What's Cooking In The Latest Cyber Security Global Trends

DR. Makarand Sawant, Senior General Manager-IT, Deepak Fertilizers & Petrochemicals Corporation Limited | Wednesday, 10 February 2021, 10:02 IST

DR. Makarand Sawant, Senior General Manager-IT, Deepak Fertilizers & Petrochemicals Corporation Limited

Dr. Makarand Sawant is a Ph.D. in Analytics, he is a technology and business visionary with 22 years of executive and handson experience in automating multi-billion dollar enterprises. He is a Computer Science engineering graduate with MBA and a Doctorate in Management Studies, Information Technology. He has led Innovation and alignment of IT with business by driving Digital Transformation through Analytics, Process Automation, Mobility, and Cloud including leading Smart Factory, IoT and Industry 4.0 initiatives.

Extended Detection and Response (XDR) solutions are emerging that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability. XDR is cross layered detection and response. XDR collects and automatically correlates data across multiple security layers like email, endpoint, server, cloud workloads and network. So, threats can be detected faster and security analysts can improve investigation and response times.

Hardware authentication solutions can be particularly important for the Internet of Things (IoT) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it. A relatively new approach is the concept of embedded authentication hardware, which can be used to ensure that an accessory or peripheral is authentic for use with a given system. In this type of solution, the authentication hardware is located in the accessory and the software resides in the host system.

User Behaviour Analytics (UBA) solutions can trigger a red flag to system defenders by using big data analytics to identify anomalous behaviour by a user. UBA is the tracking, collecting and assessing of user data and activities using monitoring systems to automatically adjust the difficulty of authenticating users who show anomalous behaviour.

Deep Learning (DL) solutions using artificial intelligence and machine learning. Like user behaviour analytics, deep learning focuses on anomalous behaviour. Instead of looking at users, the system looks at entities. Malware detection and network intrusion detection are two such areas where deep learning has shown significant improvements over the rule-based and classic machine learning-based solutions. The DL based neural nets are now getting used in User and Entity Behaviour Analytics (UEBA). Traditionally, UEBA employs anomaly detection and machine learning algorithms which distil the security events to profile and baseline every user and network element in the enterprise IT environment. Any significant deviations from the baselines were triggered as anomalies that further raised alerts to be investigated by the security analysts. UEBA enhanced the detection of insider threats, albeit to a limited extent.

“Zero Trust (ZT) security concept for all users to be authenticated, authorized, and continuously validating security configuration and posture”

Zero Trust (ZT) security concept for all users to be authenticated, authorized, and continuously validating security configuration and posture, before being granted or keeping access to applications and data. This approach leverages advanced technologies such as multifactor authentication, Identity and Access Management (IAM), and next-generation endpoint security technology to verify the user’s identity and maintain system security.

Unified Endpoint Management (UEM) allows to remotely provision, control and secure everything from cell phones, to tablets, laptops, desktops and now, Internet of Things (IoT) devices. UEM can manage devices across a variety of platforms, theoretically, at least, making it easier to lockdown hardware and protect critical data.

UEM includes:

• Mobile Device Management (MDM)

• Mobile Application Management (MAM)

• Mobile Content Management (MCM)

• Identity & Access Management (IAM)

• Mobile Security

Threat Intelligence (TI) solutions which are strategic, tactical, technical, and operational. Threat Intelligence Platforms (TIP) are critical security tools that use global security data to help proactively identify, mitigate and remediate security threats. New and continually evolving threats are surfacing every day.

Cloud Access Security Broker (CASB) solution for securing data flowing to and from in-house IT architectures and cloud vendor environments using an organization's security policies. A CASB acts as a gatekeeper, allowing organizations to extend the reach of their security policies beyond their own infrastructure. A CASB also ensures visibility into all cloud programs, apps, files, data, and users anyone at the business is employing.

Don't Miss ( 1-5 of 25 )