Prediction rather than prevention is way forward to stay one step ahead of hackers
Predictive risk management strategy rather than prevention is the need of the hour in the cybersecurity space to enable organisations to proactively identify threats and allow them to stay one step ahead of potential threats, industry experts said.
“What we have learned so far is the preventive approach, how to prevent an incident happening from the network. Now, we talk about predictive approach, how we can predict an attack happening on the network and block it from happening,” Anand Choudha, managing director at Spectrami, a cybersecurity solutions distributor, told TechRadar Middle East.
As the threat landscape has been evolving over the years, he said that new and sophisticated attacks happen every day.
“As everything is connected in today’s world, the cyber warfare is becoming more relevant than before and which is driving the need to relook at the strategies and develop a predictive risk management strategy,” he said.
Going after the hackers
According to Choudha, the three-way framework of prediction-based approach – vulnerability analytics, security analytics and multi-vendor threat intelligence – is the new trend and will help all the decision-makers to stop the attacks before they hit their organisation.
Gartner has endorsed it as predict, prevent, detect and respond (PPDR) framework.
Sarfaraz Kazi, chief technology officer at Spectrami, said that the whole idea is to stay one step ahead of the hackers.
Moreover, he said as most people practised prevention, detection and response method, nobody talked about prediction.
“People need to go beyond the network and to the dark web and deep web to see how the hackers work. Rather than waiting for the attacker to come to your doorstep, we are flipping the switch now and go after the hacker to learn his tricks and procedures. Instead of being reactive, we are going to be proactively hunting the hacker.
“Once I know the IP addresses of the hacker, I can block him whenever he is online. I cannot prevent him from getting to my door but I can prevent him from entering my house,” he said.
The three-way framework is a fusion of manual and automation.
“The framework is evolving and cannot be 100% sure of what is going to help but what we are seeing is that companies that have gone into the predictive mode are more secure than the traditional approach and vendors in the Middle East are expected to follow and adopt the framework. In few years, we may say that predictive framework is outdated and a new framework may be out,” Choudha said.
Kazi said that Cybersecurity is like insurance.
“We buy cheap car insurance as we don’t make accidents. When we make accidents, we think of expensive insurance. Everything works but it comes at a cost. The infrastructure cost of defence mechanism for blocking nation-state attacks is north of $10m a year. What is lacking is the support of the management and how many companies are willing to invest that much money,” he said.