Last week, we covered a bit on one Dell executive’s take on security transformation. We have since reached out to PK Gupta, Dell EMC’s Global Presales Lead, Data Protection, to go into much further detail on what security transformation actually entails and why it’s so important for companies that are digitally transforming.
PK Gupta was one of the invited speakers at the Dell Technologies Forum 2018 in Kuala Lumpur. As his session was titled, “GDPR: What is it, Why Do I Care and What Should I Do?”, we also set out to ask whether GDPR truly has had as much of an impact as people expected and how it affects companies in ASEAN.
The following is the full transcript from the interview:
CSA Editor: For companies embarking on a digital transformation, why is it also important for them to transform in terms of security?
PK Gupta: The four key transformational pillars which are often talked about are Digital Transformation, IT Transformation, Security Transformation and Workforce Transformation. First of all, when you think about Digital Transformation and why it’s important, data is growing by leaps and bounds whether you are a small, medium or a large organisation. To give a sense of the enormity of it all, consider this – the amount of information consumed by an average person in a day today, is equivalent to what a medieval age person would consume in his entire life, which averages 60 years.
Earlier this year, IDC predicted the data sphere to reach approximately 163 Zettabytes by the year 2025. All this data needs to be stored, managed, processed, analysed, and above all – especially when it comes to businesses and compliance – it needs to be secured. It needs to be secured from the core, to the edge, and to the cloud – wherever the data resides. Security is really the key pillar of overall Digital Transformation for an organisation, irrespective of its size.
In a nutshell, organisations need to shift from a ‘traditional’ security mindset to a ‘transformed’ one, which delivers a harmonised defence, signified by the 5 areas below:
Identifying the most valuable assets to secure using a risk-driven methodology;
Protecting them with a designed-in approach;
Detecting threats proactively;
Responding to threats cohesively; and
Recovering through planned strategies
CSA Editor: But what exactly does this “security transformation” entail? In what ways are organisations expected to change their approach to security?
PK Gupta:Back in the early days, security meant having anti-virus software installed on your computers and that would suffice. It definitely isn’t the case anymore! The whole cybersecurity environment has changed from the DDoS attacks of the past, to ransomware and wiper malware of today - the WannaCry, Petya, NotPetya incidences of last year come to mind. Thousands of computers around the world were infected and people were asked to pay to regain their ‘ransomed’ data or have it wiped out. In these situations data protection means protecting yourself on the edge at where the different attacks are coming from but not only that – you need to protect your network, you need to protect your data centre, you need to protect your data in the cloud.
On top of that, you now need to think about regulations. There are about 32,000 regulations across the world, with the most recent being the General Data Protection Regulation (GDPR) ruling which came into effect on 25 May 2018. Security implementations and regulations that govern them are becoming increasingly common so not only do you have to protect your customers’ data, you now have to also worry about the ramifications if you don’t.
But protection is only one side of the equation – the other part that customers often don’t realise is tremendously important as well – is how fast you can recover if an unforeseen event occurs. There is no guarantee that you will get your data back even after paying the ransomware, so how do you secure the ‘crown jewels’ of your information which is typically 10% of the critical data in your organisation? Organisations need to realise that in this age where information needs to be available anytime, anywhere 24/7, they need to start thinking about protecting data AND having cyber recovery solutions in place.
CSA Editor: Please elaborate on Dell EMC’s commitment to helping enterprises of all scales to make the most of their security transformation journey.
PK Gupta: Organisations today, especially mid-size organisations, are faced with increased complexity ranging from data growth, application diversity, increased number of users, and resource constraints – driving the need for solutions to do more with less. As you already know, Dell Technologies is a group of seven crown jewel companies – Dell, Dell EMC, Pivotal, Virtustream, VMware, SecureWorks and RSA. We are in a unique position to help customers meet all aspects of their security transformation ranging from risk management, risk identification to quantifying cyber risk.
If we look at the 5 areas of ‘transformed’ security (identify, protect, detect, respond and recover), we are the only company with a portfolio strategy that delivers on the shift from traditional to transformed security through 4 pillars:
Unified risk management
Transformed security goes well beyond compliance to identify the highest impacting digital business risks. It designs a risk-driven security strategy, where both IT and the business know which risks are worth taking, and invests accordingly. A risk-driven approach also means understanding the business context to prioritise what to respond to in a cohesive manner.
Solution offered: RSA Archer is a unified security and risk management practices platform which delivers a clear, consolidated view of risk from across every part of an organisation’s environment to efficiently respond to the most critical issues.
Adaptable security operations
Transformed security augments expert human intelligence with machine intelligence and contextual insight, applying machine learning and behavioural analytics to study events as they occur in the infrastructure, from the core, to the edge, to the cloud. It can proactively detect unusual behaviour that can be the formation of advanced and persistent threats, in order to better contain threats and mitigate damage.
Solution offered: SecureWorks is a managed security services solution that leverages supervised machine learning and human intelligence to help clients detect more across their hybrid environment, recognise which alerts matter from all of their security technologies, and provide the context they need to take the right action and eradicate the threat.
