Jude Pereira, MD, Nanjgel Solutions, says building a robust security strategy comes down to people, processes and technology.
Recent ransomware attacks such as WannaCry and NotPetya have further emphasised the need for resilient security measures within organisations. At the same time, it is not enough to simply have these solutions and procedures in place.
Nanjgel Solutions’ managing director Jude Pereira says it is imperative to ensure that the different security solutions also “talk to each other.”
He explains, “An organisation must have security from each aspect – network, data, application and user – in sync with each other and sharing information. This is not happening in today’s business environment. It is always about people, processes and technology when it comes to a sound security strategy.”
According to Pereira, despite deploying the best of firewalls, malware and endpoint security platforms, if all the components are not in sync, then the overall security strategy will definitely have loopholes, allowing adversaries to enter a firm’s network.
“The second most important aspect for a robust security strategy is having complete visibility across the entire network. Once you have visibility, you can begin to place in controls and have management,” he says.
He adds that when a cybersecurity attack takes place, every second it takes to react and respond counts.
“In such a scenario, it is not possible for a human being to be a part of the processes to help control or cease it,” he adds. “It has to be machines and technology. And that can only happen if all the technologies are talking to each other with the right policies and automation in place.”
As a security solutions provider, Nanjgel is looking to continue its focus on automation. The MD believes if an endpoint is infected then instead of pulling down the switch or network, the security information and event management (SIEM) in place should be able to automatically identify these endpoints, communicate to the NAC (Network Access Control), quarantine and fix them to finally bring them back.
Pereira says, “This is the logic that people need to understand. After this process is completed, a report will be sent to the personnel in charge, but he doesn’t have to be a part of the process.”
With all the incidents taking place on almost a regular basis in the security space, how does Nanjgel Solution help customers isolate valuable threat intelligence from the noise?
“It is quite challenging to identify what can be of real value. We need to bring it back to an incident response platform, ensure incidents are prioritised there and then reduce the false positives. If there is a system and process in place, only then can an organisation achieve comprehensive security,” he adds. “Today, security is much more than adding a firewall to your network or deploying an endpoint security management system to safeguard your assets.”
With so many security-focused vendors in the market, Nanjgel Solutions ensures it only selects the best one in terms of technologies.
“Bringing the best technology to our customers is our goal.”
The systems integrator considers two main criteria when selecting vendors – uniqueness they bring to the table and value-adds.
He adds, “There have been instances in the past where we have replaced vendors because a new firm was adding more value or bringing unique technology. We evaluate all our vendors on value proposition, effectiveness, integration capability with core components and if they can offer more analytics and better intelligence.”