The Philippines is perhaps the perfect country to launch a business. The country is blessed with a large and growing population with an average age of less than 26 years old and a robust and thriving economy. Over the past many years, it has developed a solid educational system, a growing and thriving middle-class and it also benefits from a very large English-speaking population. It is a vibrant democracy of 110 million people and a beacon of democratic light in the Asia-Pacific region. The combination of values and virtue are manifested by its civil society and upheld by people that speak truth to power. The sheer strength in human capital of its resourceful and industrious people is a wonder to behold.
When my partners and I founded OmniSecuritas Technologies last year, we may not have realized that we were on the cusp of a great opportunity. With COVID raging in its full intensity and much of the economy struggling with various levels of lockdown, it seemed brave, if not foolhardy, to start up a new business in October of 2021. With the full support of Mr. Manuel Paolo Villar and Paul Izon Reyes, we developed a conceptual plan and set about building the framework of this new enterprise; much as you would frame a house, brick-upon-brick. The Villar Group is a paragon of Filipino entrepreneurial success, and it fully supports OmniSecuritas Technologies on its journey. Mr. Paolo Villar took a chance on the concept of OmniSecuritas as a Philippine cybersecurity start-up…and for that I am profoundly grateful.
It is said that fortune favors the brave…We were especially fortunate to connect with CYDEF of Ottawa and Montreal, Canada, and its founder Mr. Paul Hindo. Paul Hindo and I go back forty years and I have admired my ex-Black Watch comrade as he grew not only his businesses, but also his stature in the community from strength to strength. From a start in commercial real estate, Paul built a set of successful companies and partnerships and flourished as an angel investor and serial entrepreneur in many new start-up ventures.
Paul Hindo and Paolo Villar came together in late 2021 to jointly launch a strategic partnership between CYDEF of Canada and OmniSecuritas Technologies of the Philippines. This is truly a case of 1+1 =3. The technology provided by CYDEF along with the dedicated, resourceful, and committed team of cybersecurity professionals provided by the Philippines via OmniSecuritas, has resulted in a game-changing cybersecurity capability in the Philippines.
How are we changing the game, you may ask? Traditional Endpoint Detection and Response (EDR) products are based on a combination of Artificial Intelligence (AI) and Machine Learning (ML) algorithms that look for key words, patterns, behaviors and trends in command lines, scripts, and hashes to alert humans to threats. In this sense, these traditional EDRs are entirely ‘reactive’ as the system extrapolates from a set of queries to analyze what it is seeing on the endpoints. The process of alerting is entirely based on a starting set of knowledge that feeds into the AI and uses ML to progressively improve the results. When alerts are raised, the traditional EDRs seek intervention by highly paid, foreign-based, threat hunters and these are usually additional cost services beyond the scope of core EDR services. Traditional EDRs only know what they know… they do not know, nor can they learn, the unknown.
So, a traditional EDR that is purchased by a typical Filipino business has a base level of detection services provided by AI queries and a lot of scope for the EDR distributor to ‘up-sell’ additional threat-hunting services at higher cost. The local Filipino distributor will also ‘mark-up’ the core licenses supplied by the foreign EDR company by 20%-30% or more, as the traditional EDR suppliers are all based outside of the Philippines, therefore they require Value-Added Resellers – VARs or distributors to sell their products, often at a high mark-up. This additional ‘mark-up’ of the foreign company’s products and services along with the ‘up-selling’ of core, required containment and remediation services means that the local Philippine company is held hostage to a costly negotiation with foreign experts during a stressful time when malware is lurking in its system. Filipino companies are at a disadvantage when dealing with foreigners who charge a lot of money to assist with essential containment and remediation by ‘up-selling’ these critical services…it’s like having a gun to your head when you need to resolve whatever problems are uncovered by the ‘reactive’ traditional EDR.
It is a known fact that illegal actors benchmark their malware against most Anti-Viruses (AVs) and EDRs, to develop malware that is engineered to bypass these traditional layers of defense. This sophisticated malware uses techniques such as hijacking native parts of the operating system (e.g., living-off-the-land attacks) and use complex obfuscation techniques to fool algorithmic detection AI/ML and these represent anywhere from 10-20% of the malware seen today. If even 10% of malware is bypassing the firewall, AV and traditional EDRs, at a spawn rate of over 40,000+ new malwares a day, this 10% represents an awfully high level of threat that is slipping through the traditional defenses.
Contrary to this traditional EDR approach of uncovering problems using a reactive process, OmniSecuritas, using CYDEF’s Smart-Monitor innovative ‘Pro-Active’ approach and technology, baselines normal behavior and then investigates everything that is not cleared as normal. There is no need to send a set of queries and then use AI and ML to scour the activities looking for a needle in a haystack…when you know what the haystack looks like (by baselining normal endpoint behavior); the process of ‘pro-active’ threat hunting of all other activity yields results that other EDRs cannot. We find malware and illegal activities that other EDRs cannot because we look at all activities that are not defined as good, normal activities and therefore we cannot be ‘gamed’ by the bad actors and ransomware gangs. There are no AI and ML detection algorithms for the bad actors to test their malware against, since the CYDEF Smart-Monitor EDR focuses on eliminating normal behavior to allow the threat-hunters to pro-actively zero-in on suspicious activities.
In addition, OmniSecuritas has received a ‘full technology transfer’ from CYDEF…we are now fully autonomous and have developed a team of world-class Filipino threat-hunters. We will always deal transparently and directly with our customers, and we are fielding a world-class threat-hunting capability right here in the Philippines. We are homegrown and cost competitive and we are 100% Filipino-owned.
So, we are changing the game by being ‘pro-active’ and we employ Filipino threat-hunters that live here, work here and are from the community that we are pledged to protect. We do not try to ‘up-sell’ the services of highly paid foreigners as threat-hunters. Everything you need to detect, analyze, and contain threats is offered in one turnkey solution and the threat-hunting is built-in to our service offering. We are ready for the challenges ahead and we look forward to being of service to you.
Bernard Gibbs