Latest news with #SecurityInformationandEventManagement

Navigating compliance challenges with integrated security platforms

Hindustan Times

2 days ago

Business
Hindustan Times

Navigating compliance challenges with integrated security platforms

Security and compliance may serve different purposes, but they're deeply interconnected. Treating them as separate often creates more problems than it solves. For many organisations, regulatory requirements feel like a moving target: Complex, time-consuming, and not always aligned with everyday security challenges. But the truth is, when compliance is built into the very fabric of security operations—how threats are detected, monitored, and responded to—it stops being a burden. With the right approach, compliance becomes a natural outcome of strong cybersecurity practices: Automated, intelligent, and seamlessly integrated into how an organisation protects itself in a fast-changing cyber threat landscape. Digital security(Representative image) Traditional compliance methods are tedious—massive log files, never-ending audits, and time-consuming investigations. That's where security analytics and automation come in. With the right tools, organisations can move from labour-intensive compliance processes to an integrated, data-driven approach. SIEM (Security Information and Event Management): Compliance starts with visibility. SIEM ingests, normalises, and correlates security data in real time, ensuring businesses meet logging and reporting requirements effortlessly. Compliance starts with visibility. SIEM ingests, normalises, and correlates security data in real time, ensuring businesses meet logging and reporting requirements effortlessly. SOAR (Security Orchestration, Automation, and Response): Compliance isn't just about collecting logs—it's about responding to incidents efficiently. With automated workflows, SOAR ensures threats are contained before they turn into compliance violations. Compliance isn't just about collecting logs—it's about responding to incidents efficiently. With automated workflows, SOAR ensures threats are contained before they turn into compliance violations. UEBA (User and Entity Behaviour Analytics): Regulations demand proof that organisations can detect and prevent insider threats and anomalies. UEBA continuously analyses user behaviour to flag anything suspicious before it becomes a full-blown incident. Instead of seeing compliance as a burden, organisations that leverage an integrated security platform experience it as a built-in advantage: an automated, intelligent process that strengthens security while reducing human error and operational fatigue. Every industry has its own regulatory maze. Whether it's financial services, health care, or retail, security teams constantly battle evolving laws and growing cyber risks. In banking and financial services, institutions must adhere to stringent regulations such as Know Your Customer (KYC), Anti-Money Laundering (AML) policies, and Reserve Bank of India (RBI) guidelines. These requirements demand constant vigilance, and SIEM solutions play a crucial role by continuously monitoring transactions and user activity, while UEBA detects anomalies indicative of fraud or insider threats. In health care, patient data protection is paramount under regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the US and India's Digital Personal Data Protection (DPDP) Act. SOAR enables hospitals and health care institutions to automate incident response, reducing reaction times and minimising the risk of compliance breaches. Retail and e-commerce businesses, on the other hand, face the ongoing challenge of maintaining Payment Card Industry Data Security Standard (PCI DSS) compliance to protect customer transactions. With high transaction volumes and multiple access points, real-time monitoring is critical. Advanced security platforms ensure that every transaction and access request is scrutinised, minimising exposure to fraud and unauthorised activities. These aren't theoretical benefits—they're the realities businesses face every day. Organisations that embrace a compliance-first mindset, powered by security automation and intelligence, don't just mitigate risks—they create a safer, more predictable operational environment. Audits can be painful. A single misstep can lead to fines, reputational damage, and even legal consequences. But what if compliance wasn't just about avoiding penalties? What if it actually gave businesses a strategic advantage? By implementing an integrated security approach, organisations get automated compliance reporting (no more scrambling to gather logs or generate reports). Real-time risk detection resolves security breaches before they turn into compliance nightmares. There is enterprise-wide visibility—a single pane of glass for security and compliance—making governance smoother than ever. What starts as a compliance investment quickly becomes an organisation's strongest cybersecurity asset. This shift from reactive to proactive security strategies is essential in today's dynamic threat landscape. Cybersecurity and compliance are evolving in lockstep. As new threats emerge, regulations will continue to tighten, making it even more critical for organisations to embrace advanced security solutions. Here's what we can expect in the foreseeable future. With Artificial Intelligence (AI)-driven compliance, we can leverage machine learning for smart, fast regulatory monitoring. The zero-trust enforcement ensures security at every access point, and not just at the perimeter. With cloud-first security strategies, compliance models are able to adapt to hybrid and multi-cloud environments. Automated threat containment reduces dwell time and manual intervention through AI-driven responses. And the rise of global standardisation with cross-border regulations pushes businesses to adopt unified compliance strategies. The future isn't about choosing between compliance and security—it's about making them one and the same. Organisations that rely on manual processes will struggle to keep up with the pace of regulatory changes and cyber threats. An automated, intelligence-driven approach is no longer optional; it is a necessity. Cybersecurity isn't just a cost centre—it's a business enabler. Organisations that invest in integrated security platforms future-proof their operations against evolving threats. Compliance shouldn't be reactive; security shouldn't be an afterthought. By integrating SIEM, SOAR, and UEBA, businesses can build a resilient, future-ready security armour. As regulations continue to evolve and cyber threats grow in sophistication, the need for an automated, intelligence-driven security strategy has never been greater. Securonix's advanced approach to SIEM, SOAR, and UEBA empowers organisations to turn compliance from a burden into a business advantage. Because when security is done right, compliance follows naturally. This article is authored by Dipesh Kaura, country director, India & SAARC, Securonix.

