Exploring Data-First Security and Automation in Modern Cybersecurity By Maheswaran S, Country Manager - S.Asia, Varonis Systems

Exploring Data-First Security and Automation in Modern Cybersecurity

Maheswaran S, Country Manager - S.Asia, Varonis Systems | Monday, 13 November 2023, 03:18 IST

  •  No Image
Maheswaran is a seasoned Information Security professional with 23+ years' experience. Proficient in selling solutions to senior management, he excels in developing successful strategies. His expertise includes team management, security policies, and processes for diverse business domains.
In an interaction with CIOtechoutlook magazine, Maheswaran emphasizes the importance of cybersecurity basics, especially as threats evolve. He underlines the need for adaptable and future-proof security measures and highlights the significance of users and data control. His recommendations revolve around maintaining strong security hygiene, leveraging AI for threat response, and fostering a culture of cybersecurity.
What are the key elements of an “inside-out data-first security approach,” and why is it considered the need of the hour in today’s cybersecurity landscape?
Considering recent changes in the digital landscape, particularly the rapid digitization post-COVID, it is now imperative for organizations to provide access to information from anywhere and any device. This shift has expanded the attack surface, and it's essential for organizations to anticipate potential breaches. Cybercriminals are becoming increasingly organized, primarily targeting data to achieve their objectives and financial gains.
To address this, organizations should adopt an inside-out data security approach with three critical elements. Firstly, they must identify their most valuable data assets, and understand their location, acquisition, and usage. Knowing where their "crown jewels" reside is fundamental. Secondly, organizations should implement strict access controls to ensure that only authorized personnel can access sensitive information. Overexposure of data due to widespread availability can significantly increase an organization's vulnerability. Lastly, organizations need to monitor and analyze how data is used. Recognizing typical information usage patterns is vital in detecting suspicious activity, such as credential compromise or breaches, and promptly containing them. By focusing on these core elements, organizations can bolster their defenses, predict, and mitigate data breaches, and reduce their impact on operations.
How can organizations effectively transition towards an automated security framework to mitigate risks and, at the same time, accelerate their growth? What are the challenges involved in this process?
Automation is a crucial solution to the widespread cybersecurity skills shortage and to combat the emerging complex threat landscape, let's take an example of how Automation can enable organizations to achieve their security objectives efficiently by focusing on three core elements which I mentioned in my earlier response: data identification and classification, access control enforcement, and detection of suspicious activities.
Automation tools leverage AI and machine learning to develop predefined policies specific to industry verticals and geographical locations, making it easier to identify and categorize complex sensitive data. They also aid in assessing information exposure within an organization and identifying overexposure risks. By detecting and managing stale data, automation ensures that only authorized users have access to relevant information thereby reducing the attack surface around information.
Additionally, AI and machine learning are employed to track user behavior patterns, allowing organizations to detect anomalies and respond swiftly to suspicious activities. However, challenges of cybersecurity skill shortage exist, and organizations must address this by implementing training programs, standardized operating procedures, and leveraging automation to promote user awareness to create a culture of cybersecurity.
Tell us about the zero-trust model and its relevance in the context of preventing data breaches. What distinguishes it from traditional security approaches when it comes to safeguarding sensitive information?
Zero trust is now a key focus in the security world, with many professionals and organizations actively implementing or considering it. The concept revolves around the fundamental idea of not trusting anyone by default, regardless of their status or role. Instead, it promotes continuous authentication, authorization, and monitoring. Zero trust frameworks typically target four main elements: users, networks, assets, and applications, with the goal of safeguarding information and data. It's crucial for organizations to extend this approach to data, following the core principles of authentication, authorization, and constant monitoring. By doing so, they can swiftly identify and respond to any suspicious activities around data and predict breaches before they create a significant impact. Hence, it's critical for organizations to adopt a comprehensive zero trust model around data to enhance their security posture.
How are data breaches and cyber espionage becoming increasingly sophisticated? How do Industry experts tackle the evolving challenges?
The current attack landscape presents a significant challenge for cybersecurity professionals. Cybercriminals are becoming very organized and collaborating and this coupled with enormous funding makes them launch complex cyberattacks. To effectively tackle this complexity, it's important to stick to the basics and consider the three core elements of people, processes, and technology identify gaps around the same and plug controls before enforcing or implementing any strategy around cybersecurity. It's critical as a community we increased awareness and organizations and continue to leverage automation to predict if users are about to make a mistake.  Regulations enforced by industry verticals and Governments are in a way mandating organizations to enforce stringent processes and this needs to be constantly evaluated and evolved to ensure its relevant and effective. Technology plays a key role in enforcing effective controls to combat complex cyber threats. However, organizations must assess their existing cybersecurity investments for relevance and cost-effectiveness before implementing new technology controls and assess whether the technology they embrace also fits into their organization culture. With the confidence of collaborative efforts within the cybersecurity community, evolving processes, and advanced technologies, we are better prepared to face and counter these threats.
With the accelerating adoption of data protection, what steps should companies take to ensure they protect their data at its roots?
In today's digital landscape, safeguarding data is paramount. Data no longer resides within fixed boundaries but extends beyond, necessitating availability from anywhere on any device. To navigate this landscape, it's critical to start with a data security risk assessment. Understand your organization's posture and its ability to defend against sophisticated data threats. Identify gaps and prioritize mitigation based on risk. To fortify your defences, answer these three key questions: As mentioned earlier, focus on the identification of critical data, its location, acquisition, and lifecycle management. Ensure that only authorized personnel access it. Monitor data usage patterns to predict and prevent breaches. By focusing on protecting your most valuable data, your organization can significantly enhance its defences against complex threats.
What are your future outlook and goals, especially in the context of cybersecurity? Do you have any suggestions or insights for tech leaders navigating the challenges of the year?
In today's constantly evolving threat landscape, it's crucial to focus on cybersecurity basics. Breaches often occur due to neglect or inappropriate activities. Despite the complexity of attacks and technological advancements, it is imperative to focus on the fundamentals. This includes robust security hygiene, relevant policies, and timely vulnerability resolution. Security must adapt to budget constraints and future threats, using AI and other technologies. Organizations, if they wish to, can take control of Users and data by leveraging the right controls, focusing on these elements helps detect, predict, and prevent significant cyberattacks. A comprehensive, adaptable security framework is essential for effective cybersecurity.

CIO Viewpoint

From VPNs to Zero Trust: The Transition to a...

By Shankar Venkatesan, Senior IT Leader, Avalon Technologies

The Cyber Security Spar in Integrating IT and...

By Vimal Goel, CIO, HPCL-Mittal Energy

Towards Cyber Resilience: A Data-Centric...

By Puneet Gupta, Vice President & Managing Director, NetApp India/SAARC

CXO Insights

Emerging Trends, Challenges & Future Prospects...

By Sujoy Brahmachari, CIO & CISO, Rosmerta Technologies

Exploring Data-First Security and Automation in...

By Maheswaran S, Country Manager - S.Asia, Varonis Systems

Securing IT-OT Converged Infrastructure

By Saurabh Sharma, SMIEEE, FIE, CEH, Chief Manager (BIS) & CISO, Petronet LNG Ltd.