Data has been described in a great many ways in this era of digital transformation but the gist is the same: It is extremely vital, so much that it can help drive a business forward or cause it to go stale (or go on a downward spiral even). This is why data is invaluable at present—and more so in the future when the amount of data is forecast to increase exponentially.
This data boom will also bring forth concurrent challenges, with the biggest being data protection. Given the unprecedented value data carries nowadays, it should not come as a shock that nefarious individuals would either want to get their hands on it or compromise it in some way. Businesses in Southeast Asia, in particular, are finding this out the hard way, with data breach incidents in the region increasing in the past couple of years as companies have accelerated their digitalisation efforts due to the pandemic and are increasing adoption of the cloud and other digital tools.
A Region Unprepared
According to Subhalakshmi Ganapathy, Product Evangelist, IT Security, at ManageEngine, part of why Southeast Asia has become a hotbed of cybersecurity attacks can be attributed to an overall lack of preparedness among the different enterprises in the region.
“Southeast Asian countries have varying levels of cyber readiness and resilience. The difference in the level of security preparedness can be attributed to the lack of a strategic mindset. Cybersecurity is still being perceived as an IT issue rather than a business problem. Therefore, regional businesses, especially small and mid-sized ones, do not have a cybersecurity strategy,” says Ganapathy in an exclusive interview with Data&Storage ASEAN. “In the large enterprise segment, the usage of multiple vendors and product deployments is creating operational complexity. Without a comprehensive cybersecurity strategy, tackling operational and security challenges together creates a lot of security vulnerabilities that are exploited by the adversaries.”
The goal, Ganapathy points out, is for companies big and small to equip the enterprise with an encompassing cybersecurity approach that is in tune with evolving technologies.
“As companies prepare to embrace the technological evolution, they should also evolve in terms of threat monitoring and response, protecting multi-cloud deployments, and securing Internet of Things (IoT). Enterprises should be ready to invest in comprehensive security solutions and foster skill development of security professionals,” explains Ganapathy. “Realigning corporate security strategy with a risk-centric approach and adopting cybersecurity as a culture will improve the readiness factor.”
Cyber breaches, while rightfully a point of concern, are not the only things companies should be worried about. They should also be looking at data leakage, which Ganapathy defines as the “accidental or deliberate disclosure of confidential data to unauthorised persons both within and outside the enterprise.” According to her, it happens mainly because of the following:
Insider threats. One of the main reasons for a data leak is when malicious users, who have access to internal sensitive information, disclose the data to the dark web.
Misconfiguration of security settings. This falls under unintentional disclosure of data. When IT professionals responsible for setting up security systems misconfigured these policies, their security defence weakens and thus serves as a loophole.
Weak third-party systems. When enterprises use third-party applications or systems whose vulnerabilities are not fixed, data leaks might happen.
Protect That Data
Between the rise of data breaches and the possibility of data leaks, best-in-class data governance has never been more important. And a big component of it is a robust data protection strategy, which in turn necessitates a strong technology partner.“Businesses have a vast amount of data and they are relying more than ever on technologies like advanced analytics, Artificial Intelligence and machine-learning to achieve higher revenue and improve efficiency. But, there is another side to it,” says Ganapathy. “Data breach or loss is a concern shared by organisations worldwide, including those in the Southeast Asian region. Any such incident can have serious financial implications for the affected business and even cause customers to lose their trust.”
She adds: “Until recently, securing data from attacks needed a static data security approach as the network perimeter was well-defined and it was relatively easier to track the user access and behaviours. With the advent of the remote working model and cloud adoption, perimeter-less networks have emerged, which makes security monitoring extremely difficult. Hence, enterprises should adopt a dynamic or adaptive security approach to safeguard data, especially the sensitive data stored on the cloud.”
An adaptive security approach, according to Ganapathy, must include these best practices:
Investing in solutions with Cloud Access Security Broker (CASB) and Data Leak Prevention (DLP) capabilities.
Fostering skill development of security professionals, especially on securing multi-cloud deployments and remote working models.
Implementing proactive security approaches such as adaptive authentication techniques and zero-trust models.
Regularly reviewing and managing shadow IT usage.
Encompassing solutions, incidentally, are being offered by ManageEngine, which develops one of the broadest suites of IT management software today, including its proprietary Log360 solution. Log360 is a simple yet powerful Security Information and Event Management (SIEM) solution that can help enterprises overcome network security challenges and strengthen their cybersecurity posture.
Evolving With the Times
ManageEngine, in general, and Log360, in particular, are evolving with the times. Log360, specifically, has been enhanced to address security concerns brought about by increasing cloud adoption and the growing popularity of remote work.
“ManageEngine quickly adopts and caters to the evolving needs of the market. When enterprises suddenly shifted to remote working models and the cloud, we fine-tuned our security solutions to protect the decentralised environment,” notes Ganapathy. “Our Security Information and Event Management (SIEM) solution, Log360’s framework, was upgraded to handle cybersecurity threats such as VPN exploitation, cloud misconfiguration detection and fixing, shadow IT discovery and management and more. Log360 resolves one of the major concerns of a decentralised environment—lack of security visibility.”
Log360 also comes with a built-in security automation module that executes remediation steps on infected machines without human intervention and helps recover affected resources. Additionally, its search module helps execute threat hunting hypothesis to implement proactive security strategy, while its end-to-end incident management console helps security professionals track, triage and effectively neutralise incidents with automated workflows.
Time to Invest
It goes without saying that companies today, irrespective of size will need to start investing more in data-centric solutions if they are to unlock the value from the data they are collecting.
That could be Log360 by ManageEngine, which Ganapathy says is “unlike other traditional security solutions,” because it “strikes a right balance between offering prepackaged detection logic and options to customise to suit every enterprise’s unique security needs.” But it could be another solution altogether. The important thing is to get one—right now. That is the only way data will drive a business forward.