Hello and welcome. My name is Pritijit and we are bringing you the latest from TCS Research and Innovation. In this episode, Gaurav Banga, founder and CEO of cyber security startup Balbix, will discuss artificial intelligence and cyber resilience. Gaurav will also talk about the threat landscape for enterprises, how to leverage artificial intelligence in order to address cyber risk challenges, and how to automate cyber security processes. Welcome to the show Gaurav. You have to start off. Could you please take our listeners through the current threat landscape for enterprises? That the enterprise attacks surface as you digitalize the enterprise is massive and is growing rapidly. There are practically unlimited ways in which adversaries can attack and compromise a network. Cyber security is analyzing it. Improving it is not a human scale problem anymore. You cannot improve your cybersecurity posture. Using the tools that worked in the past, so which is why you recommend that artificial intelligence should be brought into the picture. So if you look at the first step that you need in order to improve your security posture or your cyber hygiene, you need to know what you're defending and what the current state is. And you need to be able to measure any improvements that are happening, what outcomes you are achieving in terms of actual reduction of breach risk. So if you look at a modern enterprise, the number of factors that go into the calculation of cyber risk is in the hundreds of billions. These are the threats, the vulnerabilities, exposure, behavior of users, different business criticality of different application and assets. Ultimately, the effect of your projects and mitigating control that you already have in play, you cannot solve this using traditional methods. AI is on the other hand, is particularly good at allowing you to see what your risk heat map looks like by analyzing all of these billions of factors. That go into your risk calculation so that using AI we can also then prescribe specifically the initiators that you should take so that you can reduce your breach risk in a measurable way. So what are the things that enterprises should do to tap into artificial intelligence and automate the cyber security processes? So the first thing you need to do is establish visibility. Without visibility, without knowing what you're defending or being able to measure how your cyber security posture is improving. You got nothing. The second thing after you got visibility is to establish what we call strong identity, which is that you must know what specifically what assets, what devices, what applications, what users are active on the network and be able to ask are they authorized or not authorized. After that you need to get into this next level, which is about making sure that your vulnerability are managed according to risk. It means that the things that are critically important. For which you have a real threat and a real exposure. They need to be addressed right away and things that have a lower threat can be addressed maybe next week. And the things that do not have a practical threat, you don't need to waste any resources on it. We call this risk based voluntary management. Then after that you need automation, which is intelligent automation such that all the mediating, remediating steps you're taking, they should be automated as much as possible with all of the intelligent context that is available. And then last but not least. Now you can get into some advanced cyber resilience items, like being able to segment your network based on dynamic risk and being able to even play subterfuge where you pretend you make attackers believe that they have compromised certain parts of your network, but they really haven't. Thanks Gaurav. This is very helpful. Now could you please take us through the concept of cyber resilience? So cyber resilience is that the ability of an organization to limit the impact of cyber attacks. The assumption is that they will be failures, either failures or software. IT has a security bug or failures of human beings who click on the wrong things. So these failures will happen because of the scale of the uprise. Can we arrange things? Can we arrange our network infrastructure or policies in such a way that even when these failures happened, it doesn't become a systematic breach? That quality is called cyber resilience and there are systematic ways by which you can go about and improve your cyber resilience, and AI and automation play a very important role in that. Right. So how do you build the required skills for a better, stronger and more cyber resilient enterprise? Human beings are key to being able to improve cyber resilience by educating and training people so that they understand the concept of the fact that security can never be perfect and the objective is cyber resilience, not absolute cyber security. And then also train them on some of the advanced tools that are available that use AI for understanding your organization. Orchestration for automation And then now you have all the raw ingredients that you need to be able to take the appropriate tools and products and help your customer transform their service security posture. What is happening unfortunately right now is most of us are still training people unsuccessfully to be able to use legacy tools. Unfortunately, legacy tools are no longer able to keep up and we should just move away and try to get our people to understand that. Cybersecurity can never be perfect. Our goal is cyber resilience and start picking up the new tools that are cyber resilience enhanced. Most organizations focus on cyber security only after an attack. So what kind of steps should they take in order to be more committed to cyber security? And that's a great question. So if you look at service security in all its details, it is fairly technical. Unfortunately, a lot of senior management board members CEO CFO's are not experts in service security. So the first problem that happens is that when the seesaw tries to explain the nature. Their talk technology and they have trouble trying to map it on to business risk items. The second problem has been the Traditionally service security has been project oriented. What that means is that the Seesaw goes and asks for funding for project ABC and D and the board and the CFO CEO. They agree just because they feel that doing those projects will keep them out of trouble. Needs to happen though. These discussions should have outcomes attached to them, outcomes that are quantifiable in terms of breach risk reduction. So cybersecurity needs to become a lot more outcome oriented away from being project oriented. When that dialogue starts between the senior management Board of Directors, C-Suite and the security team, then we will have the right funding, the right decisions being made and will enable cyber security posture to get better. And then reach rest together. Proactively avoided. Thank you, Gaurav to our listeners. Until next time, stay tuned.