Month: February 2020

By now we were all supposed to be more connected, but instead we’re getting more fragmented and siloed. ‘Likes’ in social media polarize us, where algorithms favor inflammatory content, evoke stronger reactions and keep us hooked longer. We’ve seen fragmentation when it comes to local laws, regulations and privacy. In the private sector, business schools, strategy heads and activist investors preach to divest anything that’s not a core competency but in a fragmented world, with digital giants lurking around the corner, do we need to think different? For regulations, business models, and data – which increasingly are the same thing – we can turn a fragmenting landscape into an opportunity. But analysis isn’t enough. We need synthesis and analysis to connect distributed data to the analytic supply chain – with catalogues as the connective tissue. The technology is there today but it also needs to be followed by the right processes and people. Synthesis and analysis are critical to make use of pervasive data and facilitate the evolution towards what we call ‘laying the data mosaic.’ Below is a curated subset of the top 5 trends we see being most important in the coming year, a full version of which we will publish in January 2020. Big data is just data: Next up – ‘wide data’ Big Data is a relative term, and a moving target. One way to define big data is if it’s beyond what you can achieve with your current technology. If you need to replace, or significantly invest in extra infrastructure to handle data amounts, then you have a big data challenge. With infinitely scalable cloud storage, that shortcoming is gone. It’s easier now than ever to do in-database indexing and analytics, and we have tools to make sure data can be moved to the right place. The mysticism of data is gone – consolidation and the rapid demise of Hadoop distributors in 2019 is a signal of this shift. The next focus area will be very distributed, or ‘wide data.’Data formats are becoming more varied and fragmented, and as a result different types of databases suitable for different flavors of data have more than doubled – from 162 in 2013, to 342 in 2019. Combinations of wide data ‘eat big data for breakfast’ and those companies that can achieve synthesis of these fragmented and varied data sources will gain an advantage. DataOps + Analytic: Self-service brings data agility throughout the organization Self-service analytics has been on the agenda for a long time, and has brought answers closer to the business users, enabled by ‘modern BI’ technology. That same agility hasn’t happened on the data management side – until now. ‘DataOps’ has come onto the scene as an automated, process-oriented methodology aimed at improving the quality and reducing the cycle time of data management for analytics. It focuses on continuous delivery and does this by leveraging on-demand IT resources and automating test and deployment of data. Technology like real-time data integration, change data capture (CDC) and streaming data pipelines are the enablers. Through DataOps, 80% of core data can be delivered in a systematic way to business users, with self-service data preparation as a standalone area needed in fewer situations. With DataOps on the operational side, and analytic self-service on the business user side, fluidity across the whole information value chain is achieved, connecting synthesis with analysis. Active Metadata Catalogues: The connective tissue for data and analytics Demand for data catalogues is soaring as organizations continue to struggle with finding, inventorying and synthesizing vastly distributed and diverse data assets. In 2020, we’ll see more AI infused metadata catalogues that will help shift this gargantuan task from manual and passive to active, adaptive and changing. This will be the connective tissue and governance for the agility that DataOps and self-service analytics provides. Active metadata catalogues also include information personalization, which is an essential component for relevant insights generation and tailoring content. But for this to happen, a catalogue also needs to work not just ‘inside’ one analytical tool, but incorporating the fragmented estate of tools that most organizations have.\ Data Literacy as a Service Connecting synthesis and analysis to form an inclusive system will help drive data usage, but no data and analytic technology or process in the world can function if people aren’t on board. Dropping tools on users and hoping for the best is no longer enough. A critical component for overcoming industry standard 35% analytics adoption rates is to help people become confident in reading, working with, analyzing and communicating with data. In 2020, companies expect data literacy to scale, and want to partner with vendors on this journey. This is achieved through a combined software, education and support partnership-as-a-service with outcomes in mind. The goal could be to drive adoption to 100%, helping combine DataOps with self-service analytics, or to make data part of every decision. For this to be effective, one needs to self-diagnose where the organization is and where it wants to get to, and then symbiotically work out how those outcomes can be achieved. ‘Shazaming’ Data, and Computer/ Human Interactions The effects of data analysis on vast amounts of data have now reached a tipping point, bringing us landmark achievements. We all know Shazam, the famous musical service where you can record sound and get info about the identified song. More recently, this has been expanded to more use cases such as clothes where you shop simply by analyzing a photo, and identifying plants or animals. In 2020, we’ll see more use-cases for ‘shazaming’ data in the enterprise e.g., pointing to a data source and getting telemetry such as where it comes from, who is using it, what the data quality is, and how much of data has changed today. Algorithms will help analytic systems fingerprint the data, find anomalies and insights, and suggest new data that should be analyzed with it. This will make data and analytics leaner and enable us to consume the right data at the…

