In association with Softcell, ARCON conducted an exclusive webinar on 16th October, 2020 to discuss “Decoding Cybersecurity with User Behaviour Analytics”.
Mr. Lalit Popli, COO, ARCON, was the speaker of this webinar and he highlighted the modern aspects of cybersecurity and how ARCON’s advanced solution User Behaviour Analytics (UBA) is taking a front seat to manage cyber risks. Today, while the entire world is struggling with complex IT security, ARCON | UBA enables IT administrators to take control of the situation. Below are some highlights of the session along with key takeaways.
In the current IT environment, most of the organizations are experiencing doubling of data storage, doubling of bandwidth, doubling of users across the IT periphery. Global IT users have expanded to more than 75 million and e-commerce transactions have risen up to 18 crores due to the pandemic. Considering the Indian perspective, we can truly say that the Indian economy is marching the E-way. Simultaneously, in cyberspace, as we all know, the dangerous intrusions and attacks have increased dramatically. It has led to a lot of exposure to sensitive personal and business-critical information. It is also creating disruption in many critical IT operations of the organization. As a result, higher IT security costs are affecting the enterprise budget as well. Needless to mention, protecting all the cyberspace critical infrastructures from attack, damage, misuse, or espionage has become ‘need-of-the-hour’ for all IT security practitioners.
- BFSI being the major targeted industry of all industries, today we see new IT challenges appearing for sectors like Government, manufacturing, healthcare, telecommunications, postal & shipping, transportation, energy & utilities, food & agriculture and what not? But what are the predominant challenges today? Mostly, traditional IT infrastructure, architectural loopholes, inherent vulnerabilities, uncontrolled rise of IT users, innumerable access points are the major reasons behind unprecedented threats. With the advent of AI ML, removing 100% malicious elements is highly challenging at this point of time, especially when the entire world is managing day-to-day operations remotely.
- The evolution of the pattern of attacks is interesting. The extent of complexities has risen up towards something more challenging. Way back in the 1980s it all started with antivirus and firewalls. Then it moved into intrusion detection and prevention, DLP engine, application-aware firewalls and then moved towards insiders, and analysis of network activities inside your organization. The next part of the session entirely focuses on the insider’s point of view – people who access critical applications and systems in the organizations’ IT infrastructure daily and how ARCON’s UBA can be the best-fit predictive solution.
ARCON | User behaviour Analytics (UBA)
Almost 70% of data breaches happening worldwide are due to malicious insiders. The figure must have risen up during the post-pandemic era. ARCON | UBA is transforming the way Information Security is approached today. It essentially runs with the policy ‘do what you want but we will assess and monitor you seamlessly’. The AI-ML component, which understands the behavior pattern of end-users or a deviation from the baseline activities, considers it as anomalous behavior, and flags to the administrator. For example, if a user downloads 10MB of files every day but suddenly downloads gigabytes of files, the system would detect it as an anomaly and alert the admin immediately.
Why is it required?
UBA is required to reinforce the enterprise security framework, primarily from the end-users perspective. It helps the enterprises to implement secured access control. The IT security team can monitor remote users, especially in this pandemic situation where all of the employees are working from home and chances of data misuse is too high. Not only that, the organization might stay unaware of the breach incident which might inspire the malicious actors to proceed with the further wrongdoings.
What are the key features?
In ARCON | UBA there is a lot of analytics, good reporting dashboards, alert mechanism, and there is also an AI ML engine behind it, which profiles the user.
- Session Monitoring: It enables recording of all activities performed by an end-user on the desktop along with a screen capture through a web-based engine that stores and analyzes user behaviour.
- User Restriction: It is useful for restriction of any specific activity (apparently irrelevant and suspicious) of any IT user.
- Privilege Elevation: It mitigates malicious insiders and prevents data breach risks by discarding a large number of privileged users. It provides flexibility to enterprises with on-request admin rights for a designated period so that the end-users can access the critical applications after a valid approval.
- Productivity Enhancements: It enables to boost overall productivity as it helps to generate performance reviews whether there are any security violations or suspicious activities. It allows an enterprise to safeguard against any anomaly at the end-user level.
- Meeting Compliance: ARCON | UBA empowers enterprises to meet various compliance requirements (eg. EU GDPR, PCI-DSS, SOX, HIPAA, SWIFT among many others) by offering real-time threat alerts over any misused privilege.
- Behaviour Analytics: This tool enables to identify any malicious elements in the enterprise network by detecting any kind of deviation from the configured baseline activities.
- Live Dashboard: Live dashboards benefit IT administrators to keep control over IT operations and governance. The all-encompassing reporting mechanism raises immediate alerts on live dashboards.
- Dynamic Report: ARCON | UBA’s programmatic approach strengthens security and compliance framework by generating dynamic reports to keep a real-time track on the misuse of privilege access and odd internet access hours, extensive printing activities etc.
The Bottom line
Today cyber incidents have become so sophisticated in nature, that the root-cause of any breach incident remains undetected resulting in ‘no solution’ situations. In a remote environment, it is absolutely impractical to monitor hundreds or even thousands of end-users in a typical IT setup. Hence, organizations count on modern user behavioral security tools to predict and prevent risks. According to Gartner, UBA is expected to be the solution for 80% of cyber threat prediction inside enterprise networks of global organizations by 2022.
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Secure Compliance Management is a vulnerability assessment tool.