“An intelligent system that provides alerts about possible attacks and recommends steps to proactively prevent threats by analyzing behavioral patterns is an absolute necessity.”
Please tell us a little bit about your journey in this industry and how you started at ManageEngine.
As Vice President and working at ManageEngine for over 20 years, I have been a part of its journey throughout from being a bootstrapped startup to becoming an enterprise software company. Throughout that experience, I have focused on building solutions for complex industry challenges in cybersecurity, identity and access management, cloud, and the Microsoft ecosystem. Currently, I spearhead a team of passionate engineers, marketing experts, solutions consultants, and product managers who are IT enthusiasts at heart, committed to changing the status quo of major business challenges with an intuitive and solution-centric approach.
The last two years have accelerated digital transformation for businesses of all sizes and stature. What are the most challenging issues facing a modern CIO today?
The pandemic has dramatically influenced technological advancements. It has been a primary driver for cloud adoption. The sudden change hasn’t given CIOs sufficient time to strategize and carry out the technological adoptions. The lack of a proper strategy has resulted in overworked IT teams, which is the fundamental cause of the quiet quitting that the industry is currently facing. Additionally, in cybersecurity, adversaries have nefariously leveraged this strategy gap to launch attacks. Cybersecurity is also facing a talent shortage.
With these conditions, the biggest challenge for CIOs is bringing the IT security and operations team on board with an optimized strategy that communicates clear objectives to reduce the team’s workload and thereby reduce the risk of quiet quitting. A strong, clear strategy will help CIOs with effective budgeting, especially with today’s economic uncertainties. Realigning security strategies with the current market conditions is essential to optimally running security operations despite the talent shortage. It’s also needed to control the costs incurred due to data breaches.
Read More: CIO Influence Interview with Andrew Hollister, Chief Information Security Officer at LogRhythm
How does your unified SIEM solution benefit large-sized IT organizations?
Modern enterprises are vastly distributed and are not restricted to an on-premises network. They have complex network architectures. Some of them have hybrid environments while others work with multi-cloud ecosystems. The biggest challenge of such environments is that they lack visibility and context, which are crucial for tackling sophisticated threats. An enterprise needs a security ecosystem, such as a cybersecurity mesh that unifies the distributed security consoles and provides a holistic view of the enterprise’s security posture.
SIEM solutions have evolved. They now act as a consolidated platform. Different security tools, such as UEBA; SOAR; integrated DLP; and threat detection, investigation, and response, have become critical components of a SIEM solution. Furthermore, this consolidated platform has capabilities to integrate with other security ecosystems and bring value-adding data that steps up security. This unified SIEM solution will be the stepping stone for larger enterprises to adopt a larger cybersecurity mesh architecture, such as SASE, and thus will help them stay ahead of adversaries.
You recently added a security and risk posture management dashboard to Log360. Could you tell me more about these features and how you plan to take these to the customers?
The recent economic downturn will force businesses to review their costs closely. Security operations teams are going to be put under immense pressure, because they are already understaffed and will bear the cost of any cyberattacks. Surging cyberattacks will be the primary driver for enterprises to rework their security strategies. This involves not only strengthening the enterprise’s reactive approach but also adopting technologies that provide proactive capabilities to prevent the enterprise from falling prey to attacks.
Log360’s security and risk posture management dashboard is built to address this timely need. Our recent survey has revealed that more than half of IT professionals in the United States consider identity-based threats to be the most impactful. Our security and risk posture management dashboard will help enterprises harden their Active Directory platform by offering visibility into high-risk profiles, systems, and vulnerabilities so enterprises can effectively prevent identity-based threats.
With Log360’s threat detection, investigation, and response; ML-based UEBA; and SOAR capabilities, enterprises can step up their defenses. The new enhancement will help our customers adopt proactive strategies and improve the way their security operations teams function. We’re also planning on expanding our security and risk posture management dashboard to other business-critical applications and components, including cloud infrastructure.
Read More:Â CIO Influence Interview with Graeme Thompson, Chief Information Officer at Informatica
How can CIOPs build a proactive security assessment strategy for their organization?
Listing what needs to be prioritized and secured is the first step in implementing a proactive security strategy. Get started with the security basics: security hardening of the critical infrastructures, such as Active Directory and the cloud environment. Once the network infrastructure is aligned with security best practices, continuously assess, optimize, and neutralize cyber risks. Take a bottom-up approach; get visibility into granular components, then assess the overall security posture of your network.
What is your take on the new buzzwords in AI-driven ITOps and cybersecurity management?
AI-driven ITOps and cybersecurity management is inevitable.
The skill gap in cybersecurity has always been wide. Despite the current economic conditions and massive layoffs at some tech companies, the demand for security professionals continues to exceed the available talent. Enterprises are resorting to orchestration and automation of low-hanging fruit, such as security auditing, compliance report generation, configuration checks, and vulnerability patching, to manage the workload. Still, security professionals are overwhelmed.
An intelligent system that provides alerts about possible attacks and recommends steps to proactively prevent threats by analyzing behavioral patterns is an absolute necessity. This is where AI comes in. In addition to helping enterprises cope with the skill gap, AI-driven security analytics greatly assists with tackling sophisticated threats. Adversaries are employing AI algorithms to scale up their attacks, both in terms of magnitude and complexity. Enterprises’ defense mechanisms must also employ AI to predict and neutralize such sophisticated threats.
What is the future of network infrastructures with AI and Analytics?
AI has been used predominantly in predictive analysis in both network and security operations. It’s used to determine the root cause of IT downtime and instantly troubleshoot by automatically executing the relevant workflows. In the future, AI will enable predictive analytics and allow systems to automatically correct themselves to ensure maximum uptime.
In security operations, the use of AI in predictive remediation will increase enormously. So far, it has been used to spot anomalies based on behavioral analytics. Its usage has been limited to remediating threats. Moving ahead, AI will use its predictive intelligence to forecast potential cyber risks and offer recommendations on neutralizing the threat conditions.
Thank you, Manikandan ! That was fun and we hope to see you back on itechnologyseries.com soon.
[To participate in our interview series, please write to us at sghosh@martechseries.com]
Manikandan Thangaraj is vice president at ManageEngine, the enterprise IT management division of Zoho Corporation, and has been with the company for over 20 years.
ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterprises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine’s real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, endpoints and more. ManageEngine has offices worldwide, including the United States, the United Arab Emirates, the Netherlands, India, Colombia, Mexico, Brazil, Singapore, Japan, China and Australia, as well as 200+ global partners to help organizations tightly align their business and IT.
