9.6 C
Sunday, May 26, 2024

Security Is a Big Data Problem

Must read

Khushbu Raval
Khushbu Raval
Khushbu is a Senior Correspondent and a content strategist with a special foray into DataTech and MarTech. She has been a keen researcher in the tech domain and is responsible for strategizing the social media scripts to optimize the collateral creation process.

As cyberattacks get more sophisticated, Changming Liu, CEO and Co-founder at Stellar Cyber, talks about how its platform addresses the complexity of cyberattacks and why it’s essential for organizations to have high-speed, high-fidelity threat detection and automated response across the entire attack surface.

Changming Liu, CEO and Co-founder at Stellar Cyber, delves into the evolving cyber threat landscape, underscoring their platform’s role in addressing attack complexity. The platform’s emphasis on high-speed, high-fidelity threat detection and automated responses is crucial for organizations navigating the intricacies of modern cyber threats. From enhancing security agility to mitigating risks across diverse industries, Stellar Cyber excels in real-time analytics and proactive approaches, particularly in detecting ransomware and countering the challenges of increased digitization. 

Liu stresses the significance of prioritizing customer identity protection and integrating third-party threat intelligence, encapsulating a leadership motto centered on transparency, meritocracy, and teamwork. In the dynamic realm of cybersecurity, Liu’s insights spotlight the necessity for adaptive and integrated solutions to combat the evolving cyber threat landscape effectively.

Excerpts from the interview;

How do enterprises achieve the required security and agility from the latest tools in a way that will positively impact their business operation?

Companies spend millions on securing their infrastructure, but attacks are increasing and growing more sophisticated every day. Analysts are besieged with alerts, many of which are meaningless, and it takes days, weeks, or months to discover some complex attacks. Stellar Cyber addresses this problem by aggregating alerts into incidents and prioritizing them to be easy to spot.

Traditional siloed approaches to security leverage one or two dozen discrete tools, each with its console, and it is left to analyst teams to correlate alerts to discover an attack manually. XDR, which we translate as Everything Detection and Response, pulls data from all security tools into a central dashboard and analytical engine, correlates that data, and up-level thousands of alerts into a dozen or so incidents. This process makes analysts much more productive and enables them to spot and deal with attacks quickly.

Most businesses are working remotely. How has the shift to remote working impacted cybersecurity?

Remote working has blown up the traditional concept of the Security Operations Centre, typically a windowless room with a dozen or more oversized monitors and rows of security analysts watching them and responding. Now, analysts work from home or in distributed global locations, so enterprises need to use distributed, web-enabled security tools to support this new environment.

What are some of the industrial sectors that Stellar Cyber caters to?

We reduce enterprise risk more cost-effectively. We reach our customers through channels, distribution, resellers, and managed security service providers (MSSP).

Our platform benefits all kinds of businesses, including manufacturing companies such as Gepp, financial services and regional banks such as the Government Savings Bank of Thailand, higher education institutions such as the University of Zurich, and government agencies such as Indonesia’s tax department. 

What are the applications, or rather opportunities, you seek to have with your product?

Simply put, modern attacks are causing customers to react, re-prioritize budgets and reflect and challenge best practices that seem to be breaking down. If the weekly major breaches are not enough evidence of that, our rapid growth demonstrates that we see a clear need.

The use cases that help us shine are the early stages of a ransomware attack using our powerful AI engine or an attack through a SaaS application such as Microsoft 365. Security today is a big data problem, analytics matter, and you need them in real time. Stellar Cyber helps teams see patterns in the noise faster and more cost-effectively than any traditional solution.

With the advancement of digitization in businesses worldwide, how are cyber threats becoming more sophisticated?

Increasing digitization increases the number of attack vectors in an organization. After all, you can’t hack a manual typewriter. Our platform addresses the increasing frequency and complexity of cyberattacks by pulling all data into one intuitive dashboard, automatically analyzing that data, and, in many cases, automatically responding to threats through legacy security systems such as firewalls.

Regarding security intelligence, what should cybersecurity companies do to protect Customer Identity Information?

Customers identify the information as no more or less important than financial or intellectual property. The answer is always the same – gain more visibility into your digital systems, monitor closely for anomalous behavior, and respond quickly to block attacks in progress.

Stellar Cyber integrated third-party threat intelligence feeds into its everything detection and response (XDR) platform. Tell us about it.

We coined the idea of Open XDR  because we integrate data from existing third-party security tools and telemetry into our platform’s analysis of cyber threats — this ensures customers retain investments. 

We first normalize all data (standardizing its format) upon ingestion by our platform, which allows our AI engine to evaluate it properly. The AI engine automatically hunts for threats, prioritizes them by order of severity, and indicates where threats are located and what to do about them. Our platform often interacts directly with third-party tools to block threats. For example, if our platform detects malicious activity through a particular firewall port, it can command the firewall to block that port.

What is that one leadership motto you live by?

Focus on building a strong culture of transparency, meritocracy, and teamwork.

More articles

Latest news