previous arrow
next arrow
Slider

How This Cybersecurity Startup Is Using Machine Learning To Enhance Threat Intelligence

 Published: August 12, 2020  Created: August 11, 2020

By Sejuti das

He COVID pandemic has massively escalated the surge of cyberattacks and data breaches despite having robust security controls, software, and solutions abundantly available in the market. A lot of this could be attributed to the vulnerability businesses offer the cybercriminals to take advantage of the situation quickly.

While the conventional cybersecurity approach has benefited many, having cybersecurity without cyber-intelligence and necessary awareness can put the security professionals off-guarded to more complicated and novel threats. Furthermore, with limited cybersecurity resources, businesses need to prioritise their efforts to strengthen cyber posture effectively; however, many organisations do not have an anchor point or a guiding principle, to begin with. With cyber-intelligence inputs missing from cybersecurity capabilities like incident management, vulnerability management, risk assessment and brand monitoring, businesses end up running their security practice in silos instead of an integrated approach.

And, thus, in an attempt to revolutionise the cyber threat visibility and intelligence market, CYFIRMA, a cyber analytics startup assists businesses to understand the relevance of the current threat landscape. Not only it provides insights on threat actors and indicators, emerging threats and digital risks, but also automatically applies intelligence into cyber posture management. To dig deeper, Analytics India Magazine got in touch with the chairman and CEO of the company, Kumar Ritesh, to understand how the company uses a predictive intelligence-driven approach to discover cyber threats.

The COVID pandemic has massively escalated the surge of cyberattacks and data breaches despite having robust security controls, software, and solutions abundantly available in the market. A lot of this could be attributed to the vulnerability businesses offer the cybercriminals to take advantage of the situation quickly. While the conventional cybersecurity approach has benefited many, having cybersecurity without cyber-intelligence and necessary awareness can put the security professionals off-guarded to more complicated and novel threats.

Furthermore, with limited cybersecurity resources, businesses need to prioritise their efforts to strengthen cyber posture effectively; however, many organisations do not have an anchor point or a guiding principle, to begin with. With cyber-intelligence inputs missing from cybersecurity capabilities like incident management, vulnerability management, risk assessment and brand monitoring, businesses end up running their security practice in silos instead of an integrated approach.

And, thus, in an attempt to revolutionise the cyber threat visibility and intelligence market, CYFIRMA, a cyber analytics startup assists businesses to understand the relevance of the current threat landscape. Not only it provides insights on threat actors and indicators, emerging threats and digital risks, but also automatically applies intelligence into cyber posture management. To dig deeper, Analytics India Magazine got in touch with the chairman and CEO of the company, Kumar Ritesh, to understand how the company uses a predictive intelligence-driven approach to discover cyber threats.

Incubated under Antuit Inc, CYFIRMA was started as a business analytics firm in 2017 under the cybersecurity analytics arm, which developed the first-ever intelligence-driven approach — CAP (Cybersecurity Analytic Platform) for companies. Later in 2018, the company established a foothold in Japan and secured marquee clients such as Mitsubishi Corporation and NEC. However, in 2019, the company spun-off from Antuit to become an independent entity, backed by Goldman Sachs, Zodius Capital and Z3 partners.

DeCYFIR Uses Strategic Cyber-Intelligence For Threat Discovery

In June 2020, amidst COVID, CYFIRMA launched DeCYFIR, their flagship product which provides threat visibility and intelligence, cyber-situational awareness for businesses and cyber incident analytics. DeCYFIR is cloud-based threat discovery and cybersecurity platform, which discovers threats from hackers’ trenches, decodes signals from noise to get the most in-depth insights and apply threat intelligence to take necessary actions.

Ritesh said that with the platform, it becomes easy to connect the dots to provide businesses with full contextual details on their threat landscape. “Our analysis uncovers the following insights – who is the threat actor, what assets are interesting for hackers, why the compelling interest, when is the attack mounted, and what is going to be the approach. In a nutshell, we help organisations predict future cyberattacks,” said Ritesh.

According to the company, DeCYFIR is the only product currently available in the market to provide cyber intelligence to businesses to get a hacker’s perspective and their approaches. Not only it discovers hidden signals by recognising signs of an impending attack, but it also predicts the attacks quite early providing enough time for businesses to take necessary actions. The DeCYFIR platform picks up ‘indicators’ of the threat attack rather than the ‘indicators of compromise.’

Alongside, the DeCYFIR platform provides strategic, management and tactical intelligence which can be harnessed in totality to make accurate decisions. While strategic cyber-intelligence provides long-term implications for businesses such as changing the overall regulatory framework, the management cyber-intelligence highlights the approaches for a robust cybersecurity planning, and tactical cyber-intelligence focus on techniques to examine the indicators of compromise.

How Does DeCYFIR Work?

The platform DeCYFIR works on four logical layers — data collection, data analysis, data dissemination, and reporting. In the stage data collection, the platform knows where to look for collecting relevant data, which is critical for unlocking actionable insights. Secondly, in the data analysis layer, the platform applies correlation, attribution and association using AI and ML to seek indicators of threats beyond IoC.

The platform further runs probability models to predict the likelihood of a cyber-attack. This layer helps in understanding the threat vectors, actors, method etc. In the third layer of data dissemination, it reads signals to identify farthest threats, consumption to apply cyber intelligence and predictions to oppose proaction. And lastly, in the reporting stage, the platform provides relevant information on a dashboard highlighting early warning of impending threats and real-time insights.


https://analyticsindiamag.com/how-this-cybersecurity-startup-is-using-machine-learning-to-enhance-threat-intelligence/


No Thoughts on How This Cybersecurity Startup Is Using Machine Learning To Enhance Threat Intelligence

Leave A Comment