Show News

Subpage Hero

  

Cyber Security World 2022: Strengthen Cyber Security by Shifting to Cloud with Lighthouse Canton's Sumeet Srivastava

Cyber Security World 2022: Strengthen Cyber Security by Shifting to Cloud with Lighthouse Canton's Sumeet Srivastava

In the age of advanced cyber threats, Lighthouse Canton's Vice President - Technology Head, Sumeet Srivastava, shares his thoughts on how organisations can protect their cloud platforms. Get your free ticket to hear more from Sumeet at Cyber Security World Asia 2022 on 12-13 October.

Q: What do you feel is the biggest cyber security challenge facing the BFSI industry within the next year? What impacts does this challenge have? And how can we overcome this challenge?

The first challenge that comes to mind is that while we talk of ransomware and phishing, one of the biggest threats is social engineering. People are often the most vulnerable link in the security chain. They can be tricked into giving over sensitive details and credentials.

Social engineering takes many forms and it is important to keep your employees informed about social engineering tactics and how these threats continue to evolve.

Secondly, AI and machine learning are now becoming essential to information security, as these technologies are capable of swiftly analysing millions of data sets and tracking down a wide variety of cyber threats — from malware menaces to shady behavior that might result in a phishing attack. As AI systems use data sets, you must acquire many distinct sets of malware codes, non-malicious codes, and anomalies. Without huge volumes of data and events, AI systems can render incorrect results and/or false positives, and getting inaccurate data from unreliable sources can even backfire.

Q: Do you have your eye on any specific technology or cyber security strategy that can help financial organisations protect themselves from cyber threats, and why?

We need to go beyond technical controls to build a holistic program that protects the enterprise.

Understanding the true costs and impact of cyber security programs shows that more spending doesn’t necessarily lead to better protection. Companies need to understand how to use organisational structures and governance to enhance cyber security protections.

Companies must focus on their strongest protections on their most important systems and assets. To survive in the age of advanced cyber threats, we need to understand how to apply threat intelligence and analytics. Comprehensive dashboards can accurately identify, size, and prioritise cyber threats for treatment. Information technology, cyber security, and risk professionals need to work together to protect their organisations from cyber threats.

Q: Threats to cloud security and data breach risks are expected to increase significantly. What are some common risks to cloud security or low hanging fruit for criminals, and how do you go about tackling them?

As we move to cloud, we need to ensure that we are clear on the scope for cloud service providers (CSP) and organisations. There are a few things we need to ensure:

1. Limited Visibility

When businesses shift operations, workloads, and assets to the cloud, the move transfers the responsibility of managing some of the systems and policies from inside of the organisation to the contracted CSP. This results in a forfeiture of some visibility into network operations, resource and services usage and cost. Organisations must take care to monitor their cloud services usage with additional tools like cloud security configuration monitoring, network-based monitoring, and additional logging.

2. Compliance Issues

Organisations need to be diligent to make sure they remain in regulatory compliance with the requirements specific to their industry and geographical location. When using cloud-based services for your data, you must ensure that data access and storage needs around Personally Identifiable Information (PII) are being met by the service provider in line with regulatory bodies.

3. Data Loss

Backups are critical as a defensive tactic against data loss, and cloud storage is considered highly resilient due to redundant servers and storage functionality across various geographic locations. However, more and more often, SaaS providers are falling victim to ransomware attacks that compromise customer data — and cloud storage is still vulnerable to the same disasters as anything else.

Q: What would be your biggest piece of advice for fellow technology leaders and cybersecurity professionals who are looking to strengthen their cloud security?

We should ask ourselves few questions to ensure we are aware of the potential threats as we move to cloud:

  • Do we understand the organisation’s current exposure to cyber threats?
  • Do we review the readiness of ourself and cloud providers?
  • Do we evaluate overall risk tolerance?
  • Do we review the readiness of self and cloud providers in the event of an attack? 

I would advise organisations to consult a trusted cloud security advisor in order to benefit from industry best practices and build cloud security into the design. Cloud security misconfigurations expose organisations to risky and expensive cloud security threats, which cause real danger well before the threat can be managed.

Visibility is particularly important in cloud security because you can’t secure what you can’t see. With so many different resources running across multiple public and private clouds, visibility becomes an even greater issue.

Adopt zero trust security in everything that you do for networks, people, devices, data and workloads. Make sure there are security perimeters around each of these areas and that your organisation is only giving access based on minimum permission and privilege levels to both its people and applications.

Q: What do you feel is the value of in-person events like Cyber Security World Asia, and why would you encourage fellow business leaders to attend your sessions?

Such events are great, as first and foremost, it shows how critical cyber security is in today’s world, and we all need to collectively fight against it for our respective ecosystems.

It’s also a platform to hear and meet different minds across the globe who have focus on this and have been working to protect against attacks.

Cyber Security World Asia also gives an exposure to many new emerging technologies and tools in place. The event keeps us up to date on the latest market trends and how we should stay appraised of the new emerging trends in market.

Sumeet will lead a session on Strengthening Cyber Security With a Gradual Shift to Cloud at Cyber Security World Asia.

