Have always viewed Cyber Security as a chase between Cyber Threat State Actors and the Cyber Security professionals. Imagine the chase, as one amongst the two will find the vulnerabilities first and, one will be able to breach/ restrict first. To put it simply, it is all about who is ahead of the other in the race to protect vs. expose (Cyber Security). Cyber Security professionals invest a lot to remain up to date with the latest advances in their field as well the new trends that Cyber Threat State Actors follow and learn merely by shadowing the former.
As an enthusiast of Cyber Security and tracking the overall advancement in the field, 3 challenges frequently crop up, within this space:
First Challenge: A lot of data is being generated from various sources that is to be interpreted by SecOps teams to identify risks/ breaches/ threats as soon as possible. Be it tracking of devices, logins, access points, end points, duration, location etc. How to meaningfully interpret that data, which leads to enriching an entity’s security posture.
To address this, the advancement from SPLUNK SIEM (Security Information and Event Management) tool kit, comprising of Security Orchestration and Automation Response (SOAR), along with User Entity Behavior Analytics (UEBA), are truly path breaking reactive tools. Giving meaningful insights for Cyber Security teams, allowing focused and appropriate measures be taken for the trends observed.
Second Challenge: With each Cyber Security protection being added, a lot of passwords and security questions for the end user must be remembered by the users themselves. How to ensure dependence on memory retention for their passwords for each transaction reduces.
To address this, the technical advancement in the field of BioMetric security access, and products like DAON are making steady and strong progress, taking off the burden of memory retention for password off the users to a great extent. Face ID is the new password, and OTP is the new PIN.
Final Challenge: Cyber Security life cycle is so defined that; vulnerability and penetration testing happen ahead of production deployment and after deployment there are Cyber Protection tools that are trusted to prevent breaches. How, do we ‘simulate’ Security Breaches on production in real time and test the Cyber Protection tools to keep the systems fail safe with high availability.
To address this, he would really like to see something like a Chaos Monkey from NetFlix that simulates real time failures on production environment, which in turn tests the robustness of their platform. With Chaos Engineering being searched >2K% more since 2019, an off the shelf product specifically for Cyber Security doesn’t seems too far, and for good. A comprehensive platform that could generate an on purpose denial of service attack to assess application availability in the event of BOTs generated high traffic volumes towards our network; an on purpose access breach to assess how soon the system alerts and restricts the access; an on purpose phishing attack for users (not staff but end customers) to coach what not to do in future; an on purpose ransomware attack to assess how soon can we bring the accessibility to data back. Thus, implementing a safety net over the proactive and reactive controls guarding the perimeter.