Ta kontakt med oss

TEKNOLOGI

On automation and machine learning as the future of security

Publicerad

Cloud Computing News

James Todd, SecOps director at KPMG, describes his role as a merging of SecOps, security architecture, and cloud security. It is a particularly interesting crossing point with regard to automation. 

“It’s at that intersection of the cloud environment, being very much aligned to deploying everything as code,” says Todd. “A lot of automation is a big part of that. Being able to take dynamic action within a cloud environment is much easier and well-versed than within a traditional data centre or on-premises environment. The controls available to us are much more dynamic.  

“That doesn’t preclude us from being able to do things within security controls on the endpoint or within on-premises data centres, but it’s a different approach.” 

Research from the Enterprise Strategy Group in October found that almost half (46%) of SOC teams are automating security operations processes ‘extensively.’ Alongside this, more than half (52%) of respondents agreed with the statement that security operations were more difficult now than two years ago. 

It is not surprising, therefore, that getting automation to work within the security operations centre (SOC) is a major point of emphasis for KPMG. One note from the professional services firm last year insists that automation can have a ‘significant and positive impact on the effectiveness of CISOs and their teams.’ Another, a month later, put automation, alongside upskilling and diversity, as one of the three key approaches to bridging the cybersecurity skills gap.  

Todd’s unit provides SecOps consultancy and operations for financial services organisations. There are two primary types of client. One is a company that has little in the way of security operations within their organisation; they are either an organisation which has grown in size and needs a more formal process. Alternately, they are more established and want to tread the line between ‘dynamic change within their environment plus continuous change in the threat landscape,’ as Todd puts it. The second are organisations that need to go to the next level – and this is where automation can come in. 

“Once that established playbook or workbook has been created in relation to a particular threat, or a particular way that incidents are handled, we look then to introduce automated processes that reduce the repetitive task element within security operations initially, and then move to the higher end of automation and introduce some level of autonomy,” says Todd. “So the SOC can react to threats in as near real-time as possible.” 

Getting the balance right between automated tooling and human resources is a longstanding head-scratcher for executives. Writing in Security Week in November, Marc Solomon sums the problem up succinctly: ‘using automation to make your people more efficient, and using your people to make automation more effective.’ 

The simplest part of automation, Todd explains, is the robotic process automation (RPA) element, which frees time for the SOC analyst to work on incident handling, threat hunting, and other vital tasks. The next step is to move towards technologies such as machine learning to lead to more intelligent decision-making – or machine-led decision-making. “The platform builds trust in those actions and understands the impact of a particular action playing out,” says Todd.  

“If I see a particular indicator file within my environment that is correlated with threat intelligence, and I know the asset that has been targeted, that asset’s security posture and also its susceptibility to the attack that’s being aimed at it, I can then use machine learning to inform a number of decisions that I can take,” he adds. “All the way through from quarantining that particular asset, limiting its movement, playing out particular activities that allow us to gain some further intelligence.” 

Todd references the influential MITRE ATT&CK matrix first released in 2015, which catalogues hundreds of tactics adversaries use across enterprise operating systems. While ATT&CK is not laid out in a particular linear order, the first category, ‘initial access’, is the point where an attacker gets a foothold in an organisation’s environment. This is where Todd wants his team to be. 

“The optimal goal for us is to get to a point where we’re taking action or intervening at the point that the attack is first observed within the cyber kill chain,” says Todd. “Really being slick around being able to observe and take action around the first point that an attacker tries to enter an environment.” 

Todd, who is speaking at the Cyber Security & Cloud Expo Global, in London on December 1-2 around cloud security, adds that the most commonly used form of machine learning within cyber defences is anomaly detection. Right now, that’s where automation is likely to stay.  

“I think [where] the human element comes into it is that machine learning is good at spotting outliers and anomalies,” says Todd. “The decision making, certainly for the moment, will reside within the analyst, within the SOC.  

“Those analysts [will] be codifying and transferring their well-proven, well-exercised playbooks, or converting those playbooks into an automated approach,” adds Todd. “But I don’t think that we’re quite yet at the time where we’ve got full autonomy on decision-making.”

(Photo by Tim Mossholder on Unsplash)

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge här.

Tags: , , , ,


Källlänk

Klicka för att kommentera

Lämna ett svar

Din e-postadress kommer inte publiceras. Obligatoriska fält är märkta *

TEKNOLOGI

Vodafone Ireland turns to Amdocs to drive enhanced customer experience

Publicerad

Cloud Computing News

Duncan is an award-winning editor with more than 20 years experience in journalism. Having launched his tech journalism career as editor of Arabian Computer News in Dubai, he has since edited an array of tech and digital marketing publications, including Computer Business Review, TechWeekEurope, Figaro Digital, Digit and Marketing Gazette.