Nikhil Korgaonkar Regional Director, India & SAARC, Arcserve Buoyed by a tech-savvy population, India has become a cradle for technology innovation and quick adoption. In the year 2019, disruptive technologies like artificial intelligence, machine learning and blockchain made their mark on IT; and not surprisingly, data was at the heart of everything. The 2020 will again be a year of big data. With the rise of super apps, Wi-Fi enabled services and cross-functional customer platforms, historic volumes of data can be expected across all industries. Experts have already predicted there would be around 44 trillion gigabytes (44 zettabytes) of data by 2020. If the digital universe is represented as stack of tablets it would reach moon and back 6.6 times. In 2018 IDC revised their prediction for data growth to 175ZB, equivalent to 26 stacks of tablets filled with the data from earth to the moon. Given this acceleration, cyber criminals will no doubt be ready and waiting with more sophisticated forms of ransomware to steal and damage business-critical data. They are taking a more tailored approach to get control of our digital assets, making it more critical than ever to have solutions in place that secure and protect them. Below are few predictions from Arcserve for the year 2020: Ransomware: High-end data backup protocol defeats threats IT market space India’s needs are not different from the rest of the world when it comes to cyber security. In 2019, ransomware at tacks grew at epidemic proportions, and no sector was left unscathed. Over the next year, more attackers will come up with evolved attack methods, beginning to target the backups themselves. Companies need to make more investments in more advanced threat detection and remediation software. Along with that, they should ensure companies’ data backup protocols are in line with the modern era. Businesses should also look for cyber security and disaster recovery technologies that integrate easily with one another, as it can help close security gaps that may crop up through accidentally misconfigured software. In 2020, C-level suite should make strong decisions on ransomware recovery plans and be better equipped to deal with cyber threats. Top Concerned Verticals for 2020 Government With the e-governance applications which collect the personal information of individuals, all local government offices should be equipped with the required data protection solutions to counter the continued ransomware attacks against small, municipal bodies. Healthcare There is an increasing trend of ransomware attacks on medical devices, creating some serious vulnerabilities in healthcare security. Medical equipment manufacturers are now building cheaper and more scalable devices running on different OSs. They also collect and store patient’s health records. This development greatly expands the attack surface of these specialized devices, propelling victims to pay up huge amounts to cyber criminals. Banking Banking and finance sectors are the ones carrying huge amount of customer information. This includes highly confidential account holder information, transaction details and other financial records. It’s highly essential to have the best data protection solutions to overcome devastating ransomware attacks which are capable of halting the financial processes. Major ransomware attacks will continue to rise and become crippling. We predict: One or more major airport and/ or seaport will be inoperable for a minimum 24 hours due to ransomware attack. A statistical, security and/ or analyst firm will start publishing figures on the number of people who died or were injured due to critical healthcare IT systems crippled by ransomware. Ransomware attacks will increasingly be attributed as the main cause of serious public incidents, including potentially affecting major elections in at least one country. Business continuity and disaster recovery strategies Experts say that the organization which has continuous access to its data is the one that will achieve success in business. The year 2020 will be pivotal for data management and vendors will have to more clearly explain what the true definition of data management is and whether that aligns with what they’re actually offering to their customers. Analysts define data management as a very wide and all-encompassing concept that covers data protection, cyber security, analytics, artificial intelligence, machine learning, among others. Proper data management mechanism will promote the business continuity of an organization. Cloud is here to stay and stand high Organizations will dedicate more resources to deploy cloud infrastructures successfully, standardizing a security model that works across different vendors to reduce gaps, avoid misconfigurations, and ensure critical data, workloads and applications remain resilient. Further, to match the pace at which organizations are moving to the cloud, we will likely to see the emergence of more offerings that will enable an easier and user-friendly experience. For instance, automation that eliminates manual steps in the migration process won’t disrupt or impact production systems. Disaster recovery and climate change Specific parts of India have experienced severe natural calamities such as floods in the past few years. The recent Orissa floods in 2019 damaged the IT economy of the state. These natural calamities forced the IT industry to halt their work processes, which in turn affected the revenue of respective organizations. Thus, businesses need to adjust their disaster recovery plans to better anticipate natural disasters that could halt their operations and IT services. Disaster recovery and business continuity solutions must be implemented to prevent extended downtime, data loss, or financial damages due to natural disasters. Channel partners’ contribution As the ransomware threat continues to change paths to hold organizations’ data, the channel partners and MSPs who offer combined solutions of cyber security and disaster recovery to their clients will perform well in 2020. There will be more alliances between cyber security and data protection vendors to meet the demand of the current market. It will be a critical task to select the best solutions from the available options in the market. MSPs have also found themselves as the targets for a myriad of ransomware attacks, so they must be proactive in taking this two-pronged approach to ensuring cyber resilience. Arcserve, one of the world’s most experienced providers of business continuity solutions…

