “How do we keep them out?” to “How do we get them out?”

‍Brian Contos:

What outcomes have you achieved using Mitiga?

‍Justin Lachesky:

There are some of the obvious things, like reducing our mean time to respond, our mean time to contain, and remediate. And that’s really driven by having that expertise from Mitiga backing us up during response. We’re able to more quickly understand an incident.

But even beyond that, one of the outcomes we found—and really appreciate—is having the backing of a team of expert threat hunters, especially in cloud.

It provides that tangible value of threat hunting, but it also frees us up to focus on strategic initiatives. That was something we valued and saw when talking to the Mitiga team. We understood that was a capability, but I think the outcomes and the impact have been even more than what we expected.

‍Brian Contos:

Why should other organizations consider Mitiga?

Justin Lachesky:

Because of the team that backs the product. Obviously, the technology is great. The ability to quantify that level of preparation, know that the data you’re going to need is available and ready to go.

But it’s backed by a team that understands what it means to respond to threats, understands the threat landscape and the environment.

That ultimately allows an organization to be faster. It allows defenders to act more decisively, more quickly. Really bringing both of those things together in order to build that resilient organization and mitigate those threats today, as well as in the future as they continue to evolve and change.