Authored by Ashish Thapar, Vice President & Head Cybersecurity, NTT DATA (Asia Pacific)
In an increasingly connected world evolving rapidly with the internet playing a significant role in our everyday lives through various digital platforms, our personal data (from social media to online shopping) lies at a vulnerable position that poses an increased risk to malicious intent. According to a study by PRAHAR (Public Response against Helplessness & Action for Redressal), India is projected to witness a surge in cyberattacks to a massive 1 trillion per annum by 2033, hitting 17 trillion by 2047.
Presently, cybercriminal tactics include sophisticated methods which include Ransomware as a Service (RaaS), supply chain attacks, zero-day exploits, and fileless malware. These techniques coupled with phishing and insider threats make detection and response difficult, while increasing the cyber risk across industries.
For instance, the financial services organizations struggle with protecting confidential information and being cyber-resilient, the healthcare industry faces threats of confidential patient data or ePHI (Electronic Patient Health Information) theft, while the retail industry faces threats of payment and personal data breaches, whereas the manufacturing and critical information infrastructure face a threat of disruption and sabotage of cyber-physical and operational technology systems.
To counter evolving cyberattacks, organizations need stronger vigilance, proactive defenses, and robust threat intelligence sharing, alongside educating employees on potential digital risks to safeguard systems and data.
Technological Advancements in Cybersecurity
Cybersecurity strategies have evolved over the years through advancements such as artificial intelligence (AI), machine learning (ML), and blockchain. AI enhances threat detection and analysis, while ML improves malware classification. However, these technologies introduce vulnerabilities, including risks like advanced evasive malware, prompt/data poisoning, and data privacy concerns.
AI in Security Operations Centers (SOCs)
AI is revolutionising Security Operations Centers (SOCs) and cyber-defense by shifting from reactive security measures to more proactive, automated approaches. Through AI, SOC teams can save time in resolving critical incidents and anomalies and even take automatic actions including isolating the endpoint, alerting the SOC team, and initiating a forensic investigation with the aid of its threat-intelligence databases and analysing traffic patterns to identify any known exfiltration techniques.
AI in Security Operations Centers (SOCs)
AI is revolutionising Security Operations Centers (SOCs) and cyber-defense by shifting from reactive security measures to more proactive, automated approaches.
Through AI, SOC teams can save time in resolving critical incidents and anomalies and even take automatic actions including isolating the endpoint, alerting the SOC team, and initiating a forensic investigation with the aid of its threat-intelligence databases and analysing traffic patterns to identify any known exfiltration techniques.
Importance of Threat Hunting and Partnerships in Cybersecurity
To avoid potential threats and effectively deploy an effective cyber-defense strategy, threat hunting must be properly evaluated and implemented. To x` address these threats, it is important to actively seek out potential threats rather than relying on automated systems only.
This includes partnering with key solution providers while taking measures to disrupt potential threats and ensure uninterrupted services. An example of this would be the Tokyo Olympic Gamesโ partnership with NTT DATA which helped block a massive 450 million security events during the games.
To cite an example, a leading automotive manufacturer required a Vehicle Security Operations Center (V-SOC) to safeguard its fleet against cyberattacks while meeting strict data protection requirements, including anonymization and reversibility of vehicle data.
It partnered with a global software solutions provider to develop a solution which included on-board IDS systems, runbooks for incident response, threat intelligence protocols, and a hash-based data anonymization function. Additionally, micro-services were developed to translate cryptic vehicle data into readable formats for human and SIEM systems.
The V-SOC helped enable early detection and mitigation of vehicle attacks, protecting fleets from financial and reputational damage. This cost-effective and efficient system also ensured data privacy compliance and streamlined vulnerability management.
Securing the integrity of its supply chain is and will continue to remain a critical focus for many global organizations. A global technology giant maintained the integrity of product build processes and more importantly, improve protections for their products and users by strengthening supply chain security for its global contracting manufacturing partners.
Another example would be a global healthcare solutions company that sought to consolidate its multiple business units into a unified, secure infrastructure while addressing operational complexities and reducing costs. It partnered with the same software solutions provider to develop a system which involved migrating to a hybrid cloud, consolidating tools with next-generation technologies like SASE, and enhancing processes to improve efficiency.
Security measures included IAM, SOC/SIEM, threat hunting, incident response, and multi-factor authentication. The outcomes included significant cost savings through SD-WAN/SASE, tool consolidation, improved security posture, enhanced incident handling, operational efficiency, and better service levels, resulting in a modernized infrastructure.
In a nutshell, to combat evolving cyber threats, organizations must adopt proactive measures, invest in advanced technologies, foster cross-sector collaboration, and prioritize resilience. These actions strengthen digital defenses, safeguard critical assets, and reduce cyber risks in an interconnected world.
๐๐ญ๐๐ฒ ๐ข๐ง๐๐จ๐ซ๐ฆ๐๐ ๐ฐ๐ข๐ญ๐ก ๐จ๐ฎ๐ซ ๐ฅ๐๐ญ๐๐ฌ๐ญ ๐ฎ๐ฉ๐๐๐ญ๐๐ฌ ๐๐ฒ ๐ฃ๐จ๐ข๐ง๐ข๐ง๐ ๐ญ๐ก๐ WhatsApp Channel now! ๐๐ฒ
๐ญ๐๐๐๐๐ ๐ถ๐๐ ๐บ๐๐๐๐๐ ๐ด๐๐ ๐๐ ๐ท๐๐๐๐ฌ ๐ Facebook, LinkedIn, Twitter, Instagram