A year and a half after Thales acquired data and application security company Imperva, the two technologies have been successfully integrated. The combination now provides a comprehensive view of data security, encompassing prevention, detection, and risk analysis. What started as a strategic acquisition has evolved into an integrated solution that enables companies to protect their data more quickly and effectively. We spoke about this with Steven Maas and Shailes Nanda, who were involved in the process from the Thales and Imperva sides, respectively.
In December 2023, Thales acquired Imperva, an American security company. The timing of the acquisition and integration of Imperva into the Thales offering was good. The market for data protection continues to grow, driven by stricter regulations and an increasing awareness of data risks. Thales focuses on all companies and institutions with critical data and where data security is crucial. These include financial institutions, critical infrastructure, and government organizations. More and more customers and partners are wondering what happens to their data. This question is becoming increasingly urgent as organizations collect and process more data, often spread across different environments. This is a double incentive for organizations to address the issue of data security.
Today, a year and a half later, the acquisition and integration are proving to be a success. It has grown into an integrated data protection solution that helps at a time when data is fragmented across on-premises, hybrid, and multicloud environments.
From encryption to insight
Before the acquisition, Thales primarily focused on hardware security modules (HSMs) and the encryption of data at rest, in motion, and in use. However, that was only part of the puzzle. “Thales had strong hardware security modules and data encryption solutions, but more is needed,” explains Steven Maas, Regional Sales Director Data & App Security Benelux. Imperva complements the offering with advanced data behavior analysis and real-time detection.
The difference lies in the approach. Traditional security solutions are primarily preventive. They try to stop intrusions. Imperva offers detection and analysis of data behavior on top of that. “Imperva adds detection, context, and extra intelligence,” says Sales Engineer for EMEA Channel Thales Shailes Nanda. He has been with Imperva for 14 years. “Even with good prevention, there is still a small chance that data will be stolen. The combination of prevention, detection, and analysis is therefore essential.”
Imperva’s technology provides organizations with visibility into who has access to what data, when, and how much of it is being transferred. In the event of an incident, organizations can, for example, demonstrate exactly whether only a limited number of customer records have been viewed or downloaded, rather than assuming a complete data breach has occurred.
Automatic detection of data risks
What makes Imperva unique is its ability to detect and analyze data risks automatically. The system scans all databases within an organization and automatically identifies where sensitive data is located, such as financial data or health information. It then monitors user and application behavior to detect anomalies with approximately 99 percent accuracy. For organizations, this means they get a complete overview of their data landscape, including any shadow IT systems where departments have set up their own databases.
“We can automatically detect what types of data are stored in systems. We can see how users and applications have access and, based on that, monitor what is happening,” explains Nanda. That context is crucial. Traditional security solutions can see that data is being downloaded, but they don’t understand what that data means and don’t offer automated preventive solutions.
The heart is the Data Security Fabric
The integration revolves around Imperva’s Data Security Fabric (DSF). This platform is built to protect all data types in multicloud, hybrid, and on-premises environments. The system is designed to help organizations prevent data breaches and compliance incidents by applying security controls to the data itself, rather than just the infrastructure. Imperva claims that it now protects more than 500,000 business-critical databases. Additionally, it supports over 1,500 file formats, data types, and cloud assets. It also offers complete coverage across 200 data repositories.
The approach follows the Zero Trust principle. No user or application is automatically trusted. Instead of relying on network or application security, the platform applies security controls directly to the data. Access is continuously evaluated, and machine learning algorithms detect anomalous behavior. A warning is issued in the event of potential threats. This approach helps identify issues such as data exfiltration and privilege escalation.
DSF works with both structured and unstructured data. Files are automatically classified and vulnerabilities are assessed in real time. This provides organizations with a comprehensive and up-to-date view of their data landscape.
With DSF, Thales aims to tackle a growing problem in the security world. Organizations are struggling with data distribution across different cloud platforms. Traditional security approaches fall short in this regard. The integrated platform aims to bridge this gap by providing direct control over data, in addition to prevention.
Workflow automation simplifies compliance
A key aspect of DSF is the automation of compliance processes. The platform offers ready-made templates and reports for various regulations, such as GDPR, HIPAA, NIS2, DORA, and Basel II. This should reduce manual compliance work. The software analyzes threat activity and ensures that users comply with policies. Teams and departments can also collaborate on governance issues via the platform. Thanks to automation, organizations spend less time compiling compliance reports.
The system also maintains live access to archived records that have been stored for several years. This is important for organizations that have long retention periods for their data.
Ecosystem integrations and unified visibility
Imperva can be integrated with existing security and IT ecosystems. This is done to obtain incident context and leverage additional data capabilities. DSF fully automates workflows, which can speed up decision-making processes and incident investigations. To this end, Imperva provides thousands of playbooks that can be used to orchestrate and automate security actions. This enables organizations to respond more quickly to threats.
The DSF dashboard centralizes control, automation, and insights. Users get an overview of user access, processes, and applications within a single interface. Meanwhile, machine learning detects anomalies and bad behavior and can proactively initiate certain actions.
Rapid implementation
Maas and Nanda explain that competitors sometimes need a year and a half to onboard dozens of databases. According to them, Thales can do this in a few months. For smaller projects, it’s even faster: critical databases can be connected within two weeks. Moreover, what Thales offers in combination with Imperva is a fully integrated platform, whereas competing solutions often focus on the detection or prevention of individual components.
Ultimately, the speed comes from Imperva’s out-of-the-box integrations with existing systems. “We support various databases and big data systems, as well as firewall and security solutions,” Nanda emphasizes. If no existing integration is available, it can be built relatively easily thanks to the API-based architecture.
A real-life example shared by Maas and Nando illustrates the impact. A large global computer supplier had 38 databases that they wanted to secure. A competitor had been working on this for a year and a half and had managed to implement the basics. Thales, in conjunction with the Imperva solution, successfully brought the entire environment online within six months.
Growing market for data protection
For Thales, the integration of Imperva means that the company can now offer a complete data security platform. From hardware security modules, encryption solutions for data at rest, data in motion, and data in use to real-time monitoring of data behavior—everything is under one roof. The coming period will reveal whether this integrated approach will enable Thales to achieve its desired position as a global leader in cybersecurity. The initial signs are promising: companies can implement solutions faster, gain better insight into their data risks, and respond more effectively to security incidents.