Transformed security chooses infrastructure which protects with a designed-in approach, where data is surrounded with security that moves along with the data, and where application and network access are automatically enforced on a least-privileged basis, meaning access is given to only the assets required to perform a task.
VMware NSX enables micro-segmentation that can be used to enforce a least-privileged model of network operation. By defining security policies at the individual workload level, it reduces the risk of an attacker moving laterally through the entire environment unabated.
Dell EMC cyber recovery solution enables complete malware recovery, data loss prevention and ransomware recovery against cyber-attacks via the establishment of isolated environments disconnected from the network with software to create data copies and procedures to perform scheduled air gaps.
Transformed security leverages risk assessments to proactively plan, design and recover the most valuable assets, throughout their lifecycle, while creating digital copies of these assets and safe guarding them before they are affected. Trusted security advisory experts and customised threat intelligence help accelerate your security transformation.
Solution offered: Dell Technologies Advanced Security & Incident Response Services include services to help operationalise your security, from design and implementation using best practices for advanced threat detection and response, to integrated threat intelligence while leveraging modern predictive analytics. These services help organisations establish an advanced security operations center on premise, while also delivering security managed security.
CSA Editor: The GDPR is one of the focus areas for today’s Dell Technologies Forum event in KL. Since it was implemented in May, has the impact of the GDPR been as great as expected? How has it affected companies in the ASEAN region?
PK Gupta: This year, we had the biggest regulation change when GDPR was implemented for EU countries. A total of 31 countries across the European Union agreed on a common framework to protect the privacy and other data for EU citizens. Malaysia actually has something in place which is quite similar to what GDPR is trying to do. When you look at the Personal Data Protection Act (PDPA) 2010, there are a lot of parallels with what GDPR is saying – principles whereby organisations need to safeguard their information, identify their security principles, what are the rights of the people on that information, how it should be kept current and how should data integrity be maintained. I was amazed at how similar both regulations were when I read them! The only difference is the fines being imposed are at a much higher rate. From my point of view, In fact, I would call Malaysia the pioneer in data protection regulation as the country was already gearing up for it based on the last 4-5 years since the PDPA came into the picture!
In my conversations with customers, many are still trying to figure out what it means to them especially in ASEAN countries. Make no mistake, so as long as your business processes and deals with data of EU citizens, it falls under GDPR. The good thing is that they realise the far-reaching impact of GDPR and not complying would be detrimental to their business.
The thing is, there is no company that can make you comply; at Dell, we help you to become compliant. Take a hypothetical example: imagine if you were a customer of a bank for 30 years and one day you decide that you no longer want to be one, and ask for your records to be deleted. To comply with GDPR, can you imagine the arduous task of going through thousands of tapes to find and delete that one particular information, and guaranteeing that it is done correctly?
We are moving from tape-based technology towards the disk space technology, which provides customers with the guarantee that their information can be safe guarded, easily accessed and deleted. Dell has one of the best solutions in this area especially for SMEs which was recently announced, the Dell EMC Integrated Data Protection Appliance (IDPA) DP4400. With the IDPA DP4400, we are helping mid-size organisations modernise their data protection with a solution that is not just simple and powerful, but priced and sized right for them. The IDPA DP4400 offers complete backup, deduplication, replication, and recovery—plus, cloud readiness with disaster recovery and long-term retention to the cloud—all in a convenient 2U appliance.
CSA Editor: What are some of the data management best practices for companies looking to ensure data regulation compliance and effectively monetise their data?
PK Gupta: Most companies – from SMEs to large organisations – have been doing a fairly good job in data protection. Regularly backing up, encrypting your data, having an end-point security – these are all good because 30-40% of what we do usually resides in our laptops/desktops. Hence it is important to protect that data as well. The second layer involves hardening and patch management to ensure that businesses protect their networking environment. Employers just need to ensure that somebody in the organisation is consistently downloading all the best practices, patches, making sure they are up-to-date on a monthly basis. Most often, malware and ransomware attacks happen because people are not patching their systems right. Another good practice these days which a lot of organisations follow is two-factor authentication, where for instance the biometric credentials of a C-level executive and one other person are needed before anything can be done with the data.
Last but not least – in whatever you do, always assume that hackers are already there. This goes back to what I mentioned earlier – building cyber recovery into the overall security transformation strategy. Back in the early days, data used to be measured in Gigabytes and few Terabytes so they were able to recover from tapes faster but in today’s age, we are talking about multi Terabytes and Petabytes – the question organisations need to ask themselves is how they can recover in a short period of time? How do you identify, protect, detect, respond and recover? Speed is important. The resiliency of your environment is important. How quickly you can adapt to changes is important.
Of course, some organisations will need help with the right security strategy and implementation for their business. This is where they should consider advisory services that can help map their data, look at all their assets, and create an applications map and all the dependencies to quantify the appropriate action. One great example – RSA, Secureworks, Dell, Dell EMC and VMware put together provides best-in-class solutions to help companies achieve truly transformed security.