The main advantage of MFA is that it increases organizational security by requiring users to identify themselves with more than just a username and password. While usernames and passwords are important, they are vulnerable to brute-force attacks and can be stolen by third parties. To understand how major the role of Multi-Factor authentication is in organisations, Nidhi Shail Kujur of Elets News Network (ENN) interacted with CDR Praveen Kumar, CISO, ZEE – Technology & Innovation.

According to you, how major is the role of multi-factor authentication in organisations?

In today’s world of Traditional Identity and Access Controls, MFA is viewed as a Silver Bullet. MFA reinforces the old authentication paradigm — one authentication mechanism can be breached, but the probability of compromising multiple authentication mechanisms is a rarity. Therefore, MFA is surely a very critical and effective security control system. However, in the recent past, there have been instances where MFA has also been breached. The threat actors today are constantly evolving and so should the security community.

As we all know security is inversely proportional to usability and vice versa. The more security controls, the less user-friendly a system becomes. So is the case with MFA. Users today do not want to be hassled by the regular MFA alerts for obtaining seamless access to the digital assets that are required in their day-to-day functioning. Users today want to work seamlessly across platforms using various computing devices, even when they are on the move.

The challenge faced by the security organisation of an enterprise revolves around ways to balance security with ease of use. Conditional MFA can however be tweaked to get the best of both. A mature Identity and Access Control mechanism clubbed with Zero Trust Solutions can provide an answer that elicits the best of both worlds. In addition, effective administration of Active Directory, SSO, PAM and proper governance of the Identity and Access Management system would become the most important pillars of a mature security posture.

How important have data and analytics become for organisations?

All of us would have heard of the phrase “Data is the new Oil”. Very soon the world would be witnessing Data Wars akin to the erstwhile Oil Wars. Therefore, one doesn’t need to stress the fact that data would soon become the most essential commodity to define the future of a business. Today’s digital transformations are creating zillions of TBs of Data processing and deriving insights out of the humongous data is a challenge.

Also Read | Eye on the threat landscape and role of MDR in the modern cybersecurity approach

The same is true for the InfoSec world as well. The InfoSec tools deployed in enterprises today generate huge amounts of Data (Log). These logs are very critical and need to be analysed in near real-time to ensure the security of the IT landscape. These data points would not be of much use if we do not process them to create meaningful insights. A centralised tool that can analyse the huge amount of data and bring meaningful insights and flag incidents and further do the first level of mitigation is the need of the day. Though there are various tools and technologies in this space, none really addresses the length and breadth of the problem.

Gone are those days of pure-play antivirus and firewall-based cybersecurity. Today’s security is largely dependent on Data, Analytics AI/ML. The organisations that adopt these technologies in their cybersecurity practices would be the ones that would be capable of facing the nextgen adversaries.

How can companies build successful internal analytics and AI-ML practices?

A tool is as good as the person leveraging it. The best-in-class tool may not yield the expected results if the person operating it is incapable of leveraging it. It is true in any industry and so it is in the cybersecurity world.

AI/ML has become the buzzword in today’s digital world. Due to the humongous amount of data being produced because of rapid digitisation, traditional computation techniques fail to address the problem of generating logical insights. Therefore, today, AI/ML practices are being introduced into various computational workflows, to leverage the power of data.

To build a successful AI/MP practice, especially in the cybersecurity domain, one needs to have a complete understanding of the “First Principals of cybersecurity”. Without an in-depth understanding of the InfoSec processes and procedures, developing/deploying AI/ML-based solutions may not yield the expected results. In other words, AI/ML is not a magic wand that produces magical results out of a data set. However, it is a tool, which used in the correct way, and can generate realistic and logical results — something that cannot be achieved through traditional computing technologies.

What are the significant factors impacting the security industry’s growth?

This is an era of the cybersecurity revolution (akin to the Industrial Revolution of the late 18th Century). A decade back, cybersecurity practices were traditional in nature, limited to antivirus, firewalls and a bit of network security. Cybersecurity as a practice was largely concentrated around the BFSI & ITES industry. Fast forward to today- cybersecurity and information security are domainagnostic buzzwords. In one of the recent roundtable discussions that I attended – we had participants from Retail, Manufacturing, IoT and even NGOs. Similar discussions in the past were largely limited to BFSI and ITES companies.

The biggest factor impacting the Security industry today is the ever-increasing Attack Surface (Multi-Cloud, Hybrid Clouds, WFH, BYOD, porous Corporate Boundaries, Mobile Devices) and the constantly evolving adversaries. This, in conjunction with the rapid digitisation of enterprises, has elevated cybersecurity practices from being a support function to the role of business enablers. In today’s world majority of enterprises are technology-driven, in other words, called Tech Companies, however, the product each one of them develops may be different. There is no domain today which can be agnostic to technology. Where there is technology/ digitisation, security practices must go together.

Also Read | The value of an adversary-focused approach to cybersecurity

One of the factors that are impacting the industry today is the lack of skill. With very few colleges offering cybersecurity as a specialisation, the industry is plagued with a lack of skilled manpower. With the lack of basic knowledge of cybersecurity, the new-age cybersecurity professional is largely tooldependent (Tool Operators). There are a few new-age start-ups that are trying to address this problem. However, we have a long way to go.

How are the CISOs supporting businesses to deal with the constantly evolving cyber threat landscape?

As I said, Data is the new Oil, and the onus of safeguarding the new Oil is on the CISOs and the cybersecurity organisations. The ever-evolving threat landscape has made this job that much more challenging. A decade back, pure cybersecurity was limited to the Banking and BFSI & ITES sectors. Today every enterprise has a cybersecurity organisation of scale. The ransomware attacks which were largely concentrated towards attacking the BFSI/ITES sectors till recently, do not discriminate between domains/sectors today. The statistics of the last six months reveal that cyberattacks on non-BFSI/ITES sectors are much larger than that on the BFSI/ITES Sectors.

With most businesses moving online or in the process of rapid digitisation, CISO and the CISO org today have become that much more business relevant than they ever were. CISOs of today are not only involved in the testing phase of a product but also in the architecture/design phase in what we call today as Security by Design paradigm. Investments in cybersecurity in today’s world are a must for any enterprise and this fact is being acknowledged by the top leadership.