Ammar Enaya, Regional Director, Middle East, Turkey and North Africa, Vectra, argues that new behavioural analytic techniques will reduce the total number of security tools in use within security operations, less is going to be more.
As nations and organisations in our region increasingly become digital enterprises, the protection of data, services, and infrastructure has become a high priority. Provision of local cloud services will be a core contributor to may digital transformations too. These factors are drivers that will see around $1.9B spent on Enterprise Information Security in the Middle East and North Africa region this year.
Cloud architectures are plagued by security vulnerabilities and The SANS Institute says that one out of five businesses were hit by unauthorised access to their cloud environments in the past year.
As more enterprises turn to the cloud for greater operational scale and cost efficiencies, it is critical to address these security vulnerabilities, so businesses can innovate, free from external threats.
Couple this with a significant cybersecurity human resource and skills gap, and we have a market opportunity to address strategic security challenges for our customers through automation of threat detection and response.
Security operations is going to take a major shift to behaviour-based methodology for threat detection and response. Companies are already performing a stack ranking on the tools they have and the ones that do not make the cut are going to be out. There are too many tools in the toolset and companies do not want to pay for these anymore.
New behavioural analytic techniques will reduce the total number of security tools in use within security operations today. Less is going to be more.
AI powered, behaviour solutions allow the post-perimeter monitoring of international networks, datacentres and cloud instances — areas which are common blind spots for many organisations. Operating at machine speed, these solutions empower security teams to work at previously unattainable levels of efficiency to identify, understand and respond to active attackers before a full-blown breach can occur.
Continued advances in AI are also making it easier to automate many laborious security tasks, reducing the barriers to entry into our profession. This is creating more opportunities for new entrants and means that entry level roles will no longer need as much hands-on experience — these are people who traditionally would be unable to take on these positions without significant further education, professional development, and substantial experience.
This enables them to quickly ramp up to being productive members of the cybersecurity team by using AI to empower them. This is good news for the profession, given the massive human resource talent gap we are currently facing.
Powered by AI, Vectra and its flagship Cognito threat detection and response platform enable organisations to automatically detect and respond quickly to hidden cyberattacks in cloud, data centre and enterprise environments.
The Cognito platform consists of Cognito Stream and its equally powerful AI counterparts, Cognito Detect and Cognito Recall.
Cognito Stream delivers enterprise-scale network metadata enriched with security insights in Zeek formally Bro format to data lakes and security information and event management SIEM applications without the complexity, constant tuning and scale limitation of open-source Zeek.
Cognito Recall is an investigative workbench that enables AI-assisted threat hunting and conclusive incident investigations while Cognito Detect automates the real-time detection of hidden attackers from cloud SaaS, cloud IaaS, and data centre workloads to user and internet-of-things IoT devices.