....with Tom Patterson
Unisys’s Tom Patterson discusses his career as well as his latest work with Unisys Tom Patterson is Unisys’s Chief Trust Officer and Vice President of their Global Security business. He brings more than 30 years of leading-edge security experience, expertise, and innovation to Unisys, helping commercial and public sector clients tackle some of their most complex security challenges. Like many of today’s leaders in the cyber security industry, Patterson started his career working for the U.S. Government before venturing into the private sector where he’s since worked as a CSO (MCC), big-four partner (Deloitte), chief eCommerce strategist (IBM), and a founder of a tech start-up, backed by the Carlyle Group. Tom has also lectured on security at the Wharton School and Cal Poly, frequently giving keynotes at corporate and government events on security matters. The common thread to Tom’s diverse security career is building trust. With his TOP SECRET government clearance, Tom also works on a pro bono basis with Congress, Federal law enforcement and the intelligence and counterintelligence communities, and has contributed to Presidential Executive Orders. Nowadays, Patterson leads Global Security Solutions at Unisys, where he has helped defend many of the world’s biggest businesses, leading both technical teams in threat intelligence and threat response, as well as consulting at the strategic board/executive level, where appropriate governance is necessary to help the business address the threats of hacking, data-loss and cybercrime. Patterson’s primary focus within Unisys is to help the company bring better products to market, since he firmly believes that, “security will either make or break technology.” Patterson is regarded by many as a cyber security leader, and is regularly invited to consult with C-level executives. When asked what the primary issue he sees in the market, Patterson said, “It’s really hard for companies to know who to trust, since the industry is full of vendors selling the next must-have security products.” Patterson says that his outlook has always been to act in his customers’ best interests, becoming a trusted advisor that the executives can be assured he’s working in their best interests, helping ensure their strategic security direction is cogent and based on real risk reduction. Importantly, investment decisions need to be made on more than mere, “vendor brochure-ware,” so transparency and advocacy are the two pillars of his organisation’s approach and ethos, which Patterson believes are critical in helping them become the trusted
6 | Australian Security Magazine
advisor that executives need. The latest evolution in technology, where everything-as-a-service has shifted focus to the cloud has truly excited Patterson. Unisys has worked closely with Microsoft to help add Unisys Stealth (cloud)™ to the Microsoft Azure platform. Stealth layers additional security countermeasures into the Microsoft Azure cloud platform, helping to unify security management for anyone that wants to shift their line of business solutions into the cloud. Patterson said, “As enterprises shift from data centres to the cloud, security and efficiency are the keys to success. Unisys is pleased to add interoperability with Azure to our Stealth offerings, giving enterprises unparalleled security, greater controls, and lower costs with increased operational efficiency when working with Azure.” Unisys’s Stealth technology actually provides security to both data and applications within Azure, using a clever identity-driven encryption service to deliver its so-called “microsegmentation”. This is a new approach to network security architecture, allowing the division of physical networks into thousands of logical micro-segments. The philosophy is that even if attackers manage to take over one micro-segment within the enterprise, they would not be able to move across to other networks. This effectively takes the old network segmentation principle that security architects have been using for decades to a whole new level, where segments are as small as
single endpoints. In addition, enterprises can extend infrastructure they manage in their own data centres to Azure using the XDC (extended data centre) capability of Stealth. This automates the shifting of secure workloads from local data centres into Azure, which offers a real cost saving to service providers. Patterson is confident that Stealth can remove many of the roadblocks that are in the way of enterprises making the transition to cloud. It allows organisations to extend protection from their data centres to Azure on demand, providing end-to-end encryption from local workstations, servers or virtual machines to virtual machines in Azure. The underlying encryption technology Stealth is built upon means that unprotected Azure VMs are undetectable to unauthorised users.