ESDS - An early adopter of AI/ML based security products and fully automated solutions as part of its SOC

Dr. Rajeev Papneja
Chief Growth Officer, ESDS Software Solution
 

Preparedness to face challenges of data security:      
ESDS is into providing Managed Datacenter and Cloud enabled services with its Tier 3 Datacenters. One of the core offerings from ESDS is its SOC services. So the question really becomes all the more important for us because we are taking responsibility of securing data of hundreds of organizations. And add to it that our biggest clientele base is from Government and BFSI sector. The threat landscape keeps on increasing with each passing day. The speed of cloud adoption, use of IoT in smart cities, BYOD, and sudden shift to remote working has undoubtedly created an unprecedented opportunity for the attackers.

With the above context, as a Datacenter we have to, and have always been ahead of time in case of technology adoption. ESDS had already started using AI/ML based security products and fully automated solutions as part of its SOC few years back. These solutions not only analyse operational security data and detect cyber threats/vulnerabilities, but also respond to security incident threats in real-time. Through the combination of Dynamic Threat Models, Machine Learning (ML) and Artificial Intelligence (AI) with contextual and situational awareness, proactively surface threats that matter, and automatically contain and eliminate them in real time. While we had certified security resources in SOC, we made sure that all senior people in the organization have adequate cyber awareness. ESDS has its indigenous security products & solutions such as Web application Firewall, Web VPN, Vulnerability scanner etc. We have built our own SOAR stack using various tools and technologies.

On the server and storage front, while data at rest and data in motion was good enough till now, attacks have started surfacing up during processing, and to mitigate them we are embracing confidential computing. We have deployed a zero trust architecture for utmost control and of course the traditional stack comprising of the perimeter firewalls, IPS/IDS, Virtual firewalls, SIEM, use of appropriate encryptions, DLP etc. all the way to robust processes and role based access for people have always been in place, backed by regular audits. Automation is the mantra for surviving in near future and we are banking on it.

The best practices adopted for remote working:
Being an IT organization, work from home was not something new for the employees at ESDS, more or less we were set to work from anywhere. We had our own security solutions that enabled the staff without much hassle to work from home. We were already using collaboration platforms in our daily work lives, so that was also nothing new for us. As part of best practices, our HR was mainly focused on making sure that people try to maintain work life balance by being reasonably productive.

Role of CISOs: 
CISOs have become as powerful as the CFOs. A thin crack in the security framework, and the organization can crumble down because reputation in digital world is equally important as finance. Sudden change in the way world will be operating going forward has opened up ways for plethora of attacks, and vulnerabilities that were never thought of were exposed. The CISO role shall now be mainstream and not simply technical as it used to be wherein traditionally CISOs were more responsible for figuring out the tools to maintain the security posture and take care of incidents or create a security architecture. Going forward they shall have the leadership seat in business arena and the most important skill would be to explain the risks in business terms to the board, in a language that is non-technical.