By Murtaza Bhatia, Director, Cybersecurity, NTT Ltd
Cybersecurity is a complex and never-ending battlefield. Technologies like generative AI and machine learning are strengthening organisations’ security posture, but cyber attackers are using the same tools to devise new threats. And, while AI is a hot topic, another concern is integrating the various parts of a security posture amid the migration to the cloud, to ensure all-round protection.
Security and the cloud
For the imminent “refresh cycle” expected in 2024 and 2025, many large organisations are gearing up for an organisation- and architecture-wide security posture overhaul, from data centers to IT infrastructure. This refresh will have a predominant focus on security, with a specific need to incorporate cloud security into overall security frameworks following the surge in cloud adoption in recent years. Now, organisations want to consolidate their cloud security measures and align them seamlessly with their on-premises security.
The importance of application security
While India faces cyberthreats similar to those facing the global community, identity issues,
ransomware attacks and endpoint compromises are of particular concern – as are application
vulnerabilities, which are a serious threat. The shift from monolithic applications to microapps and microservices has reshaped the application landscape, and the upcoming refresh cycle will prompt
organisations to rethink their application security. The challenge lies in understanding and managing the increasing number of application programming interface (API’s ) integrations, which have proliferated as applications become more decentralised – yet, many organisations have not tracked these integrations, creating security risks.
A key aspect is the integration of application security into DevSecOps environments. The focus is on real-time application protection, dynamic methods for securing applications, and embedding security logic within the application itself. Organisations are also adopting proactive measures such as attack surface management and in-house breach and attack simulations – and these services are also offered by managed service providers (MSPs). They also increasingly rely on zero trust security to continually verify individuals’ access to applications and services.
Enhanced visibility and predictive security measures
Real-time monitoring that enables proactive steps against threats is now a key component of cybersecurity. Organisations are investing in projects to enhance visibility, reduce their diagnostics time and automate security responses.
The evolution from SOC 2.0 to SOC 3.0 and even SOC 4.0 due to Machine Learning, Artificial Intelligence, and External Threat Detection also indicates a shift towards more sophisticated security operation centers with a focus on automated reporting, And, once security alerts have been issued, automated security responses can reduce organisations’ dependency on specific technology and change management skills – a common challenge affecting SOC projects.
Managed services on the rise
The skills challenge leads to the next trend: a significant shift towards managed services, with organisations opting to outsource cybersecurity functions to specialised providers. Not only do they gain access to the latest security expertise and round-the-clock monitoring and support, but MSPs can provide continually improved security based on global intelligence: if a threat emerges in London, for example, clients in India will soon be protected against it too.
When appointing an MSP, organisations in India also emphasize the importance of competitive rates, gaining cost efficiencies over the term of the engagement, and the MSP’s compliance with regulatory requirements set out for specific industries regarding outsourcing. MSPs should also deploy metrics that track the optimisation of their clients’ security operations over time. Furthermore, India’s impending Digital Personal Data Protection Act and notification requirements by CERT-In, the national agency dealing with cybersecurity incidents, are prompting organisations to focus on securing personally identifiable information (PII) more rigorously. This is another area where MSPs’ expertise can be valuable.
The AI dilemma
The full impact of AI on cybersecurity is hard to quantify because of the rapid pace of innovation in the technology. In India, organisations often prefer to evaluate and compare products before they buy, but in the fast-growing AI market, this isn’t always feasible.
AI is also both a boon and a challenge. For example, while it helps address skill requirements, it poses a unique challenge in skills development. Simpler human roles are increasingly handled by automation and AI, which creates a skills gap – raising questions about how employees can gain experience when entry-level roles are diminishing.
So, the new year is likely to bring some clarity and consolidation on the role of AI, and organisations will have to adapt accordingly. You can get a head start by partnering with an MSP like NTT DATA to take stock of your organisation’s security posture and set out a roadmap for a threat-free year.