Rakesh Kharwal MD, Cyberbit – India Cybersecurity, for businesses, often comes as something that holds little value. However, the global economy is expected to shed $6 trillion on an annual basis by 2021 due to wide-ranging cyberattacks and cybercrimes – as also pointed out in a report by Cybersecurity Ventures. To give a picture, this figure is more than double of what India’s GDP is at present, and $1 trillion more than what it aims to become by 2025. This must surely ring a bell. Cybersecurity’s value goes beyond mere economic losses, as it also has a far-reaching impact on its image and involves legal implications. So, let us have a look at what are going to be the major cybersecurity predictions for 2020 and what approach must businesses adopt. The Cybersecurity skill gap continues to widen drastically The global shortage for cybersecurity professionals has reached 4 million according to ISC Research, and more than 1 million of this shortage is in India alone. This will continue to be the top challenge for security leaders as organizations will face difficulty in finding quality cybersecurity professionals. Also, many studies suggest that most security professionals experience their first real-life malware attack on the job and learn about such incidents by going through what they call ‘Baptism by Fire.’ So, the remediation of an ongoing attack is usually haywire since the cybersecurity team is not able to manage such incidents effectively. Therefore, SOC analysts and incidence response teams need to be trained pre-emptively using simulation by mirroring real attacks. Otherwise, they will be unable to handle the impending threats. SOC automation & orchestration will be critical Organizations are threatened by advanced attacks from multiple threat vectors and cybersecurity teams need to respond within minutes. On top of this, they are also bombarded with too many alerts and a labyrinth of security tools. Infact, lack of automation and orchestration was observed second-biggest pain-point by SANS SOC Survey 2019 in the utilization of the full potential of cybersecurity solutions. Therefore, SOC automation and orchestration will continue to be critical for organizations. This will help build a centralized, integrated tool set to streamline the security analyst’s job and make cybersecurity professionals more efficient at monitoring and eliminating threats. The attack on Critical infrastructures continues to rise Critical infrastructure organizations such as oil and gas, nuclear power plants, water utilities, and manufacturing hubs will continue to rise as they create an integrated infrastructure based on IoT. Organizations that use critical infrastructures need to do away with the myth that IT and OT are two separate entities. With the emergence of IoT-based use cases to monitor and analyse production data, the air-gapped environment no longer exists. Most of the SCADA attacks we’re seeing today are initiated from the IT world, which can either be through spear phishing, social engineering, infected USB sticks, vulnerability related to the standard IT environment or some other source. The security leaders hence need to invest in technologies that can provide unprecedented IT and OT asset discovery and visibility to detect known and unknown OT threats and anomalies. Ransomware to become ever more threatening A study by Cybersecurity Ventures shows the towering volume of cyberattacks that companies have to face on a daily basis. According to this study, a business fell victim to a ransomware attack every 14 seconds in 2019, and by 2021, this figure is projected to become 11 seconds. Ransomwares are getting more sophisticated and can penetrate most of the conventional or sophisticated solutions such as antivirus, firewalls and even enterprise-grade endpoint detection and response (EDR). Highly targeted organizations today require military-grade protection that is reliable, and collects and analyses the across the-board data of the organization using big data, designed for air-gapped environments, and uses advanced behavioral detection. MSPs will focus on detection & response capabilities to acquire new customers Many organizations of varying shapes and sizes lack the internal security resources and expertise required to move beyond preventative security technologies. Today, they need to proactively address detection, response, and drive 24/7 monitoring. As organizations are struggling with increasing alerts and skill shortages, security information and event management (SIEM) system alone can’t meet the demands of the ever-growing threat landscape. There is a need for establishing capabilities that let organizations perform dedicated threat monitoring, detection and response capabilities through a turnkey approach. In a recent research note, Gartner highlights the fact that many MSSPs are adding MDR-type services to their portfolios. The report predicts that by 2020, 15% of organizations will be using MDR service. Managed Detection and Response (MDR) envisions creating a proficient service that combines the forces of the perimeter, as well as advanced endpoint-telemetry with SOC analysts. Prevention is better than cure. However, in cybersecurity, prevention has now become just a single aspect of comprehensive security. Today, organizations need a lot more than mere prevention, as a number of recent cyberattacks have also illustrated to us. 2020 will obviously witness a shift towards a holistic and robust cybersecurity framework that has all of its elements, including human resources, well connected, thereby ensuring that no stone is left unturned in terms of addressing the modern threats.  

