Social Engineering will be the key subject in security 2018 onwards: Asfar Khan, Kellogg
In an exclusive interaction Express Computer, Asfar Khan, Director – Information Technology, South Asia, Kellogg, describes the present scenario of digitisation and what would be the new security trends in future. Some edited excerpts…
How do you see the present scenario of digitisation in the industry?
Over the last 10 years, India has seen a major pattern of transition, primarily driven by digital initiatives across the spectrum of users – people, companies and governments, etc. India traditionally has been a brick-and-mortar marketplace. The transformation primarily started with the telecom revolution in the year 2000, followed closely by e-commerce and added to that was the thrust towards Digital India by the government. Fundamentally, this became a game changer for the economy.
Deep penetration of telecom services with access to cheap data services has led to developments that have helped in quicker implementation of projects, in a more transparent manner. Further digital effort by the government has led to the inclusion of the bottom of the pyramid of society into the formal economy through various programmes.
Cards, UPI and Aadhaar based payment solutions have resulted in less dependence on cash withdrawal, helping to generate more returns on the liquid assets in bank accounts. Earlier, a major part of liquid assets was locked into physical assets like gold, real estate which blocked capital, but with the help of digitisation, participation in equity investing and other investment opportunities has increased – Digital has now become an identity and a currency.
The rise of e-commerce has also resulted in revival of the logistics sector. Digitisation has helped users shift from the traditional source of investment to a more structured investment product portfolio. In today’s scenario, it has transformed India into a more open and participative economy.
How is cyber security the biggest concern for the companies; which are the major risks in this sector?
In 2017, we were all exposed to some of the biggest cyber threats in history, with millions of consumers and thousands of businesses affected by everything from the WannaCry attack to the Equifax and Uber data breaches. In the views of a CISO, it is very clear that cyber threats are a clear and present danger to the overall stability of a digital environment. I would flag the following risks clearly to any CISO:
- Use of worms to launch malware: We saw it in 2017, and will see it in the future; network compromise from worms will spread faster than many other methods. Every year, the calibre and sophistication of breaches reache new heights
- Cryptojacking: As the value of cryptocurrencies escalates, this will be a major area of concern. Cryptojacking is likely to occur from legitimate websites compromised to mine currency for the criminal wallet
- Increase in PowerShell based attacks: Malicious script-based attacks, specifically PowerShell-based attacks, are incredibly difficult to identify and they can easily evade antivirus engines, making it much more appealing to cyber criminals. I predict many more PowerShell attacks in the years to come
- Security software will be a target themselves: By targeting trusted programmes and software and hardware supply chain, attackers can control devices and manipulate users. Hackers will leverage and exploit security products, either directly subverting the agent on the endpoint, or intercepting and redirecting cloud traffic to achieve their means.
What are your strategies to combat such security threats?
Unfortunately, the skills of any cyber threat attacker are one step ahead of most measures we currently have. An organisation should keep the following in view for mitigating cyber threats:
- Secure networks: Wireless can be easily exploited. Wireless network penetration tests can help you spot the cracks in your network
- Train your people: Cyber security is everyone’s responsibility; traditional cyber security awareness measures can be greatly enhanced by implementing a security programme that creates a total culture change and tackles employee behaviour. Training employees in basic security practices – such as how to recognise potential threats and what precautions to take – is a must
- Keep software updated: Up-to-date software will help you guard against the latest threats and keep your infrastructure secure. Pay attention to any notifications about updates to your operating systems or antivirus software
- Control access: Administrative access to your systems should only be granted on a need-to-know basis. Keep sensitive data – such as payroll – out of the hands of anyone who doesn’t need it to do their job
- Backup data: Businesses can lose data as well as money in a cyber attack. Conducting regular backups will make sure you can still access your data in the event of a breach or event
- Trust but verify: Keep an eye on remote users. Implementing live monitoring and session recording can facilitate the identification of unauthorised activity. It can also help to confirm that remote users access only those systems they are authorised to see.
In terms of security, what are the major developments, you think, happened in 2018?
For 2018 and onwards, Social Engineering will be the key subject in security, simply because a large number of security incidences are caused by errors that people make which means that the science to control these errors will take prominence. Specialised outsourcing of security services will see a boom. This is also driven by the challenge that individually organisations may not be able to meet the faster pace of growth of cyber security; so specialists and pooling of resources will be critical. Security tools and automation will be buzz words.
What kind of technologies / solutions do you use to prevent theft or leakage of information from insiders?
Initially, all organisations need to clearly identify and classify data. Thus, it is critical to understand what is sensitive and what is not, where is it stored, who all have access and then create policies that determine which employees can come into contact with this data, and how they can use it. The biggest risk is the accidental insider threat. IT teams must audit users based on the risk they pose – network administrators and employees in critical departments pose a higher risk than others; thus an audit control helps mitigate this exposure. Also, deploy tools such as DLP, RMS, etc to ensure that it gets harder to transmit data.
Preventing data loss or theft involves a mixture of policy-driven security solutions and employee awareness. By identifying where sensitive data resides, setting policies for handling it and implementing appropriate access controls, organisations put themselves in a strong position to defend against both internal and external threats.
How new technologies like AI can be useful in your industry?
The FMCG sector may have critical usage of AI platforms. Machine Learning (ML) platforms can provide algorithms, APIs, development and training toolkits, data, as well as computing power to design, train, and deploy market models as these mostly involve prediction or classification. Decision Management can also be influenced by inserting rules and logic used for training / maintenance. Further, Robotic Process Automation (RPA) can help to automate human action to support efficient business processes. Any activity which requires a certain amount of predictability is always in use of AI. Thus in security, AI increases efficiency and precision of the system to detect any potential threat in an organisation by reading different patterns of threats while processing voluminous data to mimic cognitive functions, which protects enterprise systems from cyber threats.
As an example, in cyber frauds such as identity and payment card thefts, AI can help by identifying threat detection, reducing response time and refining techniques to distinguish attacks that require immediate attention using algorithms, speech recognition, text analysis and fast dynamic translation, which allows one to counter cyber threats. AI technologies such as NLP, and machine learning, coupled with thousands of learning iterations, also enable chabots to combat this threat.
For security analysts, what is the approximate amount of work that will come down by using AI?
Since the essence of security is about predictability, AI would dramatically help. I estimate the impact to be over 70 per cent reduction in the amount of work. However, we should also be aware that the quantum of work itself is increasing with the amount of data being processed; and AI will also be used in cyber threats/attacks which means it may not be humans generating the threat, so the nature of the game is bound to change.
For the digitisation of business, which new technology platforms will be considered in coming time?
Predictions are best left to AI tools. My readings would be to flag the following top five investments for growth that business would do in the years ahead:
- Platforms evolve into ecosystems: Multiple platforms will be designed to integrate with a bigger and broader set of other platforms – thus, forming ecosystems
- Intelligent conversations: Interactive technology that allows customers, prospects, and partners to interact with the company in a real-time, conversational format using AI
- Internet of Things or internet-connected devices in our homes, offices, and factories, will be trending
- Data-driven growth: There is a huge amount of data flowing in digital eco-systems today; so companies will invest in incremental improvements, optimization, and data-driven growth systems and teams. Better tools for measurement will be in place to capture more data and then make informed decisions
- Digital security: As cyber security and threats evolve, it is quite natural that their defence too will evolve. There will be a need to be committed and invest in security, infrastructure and demand for advanced digital security systems and security SMEs will rise.