Retrospective: NASSCOM Cognitive Security Meet – 2017

With a rapidly evolving technology innovation landscape, a paradigm shift in our approach towards security is necessary. The transition of the outlook towards cyber security in India is changing from reactive risk mitigation approach to a more holistic readiness to protect against the escalating cyber threat landscape. Management attention of various organizations to Cyber security at the Board level in the Enterprise and PMO in Government has increased. The Best Practices Meet threw light on use cases and aspects of cognitive computing that are shaping the security technology market. The two – day meet touched upon topics like DevSecOps, GDPR implementation, cyber defense centers, AI, machine learning and the likes.

Mayank Lau and Shomiron Das Gupta of Data Security Council of India (DSCI) opened the first day with a  Cognitive security workshop. The workshop focused on bringing about the differences between using Machine Intelligence and Business Intelligence, finding patterns/insights in the data. It further emphasized on creating an ecosystem where capabilities of cognition could be used to deliver intelligent, lightweight products of minimal complexity.

DevSecOps, a practice that has been pegged as the antidote for security pain points in product development was deliberated upon in two panel discussions.  Echoing the very essence of DevSecOps that we45 has been practicing, it emphasized the role of DevSecOps in helping organizations develop quality and secure products by implementing security in the overall development process. It underscored the importance of setting up a common ecosystem for an organization’s activities which ease out security checks, patch management for security and the likes.

Security by design, a lean concept, was further explored by inquiring into methods like least privilege access, defense in depth, minimising attack surface, providing and maintaining traceability to requirements, threat modeling, usage of least vulnerable third party OSS components, usage of SAST and DAST tools, performing third party OSS vulnerability checks and so on. In addition to the principles of secure design, importance of security patch release management, patch management for AI modules, discovering unknown vulnerabilities , usage of Machine Learning to detect changes in the code for breach management were also discussed.

Amita from we45 in discussion with the panel

The second day opened with panel discussions on Cognitive security and self-learning systems.With the help of use cases, the discussion tried to identify the underlying capabilities and possibilities cognitive computing brings, the impact of cognitive computing in different domains and ways in which cognitive computing helps to tackle security problems.

Adding a layer of AI to Threat Intelligence and hunting operations was something that caught my fancy. The insufficiency of traditional signature based methods for attack detection, security solution evolving from being threat based to unified solutions, emphasis on technologies like AI, Machine Learning giving a significant boost to an organization’s security operations and threat intelligence centers and future of AI based cyber security were discussed.

A short, yet interesting session deliberated about “Reposing trust in the citizen identity system” – the session emphasized the importance of having a unique identification number, the security issue it poses. A  panel discussion between the security heads and lawyers saw many important questions being answered.

An interesting talk by Sahir Hidayatullah, CEO, Smokescreen, covered topics like adversarial machine learning, finding patterns and scaling, network isolation and cryptography, mirage maker, attacks against the ML algorithms, applying traditional military history methods to cyber security, threat hunting, reconnaissance, intersection of methods of defence and attack, Honeypots / deceiving the attacker, modelling based on the thought processes and actions of the hacker, early threat detection, freezing/isolating compromised parts of the system etc.

The event ended with a plenary session on the Ramification of AI, IoT, Industries 4.0, Blockchain and Encryption dominated world on life, society and economies and the need for decisive policy intervention.  They enquired into the need for India to bring these areas on its policy agenda and all the related issues to be addressed, the ongoing policy initiatives related to AI IoT Blockchain Encryption and Industries 4.0, the role of policy intervention to boost the development and adoption of these technologies.

The conference tapped into interesting areas of the ML ecosystem. As interesting as the test cases were, the translation of theory into implementable ideas was missing from the deliberations. It’s commonplace for practitioners to wrap cyber security and AppSec into the same fold but, addressing the diversity in applying AI to both these domains is the need of the hour.