Friday, 30 September 2016 01:22

Cyber defence collaboration to be the space race of our generation


iTWire met Splunk chief technical officer, and visionary, Snehal Antani, who gave his roadmap for the future.

1. Cybernomics

Number one on Snehan's list is what he labels "cybernomics."

"The cost of cyber attacks is 1/10th to 1/100th the cost of cyber defence," he said. This is because attack tools are freely distributed, the computing resources are stolen, and because the labour costs in state-sponsored attacks are typically low.

"This creates an unsustainable trajectory from a cyber-defence checkpoint. We have to fundamentally change the economics of cyber defence to a thousandth."

This cannot be performed in isolation. "It will take tremendous collaboration across the public sector, academia and private business," Snehal stated.

"This will be a collaboration not seen since the space race. I believe this will be the space race of our generation.

"This will be achieved through six levers," Snehal states. "Four of these exist in Splunk today. The fifth is an investment we made in a company, and number six is the dream."

a. concept of shift left, and security by design through secure software development, continuous delivery and architecture as cloud. This allows companies to "shift left" and catch bugs in source code immediately. Here, Snehal states, is where Splunk's own data-driven DevOps plays a key role.

b. frictionless operational model, for the security analysis to help them hunt and focus. The tools must be simple to deploy and use, enabling operators to get to business with as little effort as possible. This is seen in Splunk's Enterprise offerings, to drive innovation and change.

c. help your hunters hunt better through security analytics. Splunk now has unsupervised machine learning algorithms that help analysts catch typically really hard problems, and where Splunk's User Analytics drive adoption and innovation.

d. augmenting people with robots for automated incident response. This is seen in Splunk's adaptive response ecosystem.

e. accelerating ramp to productivity through the use of natural language processing and other techniques via Insights Engine, thus allowing a cyber defender to be more productive through natural language queries and other interfaces.

f. moving target defence. This is what Snehal describes as "the dream" in which a shapeshifting network can prevent reconnaissance attacks. In a software-defined networking model, a virtual IP address can be trashed and replaced with a new one, without disruption to the user, and with all connections being preserved. So, a shape-shifting network would deliberately destroy all IP addresses every 10 seconds. This disrupts reconnaissance attacks because a specific IP address may be a Windows box one moment, a Linux box another, a mainframe another.

Yet, this shapeshifting also disrupts IT and Security Operations. Snehal explains, "because Splunk has schema-on-read we can do dynamic resolution of shapeshifting techniques at a layer that is transparent to the end user."

2. Data storytelling
Snehal describes "data storytelling" as the last mile of analytics. "It will become absolutely critical," he states.

To explain the term, Snehal speaks of an energy provider's bill and how it might present a graph comparing energy usage against similarly sized residences in the nearby region. This graph required a lot of analytical work, and household residents who might not even know how to use a computer can immediately comprehend this information and can take actions based on it.

"Storytelling is getting these complex insights and analytics so as many people can consume the information as possible - it's truly telling stories of the data. That's the 'last mile' of analytics," he said.

3. IoT as a business data source
The Internet of Things - or IoT - is well-established with industrial systems and SCADA systems. Yet, Snehal sees it as a vital data source for business analytics in time and will drive much higher business outcomes.

Using IoT retailers can get a greater understanding of how people will interact with their store, for example. This empowers the business to think of new events and responses to protect the customer experience. Snehal sees this as applying equally across retail, insurance, Government and other areas.

"We are still inventing and dreaming," Snehal states. "No company in the world does all the above at this time."


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.



Recent Comments