AI: Separating facts from fiction While artificial intelligence (AI) is becoming a household term, it’s far from being a household reality. While machines are making huge steps forward, they are not capable of thinking or acting like humans. What they are really good at, however, is combing through a huge amount of data to provide deeper insights to help humans make informed decisions more quickly and efficiently. In 2020, we can expect machine learning to continue to make huge strides in the security sector, helping cities and law enforcement deploy their physical resources more efficiently based on predicted trends in crime. Machine learning will also be instrumental in helping automated license plate recognition (ALPR) systems become better than ever at reading characters, rejecting bad reads, recognizing a license plate’s state of origin and more. Facial recognition and privacy While some people see the deployment of facial recognition or other analytics that can identify individuals and track their movements as a powerful way to enhance efficiency and security, others see it as invasive. As we move into 2020, developers will need to work hand in hand with regulating bodies, while continuing to improve the technology to eliminate biases. Developing solutions using a privacy-by-design approach will help reduce concerns and increase protection. Physical identity management Organizations of all sizes need to control access to their spaces and facilities. However, companies that do not have the budget to invest in costly customized applications have to rely on untraceable processes that involve a lot of human interactions to grant and then revoke access to their secured spaces and facilities. Keeping track of access on an individual basis requires a great deal of time and energy from security operators, personnel, and visitors. Fortunately, in 2020, the proliferation of out-of-the-box solutions will result in more small and mid-sized organizations moving to cloud-based identity management systems that they can implement easily. These more affordable physical identity and access management (PIAM) solutions will help organizations secure their systems and facilities by effectively managing access requests based on an individual’s identity and an organization’s security policies. They can also ensure that only those individuals who have the right to access a secured area can do so by managing and automating the process. Improving data protection with blockchain While blockchain is typically associated with cryptocurrency, it’s increasingly being used in other sectors. Essentially, it’s a non-destructive way to track data changes over time. When used in security technology, blockchain can prevent tampering with video and access control evidence as well as identity management systems. Because of its capacity to track interactions with digital files, blockchain can determine if a file has been tampered with, and then provide information about where and when the tampering occurred. This is incredibly powerful when it comes to maintaining the chain of custody and ensuring that security data has not been manipulated. We’re already seeing it being used by enterprise-level, global organizations that are looking for a technology to underpin their security systems. As the benefits of blockchain become more widely recognized, others will also start using it to protect the integrity of both their operational and security data. Continued focus on cybersecurity Cybersecurity will continue to be a huge issue for the physical security industry in 2020. As companies collect more data, they’re going to have more data to protect. Today, governing bodies and responsible manufacturers are already working in partnership with academic researchers, technology experts, civil rights advocates and industry leaders to regulate the use of potentially invasive technology, and the procedures required to safeguard against data breaches. These partnerships will only strengthen in 2020. In addition to helping guide regulations, manufacturers will need to invest heavily in cybersecurity by building protections into their products by default. For all involved, the goal will be to promote security while protecting individual privacy and civil liberties. Only if done correctly, they will be able to have both at the same time.