Vodafone Ireland has chosen Amdocs, a provider of software and services to communications and media companies, to transition its infrastructure and application workloads to the cloud, enabling an enhanced customer experience and rapid adoption of the latest 5G innovations.

Under the agreement, Amdocs Customer Experience Suite (CES) will migrate from Vodafone Ireland on-premise to the cloud, providing the Irish operator with greater flexibility and capacity to support its future growth.  

Mairead Cullen, CIO at Vodafone Ireland, said: “Moving to the cloud is a key part of our strategy as we look to become even more dynamic, agile and responsive to our customers’ needs. We have a long-standing relationship with Amdocs and we’re pleased to be collaborating with them on this important initiative.”

Anthony Goonetilleke, group president of technology and head of strategy at Amdocs, said: “By migrating its IT services infrastructure to the cloud, Vodafone Ireland can ensure it has the foundations in place to achieve growth and further enhance the experience of its customers.

“We are excited to be taking such a central role in the company’s cloud strategy.”

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge här.

Tags: , ,

Källlänk

Fortsätt läsa

TEKNOLOGI

How to Align Data and Analytics Governance with Business Outcomes

Publicerad

How to Align Data and Analytics Governance with Business Outcomes

With access to large amounts of data made available to businesses, maintaining and governing the kind of data that is accessible to users have become significantly essential.

Proper data and analytics governance in organizations can help them in achieving on-point data and analytics processes.

The use of data and analytics is increasing across practically all industries. Due to the availability of inexpensive storage alternatives, organizations have access to more data. It’s not surprising that the usage of analytics due to access to extensive data has expanded to every part of the company when you take into account the growing number of user-friendly tools for managing, retrieving, and analyzing data. 

However, a lot of effort goes into managing data and analytics. Thus, organizations must ensure that their efforts are aligned with their business priorities, and the data is accurate in nature and thoroughly secured. Without analytics governance, even if the organization has a good hold on its data governance policies, the advantages of establishing policies and processes to govern the analytics process still stand. As data governance guarantees your business has processes and standards around the use of data, analytics governance provides the same level of oversight to the way analytics initiatives are built and delivered.

Aligning Data and Analytics Governance

Data and analytics governance initiatives must be closely related to organizational strategies. However, businesses frequently base their data and analytics governance processes on data rather than the business. Here are a few points on how businesses can align their data and analytics governance with their business outcomes.

Aligning_Data_and_Analytics_Governance.png

Trusted Governance

Forming business decisions based on the notion that “all data is equal” is no longer a sound strategy because data and analytics capabilities exist across a company and differ in nature. Instead, create a paradigm of trust-based governance that allows for a dispersed data and analytics ecosystem and is able to help business executives make decisions that are more confidently appropriate to the circumstances.

Digitization

With the essence of developing technology, digitization has taken over almost every business to stay relevant in the market. However, for businesses to gain the best outcomes from the digital space, digitization is essential. And for successful digitization, data and analytics governance must function based on factors like digital ethics and transparency. Therefore, ensuring that the values and concepts of digitization are reflected in the data and analytics governance is crucial to significantly align it with business outcomes.

Data Security

Today, organizations are aware of the potential risks associated with their businesses and securing data has become a necessity. This awareness implies that they address both the threats and the possibilities brought about by data and analytics. Organizations frequently manage risk and market potential independently, and they also do not really prioritize information security when assessing business results. Therefore, data and analytics governance authorities should have interdisciplinary teams capable of making decisions that are well-balanced, giving risk, opportunities, and security the appropriate weight while considering the organizations’ future interests in mind.

 

Today, businesses are aware of the fact that without effective data and analytics governance, their initiatives and investments in data and analytics won’t be able to satisfy important organizational goals like increased revenue, cost reduction, and improved customer experiences. Therefore, aligning it with business outcomes is critical for business success.

Källlänk

Fortsätt läsa

TEKNOLOGI

IBM launches new way to partner through IBM Partner Plus

Publicerad

Cloud Computing News

IBM has developed IBM Partner Plus, a new program that reimagines how IBM engages with its business partners through unprecedented access to IBM resources, incentives, and tailored support to deepen their technical expertise and help speed time to market.

The program is designed to fuel growth for new and existing partners, including resellers, hyperscalers, technology providers, independent software vendors and systems integrators, by putting them in control of their earning potential. IBM Partner Plus is central to the company’s Hybrid Cloud and AI strategy and aims to empower partners to help clients automate, secure and modernize their businesses.