Secure your free ticket to Cyber Security World Asia at Marina Bay Sands on 12-13 October.

View all Show News
Loading

Sponsors

Diamond Sponsor

  • Threatlocker

 

Platinum Sponsors

  • PacificTech
  • Sophos

Zero Trust VIP Lounge Sponsor

  • beyondtrust

 

Keynote Theatre Sponsor

  • Crowdstrike

 

Theatre Sponsor

  • Microsoft

 

Gold Sponsors

  • Fortinet
  • Barracuda
  • Cloudbric
  • Darktrace
  • Devo

Gold Sponsors

  • Halodata
  • i-sprint
  • Keysight
  • Microsoft
  • Qualys

Silver Sponsors

  • Blackberry
  • Comforte
  • CDNetworks
  • Hackuity
  • Hillstone
  • Horangi
  • logon

Silver Sponsors

  • Flexxon
  • Internet & Idee
  • Illumio
  • Intel741
  • Imperva
  • Thales
  • wiz

Silver Sponsors

  • Carbonite
  • CDNetworks
  • MyRepublic
  • Sangfor
  • Seculetter

Silver Sponsors

  • Ivanti
  • Panorays
  • Mimecast
  • Radware
  • Privasec

 

Silver Sponsors

  • SonicWall
  • Tenable
  • Waterfall Security
  • XM Cyber

 

Silver Sponsors

  • Cysclae
  • Titanium

 

Bronze Sponsors

  • Scantist
  • Toffs Technologies
  • appView
  • Delinia
  • DT Asia
  • Firemon
  • Fortanix

Bronze Sponsors

  • Gatewatcher
  • Cloudnosys
  • Indeed ID
  • PowerDMARC
  • Utimaco
  • Wizlynx

 

Bronze Sponsors

  • Intigriti
  • Thomas Murray
  • Knit Technologies
  • Riskrecon
  • Securosys
  • Telescience
  • UCware

 

Bronze Sponsors

  • nexus
  • socly
  • techfindr
  • atakama

 

Bronze Sponsors

  • Endpoint Cososys
  • Prevalent
  • uSecure
  • Gigamon

 

Bronze Sponsors

  • Apricorn
  • Kanguru

 

Partners

Knowledge Partner

  • BICSI

News Distribution Partner

  • ACN Newswire

Associate Content Partner

  • Uptime Institute

Strategic SEO Partner

  • AdVantage

Strategic Event Partner

  • ISC2
  • Frost & Sullivan

Event Partners

  • AiSP
  • ARC Advisory
  • Asia Cloud Computing Association (ACCA)
  • Asosiasi Cloud Computing Indonesia
  • Fintech Association of Hong Kong
  • Accelerating Asia

Event Partners

  • Best Practice of eCommerce
  • BigDataX
  • CMO Council
  • ISACA
  • CSCIS
  • La French Tech
  • ASME
  • ERMA

Event Partners

  • Practical DevSecOps
  • Digital Advertising Association Thailand (DAAT)
  • DevOps Institute
  • Forrester
  • Singapore Chamber of E-Commerce
  • Plug And Play
  • Co Creation Lab

Event Partners

  • IASA
  • IPI Singapore
  • itSMF
  • IFMA
  • European Data Centre Association
  • GS1

Event Partners

  • KinerjaBisa
  • Logistics & Supply Chain Management Society
  • Michael Page
  • NexChange
  • SG Tech
  • CHIME

Event Partners

  • Singapore Cyber Security Consortium (SGCSC)
  • Structure Research
  • General Assembly
  • Open Connectivity Foundation
  • Smart Asia India
  • Crest

Media Partners

  • ACN Newswire
  • APAC CIO
  • APSM
  • Asia Blockchain Review
  • Asia Research News

Media Partners

  • Australian Cybersecurity Magazine
  • Australian Security Magazine
  • BizClik Media
  • European Data Centre Association

Media Partners

  • Chief IT
  • CIO Advisor APAC
  • Cross Border Magazine
  • AI Time Journal

Media Partners

  • CryptoNewsZ
  • ComputerWeekly.com
  • Cyber Security ASEAN
  • Asia Content News
  • Enterprise Security Magazine

Media Partners

  • Data Storage ASEAN
  • e27
  • Fintech Finance
  • CMO Asia
  • GovTech SEA

Media Partners

  • Jumpstart Media
  • My Security Media
  • Retail CIO Outlook
  • Cybersec Asia
  • Frontier Enterprise – Jicara Media

Media Partners

  • Telecom Era
  • Supply Chain Digital
  • Techwire Asia
  • Gigabit
  • Digicon Asia

Media Partners

  • FutureIoT
  • Marketing Ops
  • Payment & Cards Network
  • Techtarget
  • FutureCIO

Media Partners

  • Wire 19
  • 计算机网络世界
  • Supply Chain Brain
  • Disruptive Tech Asean
  • FutureCFO

Official Partner Hotel

  • MBS

Held In

  • SG

Supported By

  • SG

  • Hillstone