Details: Written by: Meena; Category: Cybersecurity PRISM

Some journeys aren’t just personal—they’re poetic. Mine began in a humble village school, seated on the floor, learning the basics of language and numbers.

A beautiful circle of my journey just completed.

Details: Written by: Meena; Category: Cybersecurity PRISM

cloud-Is-It-Opportunity-For-YOU In the year 2019 the whole world affected by Coronavirus. During that time COVID-19 pandemic accelerated the move to the cloud significantly. Many companies were forced to implement remote work policies to run their business. This could be possible with the help of cloud technology. In the last few years... companies are showing their interest in adopting the cloud for their business.

Most organizations, particularly enterprises, have at least some of their workloads in the cloud. More businesses are embracing the cloud to keep up with the AI revolution. You will be surprised to know that more than 90% of organizations use the cloud. This market is expecting to reach one trillion dollars in the next 2-3 years.

More enterprises are exploring multi-cloud solutions over a single cloud provider.

Relying on a single cloud vendor can put their business in danger. Multicloud offers a range of opportunities to help organizations better serve their customers.

In the previous post I have discussed about Cybersecurity is an huge opportunity for IT professionals.

Here are some common use cases:

Disaster recovery

High priority task for the organization is to bring the business back in working condition after any sort of disaster. To achieve it multi-cloud can be handy. Multicloud allows you to back up critical applications or data on different vendors' clouds. In the event of a disaster or single vendor outage, you can rely on your other providers.

Low latency globally

In the digital era your clients can be worldwide. In case of a global organization, multicloud can help them better serve customers. By giving access to servers in diverse locations. May be near to the clients and providing better connections with low latency.

Regional requirements

When implementing a multi-cloud strategy... organizations must follow regional regulations, data sovereignty laws, and infrastructure requirements. Each region or country has its own rules. Related to data privacy, security, latency, compliance, and availability. Failing to adhere to these regulations... can result in legal penalties, data breaches, and service disruptions.

So organizations choose cloud providers as per their requirements.

There can be other benefits like better security controls, and compelling cost savings.

The IT Shift You Can’t Ignore:

Why 90% of Companies Choose Cloud!

Details: Written by: Meena; Category: Cybersecurity PRISM

Wiz cloud security Part 1

Cybersecurity is an huge opportunity for IT professionals. Let me give you a proof of it. Alphabet (Google) has acquired over 200 companies till date. Please pay attention to it acquisition done in March 2025. With its largest acquisition being the buy of Wiz (a cloud security company [wiz.io]), for $32 billion.

In the list of 3 top expensive companies first and third are in cybersecurity business. Google paid $32,000,000,000 ($32 billion) to WIZ Israel Company (Cloud Security) which is its highest buying cost ever.

Wiz acqusition cost

I will dig deeper in cloud security later.

First of all we will see some use case example of cloud.
Why are more than 90% organizations using cloud?
Little bit history of cloud computing.
What is cloud computing?

Okay so let's start with some use case scenarios of cloud:

🛒 Scenario 1. The Local Grocery Store That Expanded Online

Details: Written by: Meena; Category: Cybersecurity PRISM

Cybersecurity Analytics is marriage of two disparate fields:

Data Analytics and Cybersecurity

You may know that 'Data Analytics' is the process of examining DATASETS to draw conclusions about the information they contain. Valuable insights can be derived from uncovering and examining data patterns. Scientists categorize data as descriptive, diagnostic, predictive, or prescriptive to help them utilize data in many innovative ways. In general, Data Analytics can help companies better understand the purchasing habits of their customers, measure the efficacy of their advertising campaigns, discover new markets, and develop new products, and many things more.

Cybersecurity, on the other hand, is the practice of defending your organization's digital assets against malicious attacks. It employs various techniques, strategies, processes, and tools to diagnose, predict, and prevent unauthorized access of networks, systems, and devices.

Thus, you can safely say that Cybersecurity Analytics is concerned with the use of data analytics to achieve a cybersecurity objective. It is a powerful tool born of a deep understanding of data that can describe cybersecurity risks, diagnose vulnerabilities, predict future malicious behavior, and prescribe protective remedies.

Cybersecurity Analytics has evolved over the last few decades to become the basis for essential cybersecurity solutions and practices. It has provided a crucial understanding of bad actors, their techniques, and behaviors.

It is the application of BIG DATA ANALYTICS, rather than computer science or programming, that sets cyber analytics apart from traditional cybersecurity methodologies. To be sure, both disciplines examine the same exploits, vulnerabilities, threats, and attack methods. Still, for a cyber data scientist, these challenges are viewed through the lens of big data security analytics.

