Failed loading XML...
Friday, 30 September 2016 01:22

Cyber defence collaboration to be the space race of our generation


iTWire met Splunk chief technical officer, and visionary, Snehal Antani, who gave his roadmap for the future.

1. Cybernomics

Number one on Snehan's list is what he labels "cybernomics."

"The cost of cyber attacks is 1/10th to 1/100th the cost of cyber defence," he said. This is because attack tools are freely distributed, the computing resources are stolen, and because the labour costs in state-sponsored attacks are typically low.

"This creates an unsustainable trajectory from a cyber-defence checkpoint. We have to fundamentally change the economics of cyber defence to a thousandth."

This cannot be performed in isolation. "It will take tremendous collaboration across the public sector, academia and private business," Snehal stated.

"This will be a collaboration not seen since the space race. I believe this will be the space race of our generation.

"This will be achieved through six levers," Snehal states. "Four of these exist in Splunk today. The fifth is an investment we made in a company, and number six is the dream."

a. concept of shift left, and security by design through secure software development, continuous delivery and architecture as cloud. This allows companies to "shift left" and catch bugs in source code immediately. Here, Snehal states, is where Splunk's own data-driven DevOps plays a key role.

b. frictionless operational model, for the security analysis to help them hunt and focus. The tools must be simple to deploy and use, enabling operators to get to business with as little effort as possible. This is seen in Splunk's Enterprise offerings, to drive innovation and change.

c. help your hunters hunt better through security analytics. Splunk now has unsupervised machine learning algorithms that help analysts catch typically really hard problems, and where Splunk's User Analytics drive adoption and innovation.

d. augmenting people with robots for automated incident response. This is seen in Splunk's adaptive response ecosystem.

e. accelerating ramp to productivity through the use of natural language processing and other techniques via Insights Engine, thus allowing a cyber defender to be more productive through natural language queries and other interfaces.

f. moving target defence. This is what Snehal describes as "the dream" in which a shapeshifting network can prevent reconnaissance attacks. In a software-defined networking model, a virtual IP address can be trashed and replaced with a new one, without disruption to the user, and with all connections being preserved. So, a shape-shifting network would deliberately destroy all IP addresses every 10 seconds. This disrupts reconnaissance attacks because a specific IP address may be a Windows box one moment, a Linux box another, a mainframe another.

Yet, this shapeshifting also disrupts IT and Security Operations. Snehal explains, "because Splunk has schema-on-read we can do dynamic resolution of shapeshifting techniques at a layer that is transparent to the end user."

2. Data storytelling
Snehal describes "data storytelling" as the last mile of analytics. "It will become absolutely critical," he states.

To explain the term, Snehal speaks of an energy provider's bill and how it might present a graph comparing energy usage against similarly sized residences in the nearby region. This graph required a lot of analytical work, and household residents who might not even know how to use a computer can immediately comprehend this information and can take actions based on it.

"Storytelling is getting these complex insights and analytics so as many people can consume the information as possible - it's truly telling stories of the data. That's the 'last mile' of analytics," he said.

3. IoT as a business data source
The Internet of Things - or IoT - is well-established with industrial systems and SCADA systems. Yet, Snehal sees it as a vital data source for business analytics in time and will drive much higher business outcomes.

Using IoT retailers can get a greater understanding of how people will interact with their store, for example. This empowers the business to think of new events and responses to protect the customer experience. Snehal sees this as applying equally across retail, insurance, Government and other areas.

"We are still inventing and dreaming," Snehal states. "No company in the world does all the above at this time."

Read 6486 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


If you're looking at enabling Microsoft Teams for your contact centre, you should bookmark this webinar.

Marketing budgets are now focused on Webinars combined with Lead Generation.

Our panellists from Whangarei District Council (NZ) and Maurice Blackburn Lawyers (Aus) were closely involved in recent projects to enable Microsoft Teams for their own contact centres.

They have kindly agreed to join Enghouse and Microsoft to talk about some of the things they would recommend as most critical for IT and CX professionals planning a Teams Contact Centre migration.

Date: 11 May 2022
Time: 12pm AEST | 2pm NZST | 10am SGT

We look forward to having you join us. Please click the button below to register.



The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News