AI, Speed Of Response Vital In Cyber Security

by Priyanka Pugaokar    Nov 08, 2016

sunil

In the wake of high profile attacks, cyber security has undoubtedly become the key priority area for IT decision makers. While the developed countries such as the USA and UK are much ahead in terms of cyber security awareness and are leveraging advanced technologies to mitigate the cyber risk, Indian enterprises still lack complete knowledge of cyber threats. To mitigate the risks, organizations need to have full situational awareness and should have visibility across the IT infrastructures. Unfortunately, such kind of visibility amongst Indian enterprises is limited to few assets, users and network segments. Disruptive technologies such as Big Data and Machine learning can be effective tools to define enterprise’s security posture and avert advanced cyber threats.

In a candid interaction with CXOToday, Sunil Gupta, President & COO, Paladion Networks, sheds light on the current cyber security landscape in India. Gupta also emphases on leveraging technologies such as Big Data, Machine learning and automation to protect enterprises from the sophisticated cyber threats. 

Which new threat variants do you observe in India that posed maximum damage to establishment in the country in 2016?

Malware and web application attacks are the two most common attack vectors seen in India in 2016. However, in most cases these are only the beachhead for the attack. We are seeing more sophisticated attacks, where the attackers use malware or web applications to make an entry and then use variety of techniques for east-west movement in the network. The two key end objective of attacks happen to be data leakage and fraudulent financial transactions.

How do you rate the cyber security preparedness of enterprises in the country?

To defend against sophisticated attacks, the first thing an organization need is full situational awareness- have visibility across the IT infrastructure in terms of assets and their configurations & vulnerabilities, users and their activities, applications and their transactions and network layout & the traffic therein. Today such kind of visibility amongst Indian enterprises is limited to few assets, users and network segments.  A big data based security solution is the need of hour for this.

The next step in defending against sophisticated attacks is to move away from pure rules and signature based attack detection and bring in machine learning and artificial intelligence to cyber security. Here again, the adoption in Indian enterprises is slow. And finally, there is a need to increase the speed of security operations- from detecting attacks early in their cycle, to faster triage and investigation and faster response. This needs automation platform for security operations which again is lacking currently.

According to you, which are the steps CIOs should consider to enhance both internal and external enterprise security operations?

In modern sophisticated attacks, it’s very difficult to classify what is insider attack and what is external attacks. Modern attacks involve machine or account takeover and then lateral traversal in the internal network. An insider threat could actually be an external attacker sitting in your internal network. CIOs  need to stop thinking security solutions as insider threat protection and external threat protection. They need to have complete situational awareness, advanced detection based on machine learning and faster response through automation to tackle the modern attacks.

What are the silent features of CyberActive SAAS? How are you positioning the solution among Indian enterprises? How do you differentiate it from the competitors? 

Our Cyberactive SaaS is built on big data analytics platform that helps enterprise gain situational awareness, advanced detection and faster response. The entire offering is provided as a service with Opex costs. It leverages the simplicity and scalability of cloud infrastructure to deliver outcomes. We are the only MSSP who has such cyber defence as a service offering combing machine learning, human intelligence, automation on a big data platform delivered through cloud. The end benefit for clients is a fast paced cyber defence service that can mitigate large and sophisticated attacks.

Apart from CyberActive SAAS, which are the other solutions you are offering to enterprises for next generation security management?

We have five main cyber defence offerings- Cyberactive SOC for active threat mitigation, Cyberactive VM for vulnerability mitigation across the full stack, Cyberactive GRC for fast paced compliance management, Cyberactive DevOps for new generation software teams, Cyberactive CloudOps for organizations moving to cloud infrastructure.  Our Cyberactive offering is based on a single premise: make your Cyber defence fast so that attacks are quickly mitigated before they can result in major losses. And all our Cyberactive offerings are delivered combining human intelligence, machine intelligence and automation through big data platforms.

How are you leveraging the Paladion Global Security Operations Center (GSOC) for growth in India?

Our GSOC is being leveraged to deploy our new Cyberactive SOC offering for active threat mitigation.  This is being offered with combined power of Human Intelligence, Artificial Intelligence and automation to answer questions and challenges of enterprises in India. This offering is the need of the hour and will replace traditional SOCs.

The year 2015 marked highest amount of DDoS attacks, whereas ransomware took the central stage in 2016. What is your cybercrime prediction for the year 2017?

Targeted and sophisticated attacks will continue to rise in 2017, which will make enterprises look for better and different solutions that leverage machine learning, analytics and automation.  Success of those attacks or impact of those attacks will be largely dependent upon the speed at which enterprises are able detect and remediate the breaches.