Abhijit Mahadik, director, Infra and Cyber Security, Raqmiyat, on why being cyber-resilient is not only about having latest security technologies but also about strategic partnerships and enablement.
How can technologies like artificial intelligence and machine learning help CISOs bridge gaps in security?
The last five years have really seen the adoption artificial intelligence and machine learning technologies for enterprises rise. Most of which can be attributed to advancements in computing power and the evolution of paradigms like distributed computing, Big Data and cloud computing. Machine learning is a branch of AI that refers to technologies that enable computers to learn and adapt through experience. It emulates human cognition – i.e. learning based on experience and patterns, rather than by inference (cause and effect). Today, deep learning advancements in machine learning allow machines to teach themselves how to build models for pattern recognition (rather than relying on humans to build them).
CISOs in large organisations are already beginning to use AI to bolster cybersecurity and offer more protections against sophisticated hackers. AI helps by automating complex processes for detecting attacks and reacting to breaches. These applications are becoming more and more sophisticated as AI is deployed for security.
How important is the role of security in the success of an organisation’s digital transformation?
Digital transformation involves replacing conventional business processes with digital equivalents. Just as e-mail transformed paper-based communication and websites transformed access to information, new technologies now promise similar benefits in a host of other areas.
According to a report by Gartner, digital business moves at a faster pace than traditional business, and traditional security approaches designed for maximum control will no longer work in the new era of digital innovation. The study also predicted that 60 percent of digital businesses will suffer major service failures by 2020 due to the inability of security teams to manage digital risk.
As IT and business fast-track initiatives like agile and DevOps to improve speed to market, security’s role is confined to asking questions afterwards about the knock-on impact on risk and security. The rise in data breach and vulnerability figures has led some to suggest that security-less digital transformation leaves organisations at greater risk. In all cases, security plays a critical role. The value being created by such digital transformations is so great that business leaders are willing to invest in additional security to keep the benefits of the transformation. Digital security can go beyond enhancing traditional processes and support entirely new ones. What was not possible or practical without digital security becomes easy with it. Examples include:
- Biometrics: Biometrics has already started changing the way we identify ourselves, but it is capable of more than identification. Biometrics can be used to track an individual’s movements and activities without identifying them, such as recording foot traffic through public places.
- Blockchains: While bitcoin is the highest-profile example, blockchains have potential in many areas of business. If any process requires a high degree of integrity and accountability, and public sharing of information, blockchain is likely to be able to enable or transform it.
- Smartphone-based digital identities: A mobile phone can be a proxy for a real human, thereby supplementing, supplanting, or simply enabling processes which were previously too risky. As a device that is usually in the possession of the real owner, and capable of collecting and processing security relevant information, the mobile phone is the link between a digital identity and a physical person.
How vital is the role of channel partners in ensuring that today’s organisations are equipped with the right knowledge and solutions to stay cyber-resilient in the digital era?
When choosing an enterprise security partner it is important to select one that is willing to take the time to understand your business, its customers and what it is that you are trying to achieve. Channel partnerships may have changed in recent years, but they remain as important as ever. Previously, the partner model was centred on resale, margins and collecting upfront revenue, but as the technology sector has transitioned to a more service-based industry, the partner channel has followed suit. Nowadays, it is not enough for channel partners to offer good technology, they must also provide responsiveness, flexibility and strategic enablement.
On the simplest level, partnerships allow resources to be shared between both parties, including consultancy, education and expertise, as well as more tangible resources like technology, capital and marketing materials. Effective channel partnerships have enabled businesses to generate new revenue streams, leverage powerful IT solutions and brand influence and gain access to professional business tools that may have otherwise been out of reach. On the other hand, ineffective partnerships can see businesses weighed down by bureaucracy and lacking support and open communication.