Gone are the days when an organization could feel safe by securing the perimeter of its IT infrastructure. Now with hybrid workspace, work from anywhere, data access on any device and cloud storage, the traditional security approach no longer suffices. The security experts of organizations have started to focus on a data-first model of security. We had the opportunity to interact with Mr. Maheswaran Shamugasundaram, Country Manager – India, Varonis, who shared his insights on how organizations can keep themselves prepared against cyber-attacks and data breaches in the ever-evolving threat landscape.
Here’s the excerpt from the interaction.
Can you explain the need for a data-first security approach?
A data-first security approach involves building zero trust with data security as the foundation. Traditional cybersecurity started at the perimeter. The explosion of remote work and new access points has made the perimeter a lot harder to define and the data much more difficult to secure. Data doesn’t stay on endpoints. It’s stored on modern cloud and on-premises resources that make collaboration easier and security harder.
The potential impact of a compromised account is significant. This means that any zero-trust approach must start with the agency’s most valuable asset – its data. Therefore, it is important to focus on securing data in order to reduce the blast radius – the damage attackers can do following a breach – and leveraging machine learning to quickly identify advanced persistent threats, compromised accounts, and insider threats.
How do you see the future of automated security, and how do you mitigate risk and accelerate an organisation’s growth?
Automated security has become the need of the hour as it is nearly impossible to manually manage security and compliance in the face of evolving threats. During the pandemic, businesses, vendors and supply chains faced massive cascading disruptions. In the new normal, it is imperative that businesses identify early warning signs of risk events and act proactively to mitigate those risks before they become large-scale cybersecurity incidents. A risk management program that combines data science, automation, and artificial intelligence is key to effectively countering the evolving scale of threats. Big data and automation can be powerful catalysts for accelerating significant advances in risk management by allowing businesses to continuously monitor risk at scale, cost-effectively and efficiently.
A successful automated risk management program necessitates the following three components to mitigate risk and accelerate an organization’s growth:
- Listening Post: The listening post uses AI and automation to gather risk intelligence, validate it, analyze sentiment, and subsequently predict impact. Risk events that meet or exceed the risk criteria are automatically forwarded to the risk intelligence system.
- Risk Intelligence System: This company-wide workflow tool uses automation to determine the appropriate risk mitigation actions for each risk event. This process is initiated by analyzing the risk event forwarded by the Listening Post and subsequently taking into account the organization’s specific risk appetite, tolerances, thresholds, and scores.
- Risk Response Centre: The Risk Response Centre is the human team in charge of managing risk mitigation efforts for the most critical risk events. As automation and AI capabilities expand in the future, the risk response center’s efforts will become more focused, efficient, and effective.
It is important to note that successful risk mitigation and resilience require risk action, and advancements in automation are enabling this transformation.
How does the Zero Trust approach protect an organization during a breach?
The Zero Trust model is a framework for cloud and mobile security that asserts that no user or application should be trusted by default. Its security policy is applied on the basis of the context established by least-privileged access controls and strict user authentication rather than assumed trust. In a Zero Trust model, every request is assumed as breach regardless of where it originated from or what resources it needs access to. A zero-trust model is the most effective means to cloud security. Having said that, there is no security strategy that is perfect and data breaches cannot be avoided completely. During a breach, the zero-trust model reduces the attack surface and mitigates the severity and impact of the attack. As a result, organisations can significantly reduce the time and cost to respond and clean up after a breach.
Modern-day threat models, data breaching, and cyber espionage are getting more sophisticated daily. How can Varonis’s product and technology offerings combat these challenges?
As organizations are rapidly becoming data-driven, the security perimeter is much less defined with fungible security endpoints. Instead of focusing on outside-in, organzations are starting to think about an inside-out approach – a core competency of Varonis. Varonis has a unique approach to cybersecurity. It specialises in data security and analytics and focuses on protecting enterprise data on premises and in the cloud: sensitive files and emails; confidential customer, patient and employee data; financial records; strategic and product plans; and other intellectual property.
The Varonis Data Security Platform detects insider threats and cyberattacks by analyzing data, account activity and user behaviour. It prevents and limits incidents by locking down sensitive and stale data; and efficiently sustains a secure state with automation. The platform looks at data protection from three angles: where important data is stored, who has access to it and whether they are using it correctly.
How is Varonis different from the other security players in the market that would give organizations a robust view on how to approach security?
Varonis’ Data Security Platform can provide significant ROI by lowering the risk of a security breach, saving time when investigating alerts, improving data access provisioning, and resolving global access issues. We achieve pinpoint accuracy by going beyond regular expressions through the use of proximity matching, negative keywords, OCR, and algorithmic verification. Unlike most classification technology, Varonis uses non-content factors such as permissions to further enhance accuracy.