Cert-In issues advisory after data breach of 16 billion credentials, asks people to change passwords

Hindustan Times

6 days ago

Business
Hindustan Times

Cert-In issues advisory after data breach of 16 billion credentials, asks people to change passwords

NEW DELHI: Indian Computer Emergency Response Team (Cert-In) has issued a fresh advisory asking people to follow good cybersecurity hygiene following reports of a massive data breach involving 16 billion online credentials. FILE - The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from multiple platforms. (AP) The breach, first reported by the website Cybernews, includes usernames, passwords, authentication tokens, and metadata leaked from platforms such as Apple, Google, Facebook, Telegram, GitHub, and several VPN services. 'This appears to be a consolidated dataset, and some of the credentials may be outdated or already changed. However, we're issuing the advisory to urge people to follow good cybersecurity hygiene,' a senior official at Cert-In, the country's nodal agency for cybersecurity incident response, said. The advisory was first released on Monday. The agency has urged individuals to update their passwords immediately, enable multi-factor authentication (MFA), and switch to passkeys wherever possible. The advisory also recommends running antivirus scans and keeping systems up to date to protect against malware. The cybersecurity agency advised organisations to enforce MFA, limit user access, and use intrusion detection systems (IDS) and Security Information and Event Management (SIEM) tools to detect suspicious activity. It also recommended that companies check that their database aren't publicly exposed and ensure that sensitive data is encrypted. The massive dataset, which is believed to be available on the dark web, has been reportedly compiled from 30 different sources, mostly through infostealer malware. The dataset could enable attackers to carry out phishing, account takeovers, ransomware attacks, and business email compromises, said the Cert-In advisory. 'This is a systemic red flag,' said Gaurav Sahay, cybersecurity expert and founding partner at Arthashastra Legal. 'The breach is decentralised, harder to detect, and much more difficult to fix. We're likely to see a wave of account takeovers, especially on cloud/email services, banking or fintech apps, developer platforms, and government portals.' Sahay added that password reuse remains rampant, and the lack of MFA on many accounts makes even older credentials dangerous. 'This is a watershed moment in cybersecurity, a reminder that the human element remains the weakest link in digital security.'

KeyBanc Initiates Elastic (ESTC) with a Sector Weight Rating, No PT

Yahoo

7 days ago

Business
Yahoo

KeyBanc Initiates Elastic (ESTC) with a Sector Weight Rating, No PT

Elastic (NYSE:ESTC) is one of the best technology stocks according to Wall Street analysts. Earlier on June 9, KeyBanc initiated coverage of Elastic with a Sector Weight rating, but no specific price target. KeyBanc recognized Elastic as a prominent data and analytics platform with high flexibility, capable of addressing various use cases such as search, observability, and security. However, the firm also noted that Elastic's differentiation in observability and Security Information and Event Management/SIEM is not as strong. In FQ4 2025, the company achieved a total revenue of $388 million, which marked a 16% year-over-year growth. Subscription revenue stood at $362 million, which also showed 16% growth. Elastic Cloud revenue experienced a 23% growth. The company also saw customer growth, with customers spending over $1 million in ACV, growing by ~27% and adding 45 net new customers. Customers with over $100,000 in ACV grew by ~14%, with 180 net new customers added. A group of software engineers working in an open, futuristic office. For FQ1 2026, Elastic expects revenue to be between $396 and $398 million, which is 14% year-over-year growth at the midpoint. For the full FY2026, revenue is projected to be between $1.655 and $1.67 billion, which indicates 12% growth at the midpoint. However, Elastic anticipates slower sequential cloud growth in FQ1 due to seasonal patterns and consumption headwinds. Elastic (NYSE:ESTC) is a search AI company that provides software platforms to run in hybrid, public, or private clouds and multi-cloud environments internationally. While we acknowledge the potential of ESTC as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the . READ NEXT: and . Disclosure: None. This article is originally published at Insider Monkey. Sign in to access your portfolio

