IT Brief Australia - Technology news for CIOs & IT decision-makers

Video: 10 Minute IT Jams - An update from BlueVoyant

Tue, 4th Jul 2023
FYI, this story is more than a year old

Cybersecurity is getting smarter. With the ongoing surge in digital threats and sophisticated hacks, companies in the Asia-Pacific and Japan (APJ) region are seeking innovative solutions to protect their networks, brands, and increasingly complex supply chains.

Sumit Bansal, Vice President of the APJ region at cyber defence company BlueVoyant, believes the answer lies at the intersection of cutting-edge technology and highly skilled human expertise. In a recent interview, he shared insights into how his company is responding to evolving security challenges and what organisations can do to safeguard themselves in an era of relentless cyberattacks.

"When we get in front of Chief Security Officers, there are three things they care about and they always ask the same questions," Bansal explained. "So how are you going to protect my network and my organisation? Are you going to protect my brand and my reputation? And how do I protect myself against threats brought in by my suppliers and vendors?"

Bansal described BlueVoyant as a company that has "built an AI machine learning platform, a data analytics platform, combined with human beings who come from national security agencies around the world." This hybrid approach allows his team to deliver security services across three crucial vectors: monitoring internal networks, illuminating external relationships with suppliers and vendors, and protecting brand presence across the digital landscape, including the clear web, deep web, and dark web.

"These platforms allow us to reduce the noise for customers," Bansal said, addressing a common pain point for large organisations inundated by a flood of security alerts each day. "Organisations will have security operation centres of their own, but the challenge they have is that they are managing so many alerts they don't know which one's benign and which one's malicious, and they might be chasing the ones that are not really malicious while the dangerous ones can escape and cause damage. We can remove 90 percent of that noise through our AI machine learning engine, and then the 10 percent goes to a very highly skilled analyst who can investigate and manage those alerts for the customer."

The threat landscape itself is evolving, particularly with the emergence of generative AI, which Bansal noted is rapidly becoming a popular tool for hackers. He recounted, "We saw an incident where someone demonstrated they could create 1,000 fake websites in a day." To combat this, BlueVoyant is focused on making its AI and machine learning engine "as robust as possible, to weed out these incidents".

"The machine learning platform can only be as good as what information we feed to it," Bansal added. "So we have data scientists who help label and correctly address the right sector of threat, making sure that we can catch those and put in enough security content to stop these kinds of threats happening for customers, well before they become a trend in the market."

One problem that has soared in recent years is supply chain breaches, particularly in the APAC region. These attacks exploit vulnerabilities in third-party vendors and suppliers, who may not have the same rigorous security standards. Bansal pointed out: "When organisations are bolstering the internal network by using managed security service providers like us, they are stopping hackers from coming in directly. So what hackers are looking for is weaknesses where they can traverse and attack the organisation–they look for any relationships the organisation has with vendors and suppliers. If your supply chain ecosystem as an organisation is not being secured, there is a chance that if they are compromised, not only will it cause a breach, but also a disruption in the supply chain."

Tools to exploit these weaknesses, he said, are "very easily available on the dark web," making vendors with misconfigured or unpatched systems easy targets. This, in turn, puts pressure on organisations to adopt holistic cyberdefence strategies that account not only for their own assets, but for the full spectrum of third-party connections.

Responding to these complex realities, BlueVoyant's product development teams have created a platform that combines internal and external cyber security views. "What we are doing is combining them through one platform, providing customers with an internal and external cyber security view, and that will give them a much better way to fight against threats," Bansal said.

He explained that data privacy is a major focus, especially for customers in Australia, New Zealand, and across Asia: "Customers are very concerned about that–are you touching my raw logs? I don't want you to be in my environment, I want full visibility of what you're doing for me. We've built our solutions around making sure that we work in the customer's environment. They don't come to us, we come to them."

According to Bansal, BlueVoyant's offerings are flexible. Some customers prefer a fully managed service, while others, who have invested in their own security operation centres, opt for a co-managed approach. "We provide them the platform that takes away the noise and they can manage those alerts and do the investigations themselves. That way, they have better control over their environment and also good justification to senior management on the investment they've made in their security technologies," he said.

On the question of infrastructure, Bansal stressed that their global model is a direct response to the borderless nature of cybercrime. "Threat actors use the power of the web, the power of the internet so they can be anywhere and they coordinate with each other," he said. "It's not necessary for infrastructure to be in Australia or New Zealand. What we've built is a platform that's global, and a team of experts that reside in Europe, the US, and Asia."

Despite its global reach, BlueVoyant is investing in local teams for the APJ region. Bansal said: "We're pulling people on the ground to help consult with customers and help them understand where the gaps are in the environment and how we can help mitigate those risks. I have a delivery team also based out of this region that does some of the professional services work that needs to be done upfront to make sure their environments are ready to be managed properly."

In an era of mounting cyber threats, Bansal remains adamant that a combination of advanced technology and expert human oversight is crucial. "We look forward to helping more organisations in the region find confidence in their digital security," he said.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X