IBM Partner Plus offers partners a transparent, simple and modern experience. By growing technical expertise and demonstrating sales success, participants can progress to three tiers – Silver, Gold and Platinum – which unlock specialized financial, go-to-market support and education benefits. In the new program, badging will become the standardized measure of skills and validated solutions will demonstrate expertise. The enhanced IBM Partner Portal consolidates and tracks all expertise, revenue, and deals globally, offering each partner a clear line-of-site into their progression through the program.

“IBM Partner Plus introduces a new way for IBM to deliver value to new and existing partners by helping them gain skills, grow faster and earn more,” said Kate Woolley, GM, IBM Ecosystem. “We’ve heard from partners that they want a simplified experience that helps them win with clients. I’m confident these changes and our continued investment in our ecosystem will make IBM the partner of choice across the industry, and together we can drive growth for partners, clients, and IBM.”

IBM Partner Plus results from the company’s journey to put partners at the centre of IBM’s go-to-market strategy and act as a growth engine to help capture the $1 trillion hybrid cloud and AI market opportunities. IBM has invested in elevating the role of partners and accelerating partner-led sales by enabling the ecosystem to become a preferred route to market, offering clients an optimal mix of technology, services, and consulting expertise. To drive continued growth, IBM will increase its capacity to support partners by doubling the number of partner-facing brand and technical specialists to help them prospect and win additional client business.

“The new IBM Partner Plus program provides an enhanced experience that sets our company up for success by offering employees access to skills and opportunities, so we can help more clients utilise IBM’s technology portfolio to modernise their operations,” said Bo Gebbie, President, Evolving Solutions. “IBM is more serious than ever about putting partners first. They’ve listened to our feedback, and it is reflected in the new partner experience that makes it easy for us to collaborate, rewards our investments and fuel growth.”

IBM Partner Plus brings all partner types and programs together – whether they sell, build on or with, and/or provide services for IBM technology – into one integrated ecosystem. For example, to help broaden the market opportunity and create new revenue streams for its ecosystem, IBM recently enabled partners in North America to resell IBM products through other cloud marketplaces. This allows for independent software vendors to embed IBM Software from partner marketplaces into their own solutions. All partner sales through the marketplace accumulate towards their progression in IBM Partner Plus. 

Competitive incentives

Partners can advance through tiers to unlock benefits and demand generation programs which could offer them up to a threefold increase in total investment from IBM. The IBM Partner Portal gives partners real-time visibility into the incentives they are eligible for, predictability into potential earnings, and includes an automated deal share engine that helps them surface quality leads. This has improved deal registration and introduced partners to more than 7,000 potential deals valued at over half a billion dollars globally.*  IBM investments in co-marketing campaigns and co-sell support with partners can also help bring solutions to market and generate demand.

Insider access

IBM Partner Plus builds on the successful release of its October badging and selling enablement materials to partners, which has driven more than 15,000 partner enrollments in sales and technical badges. Offering partners the training, enablement, and experiential selling resources available to IBMers at no cost can help better equip them to win with clients. Additionally, access to IBM’s seller tools can help them generate competitive and transparent pricing. Partners can also attend IBM’s quarterly Sales Kickoffs together with IBM sellers, and participate in live training sessions and other global technical advocacy events to help upskill, increase eminence, and engage with technical experts. For new partners, IBM is launching the IBM New Partner Accelerator, which provides onboarding, training, and other benefits during their first six months in the program to help accelerate their path to profitability.

Enhanced support and benefits

Partners can grow skills, develop solutions, and build sales expertise with technologies like AI, security, and cloud on an open hybrid cloud platform by leveraging technical experts from IBM. IBM will also assist partners in the development of minimal viable products, proofs of concept, and custom demos to help them win client business and accelerate growth. In addition, as partner businesses grow with IBM, they can unlock additional benefits designed to help them expand capabilities and find new clients.

PartnerWorld will transition to a new IBM Partner Plus experience on January 4, 2023, with the new incentive program taking effect on April 1, 2023. Registered PartnerWorld members will maintain their current tier through July 1, 2023 and can progress to the new tiering system during this time as they meet criteria.

Want to learn more about cybersecurity and the cloud from industry leaders? Check out Cyber Security & Cloud Expo taking place in Amsterdam, California, and London.

Explore other upcoming enterprise technology events and webinars powered by TechForge här.

Tags:

Källlänk

Fortsätt läsa

Trendigt

sv_SESvenska