Data Analytics & CybersecurityTrends, Threats & Tales From The Cyber Crypt

By Kong Yang

Trends

Many organizations’ plans around digital transformation and work from anywhere (WFA) initiatives were realized in 2020. Why? Simple, you either delivered it so your organization could continue to conduct business, or you couldn’t, and your business has struggled to keep pace. At its core, digital transformation is business transformation. And doing business in 2020 was disrupted by the pandemic.

Threats

While many businesses were happy to just survive the pandemic, lockdowns, and shutdowns, the advanced persistent threat actors never stopped their attacks to gain access to trade and state secrets. The attack vectors ranged widely — from supply chain, like the SolarWinds flare up, to exploits against Microsoft Exchange, VMware vCenter, and Citrix Gateways, to catfishing schemes. There were also attacks from state-backed actors who masqueraded as SecOps subject matter experts and provided pen testing code that was actually injecting malware into an organization’s environment. For IT professionals, there really was no rest for the weary.

The Terror of Technical Debt

On top of all the trends and threats, there remains a tremendous amount of technical debt in many organizations in the form of legacy infrastructure and poorly architected app stacks versus well-architected app stacks. But this also represents an opportunity, since a quick path to digital and business transformation can be achieved through converting technical debt into tech equity. McKinsey talks about the key drivers of tech debt, such as strategy, architecture, talent, process, and education. The root of all of these key drivers is people. Therefore, the root of all tech debt is people. And why is tech debt important? Tech debt continues to be a major security threat vector.

People: The Weakest Link

People are constantly being targeted by threat actors and the attack surface area continues to expand with the evolving work from anywhere environments. Organizations have made it a priority to increase their rigor and discipline in cybersecurity, especially leveraging big data analytics to discover, mitigate, manage, and report potential incidents. Unfortunately, big data projects can be hard to deliver successfully. Challenges include the usual suspects — people, process, and technology.

Tales from the Cyber Crypt

The good news is that organizations don’t have to travel this big data analytics and cyber journey alone. In a recent webinar, The Register’s Tim Phillips and I cover customer tales on applying big data analytics to cybersecurity with foundational tips for practitioners to leverage to ensure successful project delivery. These examples follow the engineering modus operandi of trust but verify. Give the webcast a listen and let me know how you will be using big data analytics in your cyber practice.

© 2021 Nutanix, Inc. All rights reserved. Nutanix, the Nutanix logo and all Nutanix product, feature and service names mentioned herein are registered trademarks or trademarks of Nutanix, Inc. in the United States and other countries. Other brand names mentioned herein are for identification purposes only and may be the trademarks of their respective holder(s). This post may contain links to external websites that are not part of Nutanix.com. Nutanix does not control these sites and disclaims all responsibility for the content or accuracy of any external site. Our decision to link to an external site should not be considered an endorsement of any content on such a site. This post may contain express and implied forward-looking statements, which are not historical facts and are instead based on our current expectations, estimates and beliefs. The accuracy of such statements involves risks and uncertainties and depends upon future events, including those that may be beyond our control, and actual results may differ materially and adversely from those anticipated or implied by such statements. Any forward-looking statements included herein speak only as of the date hereof and, except as required by law, we assume no obligation to update or otherwise revise any of such forward-looking statements to reflect subsequent events or circumstances.

We make infrastructure invisible, elevating IT to focus on the applications and services that power their business.