Manjesh Kumar
CHIEF SECURITY ARCHITECT
How have changing work habits impacted cybersecurity professionals?
Advances in technology are making life easier for employees than ever before. They can access information and complete work from pretty much any device, anywhere in the world now. But with this new interconnected way of working comes not only a greater risk of cyberthreat occurring, but also the impact of any cyberthreat is greater than before too. So for cybersecurity professionals, it has become key to understand how your state, processes and services interconnected with threat vectors, the capabilities of potential cyber-attackers and what might trigger a cyber-attack.
To minimise the risk of cyberattack, the first thing to do is to deploy automation that detects and prevents threats almost immediately. AI and machine learning have developed at an incredible rate in recent years and if used correctly has the potential to reduce the impact on your services should you be subjected to a malicious attack. The second thing to do is make sure you only collect and analyse the data that can help you detect cyberthreats. There is so much data available now that it can be easy to get lost in unhelpful data, potentially leading to harm from unidentified cyberthreats. With the right amount of supervised learning, AI is a powerful partner in cutting through the noise and focusing on the right data. This contributes to identifying threats far quicker than before and ultimately, eliminating them far quicker too.
There is so much data available now that it can be easy to get lost in unhelpful data, potentially leading to harm from unidentified cyberthreats.
There should be a human check somewhere in the process. They can ensure that the processes have run as expected, before giving permission to the orchestration to finish the operation. This human involvement also reduces the risk of data poisoning, a common symptom of fully machine run processes.
What opportunities and risks do automation and orchestration present in cybersecurity?
Automation and orchestration is a hot topic in cybersecurity right now. There’s no denying that when set up with consideration, automation and orchestration can help employees save huge amounts of time by not having to complete manual, repetitive tasks. Successful automation and orchestration is tightly defined and has a clear set of tasks that make up the workflow. However, having such a tightly defined set of tasks can also prove to be a threat. If a malicious actor gets to know how your automation and orchestration works, then they can get into your automation and orchestration engine, potentially causing considerable damage. To minimise this threat, which is particularly important in Critical National Infrastructure sectors, there should be a human check somewhere in the process. They can ensure that the processes have run as expected, before giving permission to the orchestration to finish the operation. This human involvement also reduces the risk of data poisoning, a common symptom of fully machine run processes.
Is AI essential for modern cybersecurity?
Cyberthreats occur so rapidly and aggressively now, that without AI they simply can’t be countered. But the danger with AI is that a lot of people think that they can set it up once and never have to worry about it again. This couldn’t be further from the truth. AI is only as good as the training and learning that it is fed. If the AI has been able to learn from robust training and is adaptive enough that it can evolve into future pattern building, then it is far more likely to prove successful in preventing cyberattacks. Alongside your training system, you should always have a fallback validation and verification process behind the scenes to make sure AI is behaving the way it should be behaving.
AI is only as good as the training and learning that it is fed. If the AI has been able to learn from robust training and is adaptive enough that it can evolve into future pattern building, then it is far more likely to prove successful in preventing cyberattacks.
Manjesh Kumar is an Executive level Technologist with over 20 years IT experience. He operates at the strategic level, whilst keeping track of the technical details. Manjesh is dedicated, thorough and understands the key business drivers, whilst providing innovative technical solutions. Manjesh has worked across a variety of programme and leading organisations in UK and overseas, across a number of industry sectors such as Insurance Services, Education, Public Sector, most recently specialising in UK Government - Defence and Security.