Human Behaviour as the cornerstone to future proof cyber security challenges

Technology is developing at a breakneck speed, Cloud and AI are the buzzwords but along with this unprecedented development the menace of cyber-attacks is also catching up. Be it critical infrastructure, complex ransomware attacks, Zero Day attacks or large state sponsored strikes, nations are grappling with the sophistication of these attacks.

Large corporations to start ups, Cyber security and data protection has become the prima facie concern of organizations. Ravi Kumar, Senior Site Reliability Engineer at Microsoft delves into the complexities of the cyber security domain, offering holistic solutions that the industry can use. Armed with a decade-long experience in identity management and threat detection, Ravi speaks about identity management in today’s hybrid work environments, the evolution of Zero Trust, and emerging trends in threat detection. Ravi has worked with some high-stakes institutions which in turn has paved the way to global exposure to complex identity and security challenges. He has worked on projects ranging from designing secure environments for financial institutions to modernizing identity frameworks for educational organizations.

The Core

“Cyber security has an interesting correlation with psychology. It is equally important to understand human behaviour as it is about setting up technical controls. There is always a human factor to be considered whether one is trying to understand threat actors or educating someone on security protocols. This is the heart of the domain which makes it complex and fascinating at the same time”, Ravi explained the overarching tenet that drives the domain.

Identity Management

While consumers are warming upto the concept of VPNs and password managers, the industry insiders have long understood the importance of scalable identity management for secure access—especially as remote work becomes the norm. Speaking about the importance of identity management and its importance in today’s hybrid work environments, Ravi Kumar said, “The traditional perimeter of an organization is dissolving by the day as workplaces range from homes to cafes or a remote city altogether so access requests have to be verified to ensure that it is from a legit employee. This is the crux of identity management. When solutions like SSO can also be breached, the urgency is even more imperative with scale”.

Zero Trust Principles

Throwing light on a vital aspect of cybersecurity Kumar opined, “As far as critical infrastructure like power grids, healthcare systems and financial institutions are involved Zero Trust is our currency. It is the gold standard solution that operates on three core principles- explicit verification, least-privilege access and going a step ahead of hackers to assume that breach could already be occurring. The industry is laying a strong emphasis on data privacy and compliance and coupled with multi-cloud architectures, these principles will be adopted by more players and other industries too”.

Numero Uno Challenge

Critical infrastructure remains vulnerable. The attacks are getting more sophisticated by the day, especially the state sponsored attacks. Healthcare, power, finance, defence sectors are highly vulnerable. Some of these systems are archaic and very difficult to modernize which make them ready targets. The expanding attack surface with people, devices, omnipresent digital connectivity and many other unique variables that individuals present can add to the woes. We must invest in employee training as much as we do in procuring products and maintenance. A resilient system depends as much on user behavior as on its technical architecture.

A lesson in Cyber Security

Kumar talks about the regulatory provisions and the ongoing cyber warfare, complex attacks across the globe, “Covid-19 exposed vulnerabilities across industries, which are now further strained by geopolitical tensions, we are still grappling with high-level security adoption. One weak link can compromise an entire network. We need to fast track security initiatives as the pace of technology advancement and law enforcement often vary. Regulatory bodies can offer a framework of best practices but this is far too much of a dynamic domain to stick to precincts. It is important to establish baseline security practices and raise public awareness but effective cybersecurity best practices have to be step ahead of compliance, adapt and act ahead of the threat-actors”.

Future Proofing

“A proactive approach to threat detection, real time detection and response is the key instead of a post incident analysis. We are moving there fast with machine learning and AI and this should help in risk mitigation, detecting vulnerabilities. Trust architecture and Identity & Access Management will step up in a big way, biometrics will play a larger role but above all employee training and upskilling will determine the health of the cyber security” Kumar signs off.