What's Cooking In The Latest Cyber Security Global Trends

Dr. Makarand Sawant, Senior General Manager-IT, Deepak Fertilizers & Petrochemicals | Wednesday, 09 February 2022, 14:44 IST

Extended Detection and Response (XDR) solutions are emerging that automatically collect and correlate data from multiple security products to improve threat detection and provide an incident response capability. XDR is cross layered detection and response. XDR collects and automatically correlates data across multiple security layers like email, endpoint, server, cloud workloads and network. So, threats can be detected faster and security analysts can improve investigation and response times.

Hardware authentication solutions can be particularly important for the Internet of Things (IoT) where a network wants to ensure that the thing trying to gain access to it is something that should have access to it. A relatively new approach is the concept of embedded authentication hardware, which can be used to ensure that an accessory or peripheral is authentic for use with a given system. In this type of solution, the authentication hardware is located in the accessory and the software resides in the  host system.

"Zero Trust (ZT) security concept for all users to be authenticated, authorized, and continuously validating security configuration and posture"

User Behaviour Analytics (UBA) solutions can trigger a red flag to system defenders by using big data analytics to identify anomalous behaviour by a user. UBA is the tracking, collecting and assessing of user data and activities using monitoring systems to automatically adjust the difficulty of authenticating users who show anomalous behaviour.

Deep Learning (DL) solutions using artificial intelligence and machine learning. Like user behaviour analytics, deep learning focuses on anomalous behaviour. Instead of looking at users, the system looks at entities. Malware detection and network intrusion detection are two such areas where deep learning has shown significant improvements over the rule based and classic machine learning based solutions. The DL based neural nets are now getting used in User and Entity Behaviour Analytics (UEBA). Traditionally, UEBA employs anomaly detection and machine learning algorithms which distil the security events to profile and baseline every user and network element in the enterprise IT environment. Any significant deviations from the baselines were triggered as anomalies that further raised alerts to be investigated by the security analysts. UEBA enhanced the detection of insider threats, albeit to a limited extent.

Zero Trust (ZT) security concept for all users to be authenticated, authorized, and continuously validating security configuration and posture before being granted or keeping access to applications and data. This approach leverages advanced technologies such as multifactor authentication, Identity and Access Management(IAM) and next generation endpoint security technology to verify the user's identity and maintain system security.

Unified Endpoint Management (UEM) allows to remotely provision control and secure everything from cell phones to tablets, laptops, desktops and now Internet of Things(IoT)devices. UEM can manage devices across a variety of platforms, theoretically, at least, making it easier to lockdown hardware and protect critical data.

UEM includes:

·Mobile Device Management (MDM)
·Mobile Application Management (MAM)
·Mobile Content Management (MCM)
·Identity & Access Management (IAM)
·Mobile Security 

Threat Intelligence (TI) solutions which are strategic, tactical technical, and operational. Threat Intelligence Platforms (TIP) are critical security tools that use global security data to help proactively identify, mitigate and remediate security threats. New and continually evolving threats are surfacing every day. 

Cloud Access Security Broker (CASB) solution for securing data flowing to and from in-house IT architectures and cloud vendor environments using an organization's security policies. A CASB acts as a gatekeeper allowing organizations to extend the reach of their security policies beyond their own infrastructure. A CASB also ensures visibility into all cloud programs, apps, files data and users anyone at the business is employing.