Next generation security intelligence operations Interview with Vasant Kumar: Future learning opportunities on safeguarding business and industry By Chris Cubbage Executive Editor and Jane Lo Singapore Correspondent
ne never stops learning. As in the past, there will remain future learning opportunities on safeguarding business and industry with next generation security intelligence operations. HPE’s ASEAN Information Security Day, held in Singapore, focused on the theme “Information Security – Investigate & Incident Response” and presented new ideas around Security Intelligence Operations, investigating and responding to incidents, and discovering the path of continued innovation. Vasant Kumar, Regional Customer Success Manager for the Asia Pacific region with HPE ArcSight, HPE Software reported “We are seeing an unprecedented growth in the volume of data that is being created, generated and adopted each day, versus, for example, 5-10 years ago when there were not that many mobile applications. The biggest disruptor is the variety and velocity of data – where billions of contents are shared on social media and movies are watched online, and where sensors are built into everyday consumer products.” During his presentation, titled ‘Resilience for Growth’, Vasant Kumar outlined what it means to be able to successfully and intelligently utilise and adapt this exponential growth of data. “To analyse these large data sets to detect patterns, trends and associations of malicious activities – in a shorter frame of time, and at a lower cost, means the need to build a tool to be able to store and perform contextual searches on the growing scale of data in a simple-to-use-andunderstand way. We see this simplification of process, as smart analytics, that is key to resolving and closing issues rapidly.”
52 | Malaysia & Singapore Security Magazine
The adoption of Big Data Analytics, combined with correlation analytics, is also key to defending against multistaged attacks. The data is ingested into the HPE ArcSight Data platform and event correlation and security analytics is enabled to identify and prioritise threats in real time and remediate incidents early through HPE ArcSight ESM. HPE Security’s State of Security Operations 2017 report of capabilities and maturity of cyber defense organisations highlighted some key findings, including a sharp decline in maturity for organisations that are opting out of real-time security monitoring in favour of post-event search technologies. While this is a disturbing trend, organisations that have adopted hunt team capabilities as an add-on to their existing real-time monitoring programs have seen success in rapid detection of configuration issues, previously undetected malware infections, and SWIFT attack identification. The State of Security Operations 2017 report also noted that “HPE did not observe a direct relationship between the size of the organisation and operational maturity across commercial and public sector organisations. While there are larger organisations at or near the top, an exploration of the lowest performing organisations reveals some large multinationals that have simply not prioritised security operations. The allocation of IT budget and security budget to protect revenue, privacy, critical infrastructure, market share, safety, and intellectual capital is sizable when there is much to lose. Despite access to significant resources those organisations are not more mature. Security as a competitive
Published on Aug 23, 2017
Published on Aug 23, 2017
This special introductory edition of the Malaysia & Singapore Security Magazine has been compiled from current, as well as recent articles p...