The latest insights from your peers on the latest in Enterprise IT, straight to your inbox.
Q&A with Maninder Singh, Corporate VP & Head- Cybersecurity & GRC Services, HCL Technologies
Securing an organization against cyberattacks is one of greatest challenges companies currently face. In this interview with Maninder Singh, head of HCL Technologies’ Cybersecurity & GRC Services practice, he describes a new approach for companies to protect themselves in this hostile environment.
How has the cybersecurity threat landscape changed in the past year?
The tremendous business opportunities created by digital technologies come with major cybersecurity challenges. Technologies such as the Internet of Things give hackers potentially countless new access points to inflict damage. In organizations’ rush to leverage new technologies, many precautions have been overlooked and risks underestimated.
In the last year alone, we have seen pervasive ransomware attacks like WannaCry and Petya, as well as major breaches at organizations like Equifax, Gmail, and Uber. The number and sophistication of cyber-threats are only going to increase.
In this increasingly menacing environment, what can organizations do to protect themselves?
They need to rethink and shift their cybersecurity posture, from one involving a static set of defenses to a holistic and dynamic system that can respond to evolving threats. Increasingly, we’re seeing companies moving beyond the reliance on point products and instead building an agile, adaptable, and integrated ecosystem of technologies and processes that work together to defend and protect. Of course, they need to do this without hindering business innovation and while facing a serious shortage of people with cybersecurity expertise!
This approach has three weighted elements:
The first, comprising about 50% of a flexible, systembased approach, is operational hygiene. Today, many security monitoring teams suffer from “alert fatigue.” This makes it easy to miss important signs of a cyberattack or data breach. Organizations need to bring, first, speed to their security operations centers and second, consistency and rigor to their end-to-end cyber incident response process using advanced analytics.
The second element, which accounts for about 30% of this approach, is an awareness culture. Treating cybersecurity as if it had an on-off switch that can be activated when needed will lead to more, and more serious, data breaches. Establishing internal security measures is just as important as protecting against external threats. That means building a security culture in which all employees exercise self-discipline and caution when browsing sites, downloading files, and accessing unknown or unsure sources of email.
The remaining element is cutting edge technology – the continuous adoption of the latest cybersecurity tools while fostering innovative approaches to implementation. Only then will organizations be able to employ the holistic and dynamic system needed in today’s environment.
What advanced cybersecurity product offerings do you see in the marketplace?
The cutting-edge products reflect the change in focus from securing network perimeters to safeguarding data that is spread across systems, devices, and the cloud.
Because traditional point-in-time log-based systems can’t detect attacks that occur gradually over extended periods of time, big data analytics tools are increasingly required. We see an uptake in EDR [endpoint detection and response] and UEBA [user and entity behaviour analytics] products that help catch such attacks and then enable response and remediation actions. Use-case based advanced security analytics and orchestration are reinventing the way companies handle everything from detection to Incident response.
We are also seeing an increased demand for newer offerings in the areas of data classification, masking, and segregation—demand mainly driven by governmental regulations. Then there are the products harnessing advances in machine learning and artificial Intelligence to provide for better prediction and response capabilities.
Organizations can’t forget, though, that human intelligence is needed to qualify the alerts from these products. Highly skilled talent is needed to support these systems and turn them into valuable assets.
In this environment, what are three areas that cybersecurity teams should focus on in the coming year?
One, seek the necessary expertise to assess and ensure that your enterprise security architecture and data security are future-ready. Two, create a culture of employee awareness concerning security threats and risks. And three, comprehensively review your organization’s compliance with industry and government regulations. All of these need to be carried out, however, in the context of a dynamic and holistic cybersecurity approach.