Cybersecurity

Enterprises must invest in threat intelligence systems to mitigate security risks

Companies have become preoccupied with their digitalization initiatives wanting to reach a bigger market and maximizing technology. However, while data security is part of the equation, it is not a priority.

The same sentiment is echoed by Gibu Kurian Mathew, VP and GM (Asia-Pacific),
Zoho Corp. ManageEngine, a company that offers network and device management to security and service desk software, is the IT management division of Zoho.

Mathew believes that companies become good targets for attacks while they undertake the progressive transformation to a digital workplace.

“Organizations should implement the appropriate best practices and comply with any required regulatory mandates,” he said. “Organizations also struggle with inventory assets. They need to know what critical assets they have that require protection because you can’t protect what you don’t know about.”

Have you read CISOs must incorporate employee training when developing security strategy?

Mathew noted that the use of software and systems that are not (or no longer) supported could make organizations vulnerable to a breach. And then there is the problem with budget allocations which is perhaps one of the challenges many CISOs or CTOs face. Companies need to realize that it is more costly to experience a data breach rather than invest in solutions to prevent them.

Mathew said, “Insider threats and social engineering exploits are common threats that prove the traditional security strategy of focusing solely on prevention tools and techniques (perimeter protection aimed at keeping outsiders out) is risky.”

Companies should invest in tools, technologies, and resources that can help detect vulnerabilities both inside their network perimeter and outside of it.

Threat intelligence systems would be a good investment for companies.

“These systems can correlate different network anomalies,” explained Mathew. “The insight provided by these systems can also be correlated with user and entity behavior analytics (UEBA). UEBA uses sophisticated machine learning technology along with an analytical approach to creating a baseline of normal activities that are specific to each user and notifies security personnel when there is a deviation from this norm.”

In online reports, employees or end-users have often become the entry point of attacks in corporate networks. Mathew said organizations should develop a good understanding of data and information flow and fine-tuning their data protection tools and practices.

Emerging technologies

Artificial intelligence (AI) is touted to become a revolutionary technology that would change how other technologies work. In the area of cybersecurity, there are still fears that cybercriminals will exploit it for their own use.

“Organisations should be aware that attackers may seek to fool AI systems,” Mathew said. “These attacks are carried out by intentionally feeding an AI system incorrect data to teach it the wrong information, which will inevitably begin to affect its behavior. This poses a threat to organizations because it increases the possibility of more sophisticated cyberattacks that bypass an organization’s AI-powered security software. Attackers may even try to influence the AI system into flagging several false positives to further confuse AI systems and the techs managing them.”

Mathew suggests that companies invest in “explainable AI,” which is the ability for the AI system to explain how it arrived at a certain conclusion and what actions it would like to carry out before actually performing them to minimize the security risks.

Mathew advised organizations to apply strong password management systems and practices to ensure cyber hygiene. The use of stronger passwords, password expiration, and multi-factor authentication are some ways to ensure higher levels of security.

“Likewise, by observing corporate data consumption patterns, it’s clear that cloud applications are extremely popular, meaning web browsers and other endpoints should also be protected as these are often used as gateways to corporate data,” he said.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.