Sudhansu M Nayak, Head Cybersecurity & Cyber Forensics, CMS IT Services speaks to us about the cybersecurity domain as it is developing.
What are the new tech developments in security which the MSMEs can adopt?
Sudhansu M Nayak – MSME cloud-first, hyper-automation, and IoT explosion strategies complicate their employee and customer interactions via human, bot, and machine identities. Zero Trust network access (ZTNA) coupled with identity and access management will help MSMEs prevent digital identity fraud and consequent financial loss. User identity lifecycle governance at application layer, privilege access management at root administrator layer, cloud entitlement management at cloud workloads layer and ZTNA access at managed and unmanaged end-users’ layer secures multi-cloud access continuum.
MSME cloud-first strategy cuts open cloud misconfiguration and data security risks. Misconfigured APIs, clear-text credentials with open access directory data structures, and weak observability risks warrant 3600 comprehensive multi-IaaS autonomic cloud migration, cloud platform engineering, CloudOps, FinOps, SecOps and DevSecOps.
MSME’s customers are diverse, distributed, and demanding. They are continuously interacting and evolving in a fully embodied metaverse. Digital data platformation and transformation, digital automation and content delivery, and security at the edge help create holistic, interactive, and secure customer transaction environments.
How do the security strategies of MSMEs differ from those of enterprises?
Sudhansu M Nayak – There are three kinds of MSMEs- 100% cloud-born and cloud-native, increasingly-cloud-heading and 100%-owned- onsite-enterprise-infrastructure-and-applications.
100% cloud-born and cloud-native MSMEs need to protect three elements viz. their endpoint devices and identities, cloud sprawl security, and risk & compliance governance. For their mobile endpoints, they need to focus on implementing anti-virus, endpoint detection and response, encryption, mobile threat defence, and ZTNA access. For their cloud sprawl security, they need to procure cloud entitlement management, cloud access security brokering services, 3600 comprehensive multi-IaaS autonomic cloud migration, cloud platform engineering, CloudOps, FinOps, SecOps and DevSecOps. For their risk and compliance governance, they need to procure backup and restore solutions, build patching cadence, and periodic red team exercises.
Increasingly-cloud-heading and 100%-owned-onsite-enterprise-infrastructure-and-applications MSMEs, depending on business-contextual open and/or vulnerable attack surfaces, need to procure solutions for protecting their onsite and/or cloud servers, networks, and other applications.
Large enterprises have higher needs and budgets for defensible cybersecurity. Depending on their IT/ IoT maturity, cloud and digital transformation journey, and critical data flow across multiple application systems, they normally procure more comprehensive solutions across their ecosystem. Most important of them are identity and access Management services, cloud security services, complete observability and risk predictability services, security services for their edge computing, ongoing periodic purple team exercises, and managed detection, compliance, and response services.
What new trends in Cloud and Datacentre are going to be popular with MSMEs in 2022?
Sudhansu M Nayak – Multi-cloud workloads, secure data platformation, and zero-trust access with Identity as a perimeter are the primary trends with MSMEs in 2022. MSMEs are struggling with creating a hyper-personalised, cost-efficient, omni-channel reach to their highly dispersed customers. They have also realised data security is of utmost importance and they have started implementing holistic and defensible cybersecurity across all their workloads and supply-chains.
In the increasing world of hybrid work culture, how are the demands of security and Cloud and Datacentres going to shape up?
Sudhansu M Nayak – End-point security covering both managed and unmanaged ubiquitous mobile devices need to be protected with next-generation, data-driven, 24/7 pro-active detection and response and mobile threat defense solutions. This takes care of the problem of infected endpoints requesting authentication to critical and confidential multi-cloud workloads. This needs to be bolstered with zero trust network access solutions.
Enterprise-wide role-based access control to critical applications and privilege access control to critical infrastructure warrants all-encompassing implementation of identity and access management solution. This takes care of the access layer security. Cloud Access Security Brokers also help with increased visibility and compliance governance.
If the devops teams are internal to the enterprise, this needs to be augmented to DevSecOps with holistic platform engineering. If the DevOps is outsourced, regular application security audits are essential. This should take care of the Application layer security.
For multi-cloud, autonomic, and comprehensive observability and incident response, 24/7 incisive monitoring and threat hunting (involving deep behaviour analytics of users, entities, and dependencies), disciplined patching cadence, and periodic purple team exercises are essential. To bring cost efficiencies, daily multi-cloud FinOps reviews need to be correlated with the existing utilisation. For compliance and governance, identified guardrails’ implementation and integration to enterprise culture is important.