Architecting the Secure Digital Landscape
Rishikesh Kamat, Vice President - Products & Services Global Data Centers and Cloud Infrastructure, India at NTT and Sanjay Kumar Tiwari, Information Security Architect at IIFL, speak about the evolving secure digital system:
Babu Nair: What are the insights on architecting the secure digital landscape?
Sanjay Kumar Tiwari: Around 18 months ago, when the pandemic had not come into the picture, people were sitting in their home and working comfortably. However, since this pandemic became worse, businesses and companies are more inclined towards digitization. Unlike the situation before the pandemic, companies are focusing on safeguarding 2 major aspects of their business – employees and customers. Due to the norm of social distancing, almost all sectors have adopted the work from home style in order to maintain business continuity. To ensure that people can work efficiently, various changes related to digitization have taken place. And with the increase in the usage of digital systems, threats to the data from the external attacks have also increased. Hence, the requirement of enabling the customers as well as employees become really very important in order to protect them from getting impacted. The pandemic has taught the companies to be more agile in order to ensure business continuity process. Hence, before adopting any new technology, ensuring that this new adoption is safe and threat free to the business becomes an essential activity.
What have been the most important goal post changes in the last few months?
Sanjay: There were companies that used to depend on traditional anti-virus systems in order to save their data from attacks. They initially adopted EDR solution and went in for XDR solution. However, for any company that has been using EDR, changing the system to XDR solution is a very difficult and tedious job. Due to the continuous change in the technology, organizations must adopt systems as per their requirements.
Nowadays, every organization focuses on detecting the threats of possible attacks and mitigating those attacks. However, depending on the requirement, they should adopt t he s of t methodologies. The different types of methodologies are on-premises, managed services and hybrid services. These services have been changing over a period of time.
Please share a synopsis on security setup at NTT.
Rishikesh Kamat: NTT has $11 billion of revenue with 40,000 employees worldwide and it is working with more than 31 companies. It operates in more than 57 countries. Our R&D investment is around $3.6 billion. We have 2000 plus security experts and 10 security operations centers (SOCs). In India, we have 2 shared SOCs - Mumbai and Bangalore. We have been recognized by IDC, Gartner, MSSP Alert, ISG, Crest, etc. Every year, we release Global Threat Intelligence Report. This is a firsthand report received from deep interaction with our clients and information shared by our network. The report for 2021 on global attack data gathered by us and supported operating companies for calendar year 2020 shows that 15,000 security engagements had happened with clients across 57 countries in multiple industries and we have done over 150 cybersecurity advisory assessments.
What are the new mechanisms built in order to ensure that the security systems are updated?
Sanjay: People, processes and technology - all the 3 have been important since the beginning. There are a lot of improvements on people and processes front. The awareness across the management of the organization has increased. However, as per reports, only 50% people were aware of the technology changes. Now, there is a lot of emphasis on processes. After adopting the digital landscape, people, process and technology have to be put in together for ensuring a secured workplace.
What is the process to build intelligence into the system and how are the attackers identified?
Rishikesh: When it comes to threat hunting, it is more exploratory in nature. So, one has to identify if the alarm is false or real. Now, in order to hunt the attackers, one needs to keep an eye on the logs, one has to be on toes to raise the red flag. In case a company is prone to such attacks, more intelligence needs to be built into the system so that maximum security can be provided to the data and the system. Nowadays, attacks are done with malwares, which are fileless. Hence, in order to save the data, prompt identification is needed. Threat identification is a journey that is decided by the organization and it cannot be done overnight. Lot of threat intelligence from service providers like NTT and other people help in getting these things done. So, experts of such organizations help in identifying the threats and curbing the incidents.