Cyware CTO talks about banding together to fight cyberthreats

Image courtesy of Cyware

Computer security has steadily evolved over the years, but not necessarily for the better.

During the 1970s and 80s, it was focused mainly on academia. The growth of the internet in the 1990s led to the spread of computer viruses and the popularity of antiviruses; while the 2000s saw the institutionalisation of cyberthreats.

Since the 2010s, large-scale cyberattacks and government regulations have emerged.

Today, cyberattacks have become common occurrences, especially with the spread of the COVID-19 pandemic, and cybersecurity seems to have become a futile exercise as breaches are now almost certainly inevitable.

But what if organisations pooled their intelligence to more effectively respond to cyberthreats? That’s the idea behind Cyware’s global collective defence network.

Frontier Enterprise recently got in touch with Cyware CTO and co-founder Akshat Jain and asked him about this idea of collaborating cybersecurity efforts through shared intelligence. He also discussed Cyware’s technology goals, the future of cybersecurity, and more.

You co-founded Cyware with CEO Anuj Goel in 2016. What have been the highlights of your time there so far, and what are the most significant changes you’ve seen since then, specifically when it comes to cybersecurity?

Anuj and I founded Cyware with a vision of building a self-responding collective defence network that drives cross-sectoral collaboration at industry scale through next-generation cyber fusion centres.

From our experience in leading large teams in the technology and security domains for global corporations, we recognised the shortcomings of the siloed, reactive, and manually driven security processes employed by organisations in the past. The lack of security collaboration further adds to these challenges as technology infrastructure keeps expanding at a breakneck pace.

We set out to help organisations overcome these challenges and transform the security landscape by creating a unified cyber fusion centre that forms the core of a self-responding collective defence ecosystem.

Today, organisations are taking a more proactive stance against cyberthreats while improving their SecOps processes, efficiency, governance, and strategy through threat intelligence operationalisation, security orchestration and automation, and cyber fusion capabilities.

Could you talk to us about your global collective defence network? What are the organisations and countries involved in this initiative? How will this collaborative defence work?

Today, cyberthreats are a shared challenge for organisations of all sizes across both the public and private sectors. To manage the growing cybersecurity risks, organisations need to work together to collectively fend off critical threats.

Cyware is building a global collective defence network through its cross-sectoral, threat-intel-sharing platforms that connect all the stakeholders within an organisation, as well as its business partners, vendors, industry peers, national CERTs (computer emergency response teams) , information sharing communities (ISACs/ISAOs), and others.

Through this network, organisations can share strategic, tactical, technical, and operational threat intelligence in real time to ensure a timely response to various threats.

What are Cyware’s top technology challenges in this age of COVID-19? What are its technology goals for 2022?

Despite the shift to a hybrid work environment, the Cyware team found ways to maintain communication and collaboration, double the team size, and continue the pace of our work to build security solutions during the pandemic.

Cyware, in fact, launched new solutions to address the threat intelligence needs of organisations with small or no dedicated threat intel teams, and for ISAC/ISAO members to operationalise threat intelligence in a trusted sharing environment.

For 2022, Cyware will continue working on its cyber fusion, security orchestration and automation (SOAR) product, connected threat intelligence (TIP) solutions, and situational awareness platforms with a focus on building a self-responding collective defence network.

Apart from your collective defence initiative, what are some of the most exciting developments in the Cyware labs at the moment that will help the ongoing fight against cyberattacks?

Cyware is building a next-generation cybersecurity infrastructure through its cyber fusion, SOAR, TIP, and situational awareness platforms. We are helping security teams adopt a threat-centric and security-orchestration-driven approach to cybersecurity.

Cyware Academy is yet another initiative by Cyware to train our customers, partners, and other stakeholders in leveraging our threat intelligence and SOAR solutions.

How do you envision cybersecurity platforms will evolve within the next three to five years? How has the increased need for digital transformation affected today’s cybersecurity landscape?

The pandemic has escalated the use of digital technologies and led to the adoption of remote work for organisations of all sizes and across many industry sectors. This has caused drastic changes in the security risks for organisations as their technology infrastructure becomes increasingly distributed.

Threat actors are capitalising on the new extended attack surface with endless attacks on remote access solutions, virtual collaboration tools, and the software and hardware supply chains.

Ransomware attacks and social engineering campaigns exploiting ongoing trends continue to be major threats as well. In the continual game of cat and mouse between the defenders and threat actors, the addition of new technologies into the mix only creates more security risks.

In order to cope with rising cyberthreats, innovation in the cybersecurity domain is needed to help organisations accelerate their threat response and management capabilities.

Organisations, for long, have relied on legacy ​​security operations centres (SOC) that lack cohesion between different security functions, and are slow to react against today’s fast-moving threat actors.

It is time to focus on building next-gen SOCs that embrace security orchestration to drive security processes across a variety of IT and security tools and technologies with extensive interoperability and collaboration.

Moreover, organisations must leverage automation to combine machine capabilities with human expertise to accelerate threat response and management workflows and improve the overall performance of their security teams.

Through automated information exchange and actioning across a diverse range of security tools, security teams can enhance their readiness against ransomware threats, supply chain hacks, nation-state adversaries, and other critical threats.