Security-Scape From A Global Analyst
Brian Reed, Senior Director Analyst, Gartner, was in Mumbai to attend the Gartner Security and Risk Management Summit. He talks about various aspects of security spectrum
Tell us something about your work in Gartner
I cover a number of security related topics at Gartner. I cover security strategy and also security-response. My presentation at the Mumbai Security Conference has been related to Security and response, specifically about insider threats and events related to them.
My work expands globally. I have actually been attending some regional security summits across the world – I am in Mumbai this week, last week I was at Sygney Security Summit, a few weeks ago I was at Brazil Security Summit and I’ll be in London in about 2 weeks.
Do you see any difference in the security profile across different regions of the world?
Yes, absolutely, there are some regions that are heavy in things like clouded option. However, in India, we really haven’t seen much clouded option, though it is growing; and it will increase in the next couple of years. There is a number of reasons why cloud has lagged behind in India. One of the reasons is that in India many businesses have invested heavily in the on-premise data centres in the last couple of years. Obviously, it takes a long time to work around those capital expenditures invested in a data centre. Cloud security helps in the sense that it’s not a heavy upfront cost involved in building a data centre and building a security centre of your own. It saves the money that you spend on operation over the years. If you look at some of the things that we publish, we look at areas like cloud and I think it is really far behind other security markets.
Can you elaborate on security management of businesses facing service description?
There’s the need to look away from organisations that have several hundred security controls in to basically having a few service descriptions. We also talked
about how to create value in state. Security operations can basically prove value to the businesses. There needs to be some sort of operational gains to be made and some sort of business advantage for security.
What kind of response for a security threat scenario would you recommend?
Yes, in the summit presentation I talked about the security scenario response. Basically, the businesses are very focused on what is very obvious around security. The three incidents that I talked about adding accounting for what compromised credentials, accounting for insiders’ threats and also looking at ransomware. It is different from the runoff the mill malware and requires a different solution from a malware.
Can you elaborate a little more on the insider threat?
There is a variety of insider threat personas out there. It’s not jut eternal hackers, or employees trying to steal your money. There is a number of human psychology elements that you need to take into account while building an insider threat management programme. For example, employees who may be thinking about leaving an organisation, what attributes some employees have; for example, how often they are not logging into the office network system, whether they have frequent absences or unexplained disappearances. Maybe they have a negative attitude. The elements of IT security controls that you might have, impacts the security profile. But there is also the element of human psychology like someone in the office with a negative attitude or someone posting on social media that they’re unhappy with their job.
With more and more businesses migrating to cloud across the world, what kind of security threat are going to arise and what solutions can there be for it?
I have been studying top ten projects in 2019, out of which two are directly related to cloud. As the world is moving towards more and more clouded option, there are going to be many different types of security solutions technology and different sorts of tools which will be different from the traditional on-premises security tools. For example, in that top ten security projects, we go into the reasons for some vendors who might give a cloud security product. Cloud access users who use Office 365 may have a repercussion. It’s necessary to understand how you’re Office 365 and if it’s in compliance with the security standards.
With the constant evolution of technology, there is a constant evolution of security threats assuming new forms, requiring new solutions. This requires constant investments in security solutions. How do you think this can be managed by the businesses?
Yes,we have seen that. How technology evolves and how it’s being delivered.But access to cloud and access to cloud security is a different delivery model. The data centres are very expensive, but cloud technology is really low- cost. Once you go through that initial step of migrating to cloud, there is really not much capital expenditure and you don’t need to buy any data centres.
It is being said that IoT devices, as they increase in number, are going to bring more security threats in both software and hardware. What are your thoughts about this issue?
IoT is definitely a security concern, for the reason that you mentioned. If you think about consumer IoT and business IoT, how often they are going to switch off may not be easy to decide. For example, an IoT- connected refrigerator, with food in it. The other point is the software. Many times, the IoT may be manufacturers themselves don’t really consider security element. They may have the top credentials, but in many cases their credentials may be a security risk. Sometimes there re default credentials that are not allowed to be changed, which is a big risk.
Cloud security helps in the sense that it’s not a heavy upfront cost involved in building a data centre and building a security centre of your own. It saves the money that you spend on operation over the years. If you look at some of the things that we publish, we look at areas like cloud and I think it is really far behind other security markets