As organizations become more data driven, they store more data in on-prem and cloud stores that employees can access from anywhere with phones, tablets and laptops. The security perimeter is much less defined, and endpoints are fungible — very little data “living” only on your phone or laptop these days. This digital transformation has flipped the traditional security model that focused on perimeter and endpoint on its head. Instead of focusing on outside in, organizations are starting to think about inside out, or a data-first security approach. Mr. Maheswaran Shamugasundaram, Country Manager, India, Varonis shares more insights on the same.
- What kind of emerging security technologies do you suggest businesses should use ?
It would be advisable for businesses to constantly identify & adopt emerging technologies so as to strengthen their cybersecurity infrastructure. This is recommended because no single cybersecurity is foolproof in the face of evolving threats.
Here are a few emerging cybersecurity technologies that businesses could consider adopting :
AI & Deep Learning: AI is a part of the two-factor authentication process in which a user’s identity is confirmed using 2-3 parameters. The parameters are based on the information about these users, something they know, are and have. Furthermore, AI tools can be utilized to detect and respond to potential threats.
Behavioural Analytics: Unlike firewalls and anti-virus software, User Behavior Analytics or UBA keeps track of user activity including apps launched, network activity, and, most critically, details pertaining to files accessed including the users, time of use and frequency of use. This type of technology searches for patterns of usage that indicate unusual or anomalous behavior — regardless of whether the activities are coming from a hacker, insider, or even malware or other processes. While UBA won’t prevent hackers or insiders from getting into your system, it can quickly spot their work and minimize damage. This technology can also be used to fine-tune AI based tools in the threat detection process.
Embedded Hardware Authentication:. Embedded authenticators help verify the user’s identity beyond the functionalities of the pin and password. Embedded secure chips can be used to enhance device protection throughout its lifecycle.
Blockchain Cybersecurity: The blockchain technology works on the principle of identification of two transacting parties. Every member is responsible for verifying the authenticity of the data and therefore blockchain technology along with AI is used to build a robust verification system.
Zero Trust Model: Systems operating under a Zero Trust framework curtail the blast radius of cybersecurity attacks by operating on the principle of continuous authentication and verification for stakeholders both internal and external.
2. Can you tell us about the new trends that you are witnessing in the cybersecurity industry?
The previous year saw many disruptions in the world of cybersecurity, primarily because of the remote working regimen and rapid cloud adoption. Following are some news trends that we are witnessing in the cybersecurity space:
- Cybercrime has accelerated with the increase in global internet users each
- Ransomware attacks courtesy of insider activity and third party vendors have been on the rise against the backdrop of remote working.
- Companies are experiencing cyber fatigue with proactive defense against attacks gradually declining.
- IoT devices are becoming more vulnerable to cyberattacks with increased 5G connectivity. Vulnerabilities to mobile devices/handheld devices are also expected to follow suit.
- Data-first security approaches, AI-based tools and the Zero Trust Model are expected to be the leading cybersecurity solutions in the near future
- Cryptocurrencies will be subject to heftier regulation as their adoption grows
- Social media organizations will work in a stricter fashion to oversee the sharing of information.
- The cybersecurity industry is currently facing a skills gap as well as limitations in hiring and retention.
- Some of the most in-demand skills for 2022 are network security, cloud security, security operations, application security and penetration testing.
3. You focus a great deal on protecting data and having an inside-out approach. What do you mean by that and how is this approach helpful?
Traditionally, organizations have taken an outside-in approach to protect themselves from threats. Insider threats have become equally harmful within the context of organizational growth. Therefore, there is a need to shift focus inwards to defend against insider risks created by internal human and process error.
In an inside-out approach, organizations prioritize protecting their data assets by identifying three things- where the important data is being stored, who has access to it, and whether it is being used correctly. This seemingly simple approach would require companies to methodically select the appropriate storage, on-premises cloud solutions or encryption protocols. That being said, these options don’t necessarily solve the data accessibility problem. The best solution would be the Zero Trust model which ensures that certain caches of data can only be accessed by those who need to use it to the extent that is required for their work. Data is one of the most important assets for any organization and has to be protected at any cost.
