By Manoj Chugh, President – Group Public Affairs and Member, Group Executive Board, Mahindra & Mahindra
The current fragile Geopolitical environment, further complicated by the Pandemic, poses grave challenges for a Nation and it’s citizens. Disturbing satellite images over the last few months from India’s Line of Actual Control with it’s neighbour have been deeply upsetting. We have started asking ourselves some very deep rooted introspective questions about the meaning of the word “friendship”. Trust but “verify” goes an old ominous Russian edict. More true now, than every before.
Whilst many aspects of War are physical- the army; armament; and equipment, the Digital World, catalysed by Globalization has opened up a new front. Digital Attacks, launched by dangerous electrons, called malware, find their way into strategic infrastructure of a Country to cause damage, death and destruction. These have the ability to disrupt every aspect of a Nations’ economy- it’s energy sector, telecommunications, vital military installations, all, at the flick of a switch. Whilst disengagement and de-escalation are possible through dialogue and diplomacy in the physical World, the imponderables in a Digital World are very different. Cyber Wars tend to be open ended and potentially endless. Nothing is visible to the naked eye, yet havoc is wreaked in our conscious presence. The impact can be so gigantic that it could cripple Countries. Defensive and Offensive Cyber Warfare capabilities need to be built by Nations.
Digital Networks which have brought the World closer, are the very same highways that are exploited to launch endless Cyber Wars, albeit surreptitiously. These Wars are conducted by Computers and the networks connecting them. These systems, triggered by State Actors, trespass important information stored in databases through disguised surveillance, while an increasing number of players successfully capture data exchanges across nations. The core idea is to capture patterns that could fuel valuable leads that give a peek into a Nations preparedness and its vulnerabilities.
Data is accumulated over time and then decoded at high speed, to extract meaningful information. Analytics and AI help in the cause. Nations defending their shores, must build the capability to capture communication patterns that may compromise national security. Today’s networks are complex- they are built under the sea, on land, in space and in the air (mobile) There are many “holes” and “crevices” through which hackers can come in. Internet of Things complicates matters further, from a Security perspective. Factories, Utilities. Connected things, all can get potentially compromised. One cannot close oneself to the World and sit in a cave.
A potential solution lies in the ability of Security Agencies to implement Real-time Cyber Situational Awareness. This enables threat discovery in real time. By harnessing the power of advanced Big Data analytics, Artificial Intelligence (AI), and Machine Learning (ML), one can reduce the risk of a breach and proactively defend against threats. Governments are looking to decipher actionable insights from the ever-increasing volume of myriad data types. From unstructured content to signal intelligence and human intelligence, a Country’s Networks are getting very complex. The ability to gather data from disparate sensors, analyse with the help of advanced visualization techniques in real time, may make the task easier. Since information comes from multiple sources, taking a Platform Approach, could ease complexity. Over time, by baselining normal trends, abnormal behaviour can be flagged off, enabling the provision of the right resources at the right time to thwart emerging threats.
From a technical perspective, the ability of the platform to acquire data from multiple sensors like satellite, IP, telecom and radio (GSM/Wi-Fi), analysing it, and providing visual analytics, in real-time, by applying advanced automation technologies including Deep Learning/Machine Learning, which in-turn is supported by a behaviour-based Rules Engine, acting on enriched metadata can deliver actionable intelligence. AI enabled Network Traffic Analysis (NTA) helps to detect abnormalities in the network, including internal breaches.
Contextual frameworks are enabled through deep packet and payload inspection, which helps unearth the protocols at play and the applications they enable. With complex cloud environments at play, scalable visibility of security incidents in an encrypted traffic environment without violating privacy and without a penalty for latency is the need of the hour. The ability to detect security risks in SSL/TLS traffic, IPSec ensure compliance and enable premium level protection.
The heartening news is that Cyber Situational Awareness is now available to Enterprises as well. After all, it is not uncommon for competitors to sneak into large Corporations as a part of an espionage plan for unethical gains.
May we all remain safe in an increasing vulnerable World!
(Disclaimer: The views expressed in this article are those of the author. They may or may not reflect the opinions or views of the author’s organisation)
Other articles by Manoj Chugh
If you have an interesting article / experience / case study to share, please get in touch with us at [email protected]