Establishing good security practices is the first step to preparing against attacks and threats – Subhendu Sahu, Mandiant
With the growing adoption of digitization, cyber security has increasingly become a concern for organizations. It has become essential that every organization has the expertise and intelligence to find these malicious threat actors and mitigate the risks. With cyber-attacks becoming more sophisticated and creative, understanding the attacks and implementing solutions are the key. Subhendu Sahu, VP, Sales, Mandiant shares more insights on the same.
- Can you give a quick overview of Mandiant’s offerings and solutions for organizations in India?
For the last 18 years, Mandiant has been a trusted partner to security-conscious organizations. Adequate security controls and defences are based on the right combination of expertise, intelligence, and adaptive technology. Mandiant’s SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions.
Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instils confidence in their readiness to proactively defend and respond to cyber threats.
Mandiant has offerings in two areas:
A SaaS-based suite of products to help organizations understand their external and internal risks, providing the automation to operationalize it effectively and efficiently. Mandiant’s mission is to arm organizations of all sizes with access to Mandiant’s industry-leading threat intelligence, innovative technology, and expertise, all through the Mandiant Advantage SaaS platform.
Services – Mandiant Services team applies their frontline expertise to help organizations transform their cyber defence capabilities to mitigate threats and reduce business risk – before, during, and after an incident.
2. What must be the approach of enterprises while preparing for cyberattacks?
With cyber attacks becoming a common phenomenon, companies are working towards enhancing their security infrastructure to prevent and reduce the damage caused by them. It has become essential that every organization has the expertise and intelligence to find these malicious threat actors and mitigate the risks. With cyber attacks becoming more sophisticated and creative, understanding the attacks and implementing solutions are the key.
Establishing good security practices across the organization and its security infrastructure is the first step to preparing against attacks and threats. Continuously evaluating and identifying the risks relevant to one’s organization; recognizing the potential harms and risk patterns, will help enterprises to eliminate the attacks.
Additionally, companies must transform their security capabilities to successfully outmanoeuvre the current threat actors and implement processes to provide resilience against future compromise. The Mandiant Advantage platform gives security teams an early knowledge advantage via the Mandiant Intel Grid, which provides platform modules with current and relevant threat data and analysis expertise. The platform ensures that enterprises are secure from cyber threats, armed with continuous security validation, detection and response, and confidence in their readiness.
3. What is the importance of continuous security validation within companies?
With the growing adoption of digitization, cyber security has increasingly become a concern for organizations. However, companies are now catching up to the rise of increasingly complex threats and other threat actors, hampering their operations. Continuous security validation provides accurate data on the organizations’ security control performance and helps improve their security infrastructure for continued testing. It also helps to assess the required investment needed to improve security effectiveness in an organization.
Intelligence-led Security Validation helps identify high-priority threats and generates a strategy based on the data of what is posing a threat to the organization. With Mandiant, security leaders and their teams can perform complete, continuous validation of security controls across technology, processes, and people by testing an organization’s security controls against common attacks and threats to prove your security is protecting critical assets.
4. Why reskilling the employees on technology risks is significant for the risk management framework?
With the evolving digital landscape coupled with the rise of digital natives, it is essential that organizations instil a culture of skilling and upskilling to bring their employees up-to-speed with the potential technology risks. With remote or hybrid workforce becoming a new norm, companies must prioritize digital upskilling and plug in the cyber skill gaps.
The emphasis should be on conducting sessions that help in boosting security awareness about the cyber threats/risks, improving cyber hygiene and vigilance while building digital competencies. Companies must equip employees with basic skill-sets regarding system safety. This will help them ensure that there is no data breach, security is not compromised, and day-to-day work is carried out seamlessly. In this era where the work dynamics are constantly changing, companies need to stress on continuous learning and development to enable their employees to be more cyber-competent and robust for years to come.
5. With the cybersecurity landscape evolving, what are the trends that you see will dominate in the coming years?
With the rapid adoption of digital mediums, one should expect a similar increase to security risks or attacks. Attackers regularly change their tactics, techniques, and procedures (TTPs) to evade detection, leaving defenders struggling to keep up. Mandiant’s Security Predictions 2022 Report outlined the trends that will see an uptake in the cyber security space. Some of them include:
Ransomware and multifaceted extortion: The ransomware threat has grown significantly throughout the past decade, and it will continue its upward trend. The business of ransomware is too lucrative unless international governments and technology innovations can fundamentally alter the attacker’s cost-benefit calculation. While we have seen efforts to disrupt operations and hold threat actors accountable, cybercriminals sign up with another platform as part of the ransomware-as-a-service business model to continue their operations.
Deepfakes: The effectiveness of deepfakes in information operations has been discussed in the security community, but state-sponsored and financially motivated actors have also demonstrated a growing interest in this technology. We anticipate that as deepfake technology becomes more widely available in 2022 and beyond, criminal and espionage actors will increasingly integrate manipulated media into their operations, make social engineering more convincing, easily tailor content to specific targets, and defeat some automated identity verification systems.
More use of IoT, More Surface Attacks and Vulnerabilities: In the coming years, we expect to see the continued growth of the Internet of Things (IoT) devices, many of which will be inexpensive and created without real consideration given to security. The number of vulnerabilities they introduce in software and hardware will make it hard for bug hunters to keep up. Because all these devices are connected, we’ll see the available attack surface expand with the potential for profound impact. Unfortunately, there hasn’t been enough emphasis on security in fundamental IoT device design to fix these issues, so the situation will only get worse in the years to come.