4. What are the different types of threat vectors that exist in today’s times?
We have established that the threat landscape has evolved with the increased business data proliferation in the pandemic years. If a comprehensive cybersecurity strategy is not implemented, organizational data could be vulnerable to multiple types of threats. The following are a few common threat vectors as per our observation :
Malware is among the oldest and most potent cybersecurity threats known to technology users. If stakeholder awareness about malwares is not strong, an organization could potentially find its confidential data and operations compromised upon.
Ransomware is a subset of malware which, when successful, can lock an organization out of its files, network, or its entire system. Attackers promise to restore functionality or access if the organization pays the “ransom” demanded.
Phishing attacks rely on communicating with an employee via what seems to be a legitimate email or text/video. The message then prompts the employee to click on a malicious link or download a malicious file. Once this is done, the payload takes over the system, successfully infiltrating the organization
Insider threats are employee, partner, or third-party-based threats that leverage their own relationship against an individual. Not all of these threats have malicious intent – some may be accidentally compromised by a hacker or can be negligent in their own security. However, some insider threats may be working for a malicious party or, in the case of a disgruntled employee, may just want to cause havoc within their organization.
Denial of Service (DoS)
DoS attacks aim to bring down a site, network, or server by overwhelming it with an amount of traffic that’s impossible to handle. This can prevent the website or server from functioning properly, or at all.
An SQL (Structured Query Language) injection attack is among the most common affecting web applications and sites. SQL injections are particularly dangerous because they can be carried out on a public-facing web page.
Most hardware and software updates are often security updates, as companies release fixes for new vulnerabilities as and when discovered by security researchers. However, some hacker organizations discover and find vulnerabilities before companies do, meaning there’s no fix. These create zero-day vulnerabilities and are extremely dangerous if the vulnerability is disclosed across hacker communication channels. This puts the affected company at risk as well as its customers using the company’s product.
5. According to you, where does India stand in terms of cyber readiness?
More than 50 per cent of the enterprises in India have significantly increased their Information and Communications Technology (ICT) budget this year compared to 2021,according to a report by GlobalData, a leading data and analytics company. The Nasscom-Data Security Council of India reports that the Indian cybersecurity services industry is estimated to generate nearly $7.6 billion in 2022. These statistics reveal that enterprises are recognizing cybersecurity as a serious priority and are beginning to invest appropriately. .
While the enterprises are gearing up, the Government is also focusing majorly on cybersecurity. The recent announcement of a proposed Data Protection Bill in line with CERT-In’s comprehensive guidelines cement the place of cybersecurity as a key national priority.
In the light of these trends, it can be observed that cyber security awareness among Government and private sector stakeholders is appropriately on the rise. AI/ML backed cybersecurity tools to enable automated threat detection and response are being explored as solutions to fortify the nation’s cybersecurity infrastructure.
6. What is Varonis USP when it comes to data security?
The Varonis platform is built to look deeply inside and around data—and then automate its protection using patented, battle-hardened Machine Learning. Varonis’s Data Security Platform can provide significant ROI through the reduced risk of a security breach, time savings when investigating alerts, improved data access provisioning, and global access remediation. We do this by providing the following benefits:
- Using machine learning to automatically identify when users have access they don’t require and discreetly removing the same .
- Collecting billions of events from the right data sources unobtrusively, and without endpoint agents, and subsequently combining and enriches them with critical metadata through the platform. It uses AI to learn behavior baselines and profiles . The tool also develops alerts based on meaningful deviations.
- Providing a clear hierarchical view of which file locations contain concentrations of sensitive and overexposed files in contrast to the conventional flat list of files. This makes it relatively easier for the entity to prioritize risk and comply with privacy laws.