Red Canary deploys AI agents to slash security investigation times

Techday NZ

12-06-2025

Business
Techday NZ

Red Canary deploys AI agents to slash security investigation times

Red Canary has announced the introduction of a suite of AI agents designed to perform tier 2 security investigations at the pace and calibre of experienced analysts. These AI agents have already conducted over 2.5 million investigations, reportedly reducing the average investigation time by 90%. The agents are trained on a decade's worth of operational data and provide contextual gathering, alert enrichment, and recommended actions for identified threats, with a stated aim to lessen alert noise and assist security teams in managing evolving threats without increased complexity or risk. Reducing manual security tasks The AI agents are described as specialists across every phase of detection, investigation, and response. They cover roles including security operations centre (SOC) analyst, detection engineering, threat intelligence, and user analysis, automating many procedures traditionally undertaken by security experts. For organisations, this means the agents automate both Tier 1 and Tier 2 analyst tasks in various environments such as cloud, identity, Security Information and Event Management (SIEM), and endpoint systems. According to Red Canary, this leads to faster root cause analysis and remediation of security incidents. In addition, a threat intelligence agent compares threats against known profiles, identifying new trends and aiding intelligence operations. Impact and efficiency Red Canary states that, by automating analyst-level workflows, customers have reduced investigation times from over 20 minutes to under three minutes on average, with the company citing a 99.6% customer-validated true positive rate. The system is built to be enterprise-grade, with training on 10 years of real-world data and with continuous oversight by security operators to ensure consistency and reliability. "Several years ago, we introduced automation to replace repetitive Tier 1 work," said Brian Beyer, CEO and Co-founder of Red Canary. "Now, by combining the best of agentic AI with AI agents that are equipped with years of frontline experience, we're taking the next leap—accelerating Tier 2 investigations with the speed of automation and the judgment of experienced security analysts. This shift allows every Red Canary detection engineer to focus on Tier 3-level analysis, delivering deeper insights and stronger outcomes for our customers." Practical use cases Red Canary offered specific examples to illustrate the value of the AI agents. In one scenario, a user behaviour analysis agent flagged an anomalous Salesforce login, missed by other tools. A reputation analysis agent added context by identifying the login as originating from a high-risk IP address. Red Canary's team validated the threat and quickly alerted the customer, allowing for immediate password reset and containment within minutes. Another example involved a compromised account detected through alert enrichment and user behaviour analysis. These agents identified a suspicious application and proxy activity from an unfamiliar ISP and geography. A Red Canary detection engineer confirmed that a user's access token had been compromised and notified the customer's security operations team for swift response. Scope of agent capabilities The suite currently includes agents specialised for specific systems, including Microsoft Defender for Endpoint, Crowdstrike Falcon Identity Protection, AWS Guardduty, and Microsoft Sentinel. These agents are designed to deliver consistent procedures for their respective environments. The response and remediation agent offers concrete steps for both addressing current incidents and hardening systems to reduce future risk, while the user baselining and analysis agent highlights deviations in user activity by comparing real-time behaviour to historical patterns. Red Canary underscores that its agents are not fully autonomous decision-makers; instead, their outputs are subject to the oversight of experienced detection engineers, aiming to balance automation, reliability, and human judgement. This development represents an ongoing trend in the security sector towards applying artificial intelligence to reduce manual workloads, lower incident response times, and support strained security teams. According to Red Canary, its focus remains on reducing noise, accelerating triage, and providing expert analysis for each threat faced by its clients.

Hospitals raise cybersecurity spend amid rising attacks, AI adoption

Business Standard

10-06-2025

Business
Business Standard

Hospitals raise cybersecurity spend amid rising attacks, AI adoption

As cyber threats grow more advanced, hospitals are raising cybersecurity budgets, adopting AI-driven tools and preparing for stricter healthcare data regulations Anjali Singh Mumbai Listen to This Article With rising cyber attacks, major hospitals are now allocating 8–10 per cent of their IT budgets to cybersecurity—nearly double the 4–7 per cent allocation in 2021, sector watchers said. The budgetary allocations are expected to rise further to 12–15 per cent by 2027, said Vineet Dhawan, Chief Executive Officer of DCT Inc. and dcafé Digital Inc. DCT Inc. is an IT services company. Dhawan added that demand for AI-driven cybersecurity tools—particularly AI-powered Security Information and Event Management (SIEM) platforms—has increased by 40 per cent year-on-year since 2023. 'Nearly half of this demand is now coming from Tier-2 and Tier-3 cities,'