Here’s how Infosys CISO mitigates risk with proactive intelligence

With accelerated digitization in the face of Covid-19, security infrastructure is transforming too. Infosys CISO highlights the need for proactive intelligence to mitigate risk.
Vaishnavi J Desai
  • Updated On Jun 4, 2020 at 08:50 AM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals
Covid-19 has given some sleepless nights to CISOs around the globe. The overnight necessity of remote work and unprotected home networks have had CISOs looking at every measure to ensure no lapse.

But courtesy technologies like artificial intelligence and machine learning which form a major part of modern security controls the industry has been able to stay afloat, believes Vishal Salvi, Chief Information Security Officer and Head-Cyber Security Practice, Infosys.

“When you look at the evolution of technology and cybersecurity tools, a lot of these technologies are embedded into the solutions. We as an industry have been using ML in a big way to be able to achieve filtering,” Salvi says. He reminds that the best example could be the email spam system.

Advt
Proactive threat intelligence

The biggest beneficiary of ML perhaps would be a proactive threat intelligence that has kept many attacks at bay.

The threat intel platform receives different feeds--both commercial and open source--from the global network. Apart from the feeds scanned on the dark web by professionals, Infosys too creates its own now. Based on cybersecurity standards, the team is able to write a language understood by the systems, to not parse them every time.

The next step, Salvi explains, would be to look at organizational context and then orchestrate the implementation of that particular indicator of compromise on that specific security control or tool so that it is end-to-end automated. This requires ML and AI logic.

Post receiving the feed, the threat intel platform will look at every security control of the organization: Firewalls, email gateways, proxy, intrusion prevention system, anti virus systems, etc. “For instance, there is a bad IP, an identified threat actor using a particular IP address to orchestrate a threat. Now you need to block the same on the firewall and proxy to not receive any communication from that IP into your network. The orchestrator will look at the bad IP, and apply the firewall and proxy rule so that it is automated.

The moment it is normalized by the threat intel platform, it gets orchestrated and applied on the various security technologies available in the organization,” explains Salvi.

Advt
Accelerated digitization is a catalyst

Salvi observes that with the growing adoption of digital technologies and increased collaboration, the vulnerabilities and threats are rising exponentially.

“The scenario existed pre-covid and holds true post the pandemic too given that the reliance on digital is that much more with home networks connected to various remote access mechanisms onto the corporate or cloud network. A significant amount of digital innovation will start happening to enable people to have experiences sitting at home,” he says.

These innovations will require a fundamental cybersecurity foundation. “Therefore, we have a much more underlined and defined need for cybersecurity budget post-covid,” he says.

While Covid-19 has accelerated digitization it is also bringing a shift towards security moving to the endpoint. “Though the shift began pre-covid, it would have taken a year or more to stabilize. Now, there is an overnight demand for the change,” says Salvi.

The secure access and secure edge phenomenon will gain momentum. With SASE, Salvi believes certain solutions to come into picture: Second factor authentication, DLP, endpoint protection platform, endpoint detection and response, remote proxy, VPN gateways.

“With mobility and agility picking up pace, we need to make sure proper security is provided. The whole network is getting distributed and decentralized. The edge will have a sensor and the intelligence will be on the cloud. So we expect there is going to be an accelerated and amplified innovation in that space,” he says.

Board involvement

With everything around us changing, security is not an exception. With new threats, there is a need for new infrastructure and changed security measures to mitigate risk. We have seen a significant increase in the number of phishing and malware attacks.

Salvi believes that the above factors need a focused cybersecurity response. The board, therefore, needs to understand the factors increasing the risk related to cybersecurity for their organisation. “The board has to ensure they are asking the right questions and enabling the right teams to mitigate the risk,” Salvi says.

  • Published On Jun 4, 2020 at 08:49 AM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App