What is cybersecurity analytics?

Details: Written by: Meena; Category: Cybersecurity PRISM

U.S. Military when it was engaged in Vietnam war, some of their efforts were being led by a team, named as Purple Dragon. This team, Purple Dragon, noticed a phenomenon that their adversaries were seemingly able to anticipate their battle-strategies and tactics successfully. The question arose, HOW?

They were able to established that Vietnamese warriors were neither able to decrypt US Military communications, nor they had any intelligence assets inside US Military to collect intelligence from inside. Then how the Vietnamese warriors were able to anticipate moves of US Military. In the end, the Purple Dragon team arrived at one conclusion, i.e., US forces themselves were revealing vital information to the enemy 'inadvertently.'

I hope that you haven't missed the word 'inadvertently' here.

What is Operational Security?

Details: Written by: Meena; Category: Cybersecurity PRISM

What is Identity & Access Management (IAM)?

It is about your USERS (read, employees)...and their identities and the respective Access.

As you already know that when any user's credentials (user name, passwords) are compromised, it opens a new gate for hackers to enter into your company's network and attack your most valuable data and resources. Identity and Access Management (IAM) is one such tool which is used by most companies to ward off the attackers, and to protect their data and people.

In a very simplistic way, you can say that IAM is framework of some security policies, processes, and technologies which enable your organization to manage the 'digital identities' of your users and to control their access to critical corporate information. It works by assigning your users with 'specific roles' and ensuring they have the right level of access to corporate resources and networks, so that they can carry out their roles effectively. Thus, IAM improves the user experience and security at the same time.

The core ideas of IAM is to assign one 'digital identity' to each individual or a device. On the basis of this digital identity, it modifies, and monitors access levels and privileges through each user’s access life cycle.

An IAM platform is capable of verifying and authenticating individuals on the basis of their 'roles' and 'contextual information' such as geography, time of day, or (trusted) networks, etc. They can capture and record login events of all users. They allow you to assign access privileges to your users or to remove them. If any change in the privileges of any users happens, it can monitor those too.

As I just said above, IAM is a great tool to build 'Role-Based Access Control (RBAC), as defined by their job title, level of authority, and responsibility within your business. However, you may not be aware that these platforms are also capable of automatically de-provisioning the access-rights of any user, if he or she departs from your organization or their role changes within organization. Thus they prevent many security risks.

What Are The Key Components Of An IAM Platform?

Details: Written by: Meena; Category: Cybersecurity PRISM

The classical approach to network security was to isolate your internal network from the rest of the world, or say internet, using the firewall. Your firewall succeeded in preventing outsiders from coming in to your network, while still allowing your internal network users to connect to the external networks. For long many years, this approach worked for most organizations.

But this approach is not effective any longer, because now most users are bring in their own devices (BYOD) which are managed and used by users themselves, not by your network administrators. When network admins have no control over how these devices are used by users and how to deploy security measures on these devices, both the device and your network are not safe. There are countless of instances of successful 'Phishing' attacks by hackers when corporate users were lured or tricked into entering their user 'credentials,' which led to hackers gaining access to penetrate systems of organisations. Such phishing attacks are everyday phenomenon worldwide.

Since the classical network security approach heavily depended upon your hardware, primarily, your firewall, a new and far robust approach to security has emerged in the form of Software-defined Perimeters (SDPs).

What is SDP?

Details: Written by: Meena; Category: Cybersecurity PRISM

If you reflect upon the modern IT networks, you would immediately realize that they are quite complex. These are made up using various combinations of number of components, e.g., Routers, Switches, Firewalls, Servers and also include cloud-related resources such as Virtual Machines (VMs), Hypervisors, containers, etc. Most of these elements are simultaneously present in the network and interconnected too by various means.

The moment you would think of security such complex networks, you would impromptu realize that it is critical to monitor all these components carefully around the clock. From your perspective, each component of modern networks increases your attack-surface. But for every hacker and threat actor, this complexity of networks and the resulting challenge of 'visibility' create numerous opportunity to attack and exploit your network.

Not only this, if any of these devices fails, the performance of your network would be immediately hindered, so staying on top of the performance of each element of the network is critical to the smooth, uninterrupted production of your organization.

You have no choice but to know and monitor the traffic of your own network.

Your network traffic is the amount of data that is moving across your computer network at any given point in time. You all know that this traffic consists of data packets which are sent over your network, before they are re-assembled by receiving computer or device.

But you need to have a look at your network traffic from various lenses. Traffic affects quality of your network, because an unusually high amount of traffic can result in slow download speeds or spotty Voice over Internet Protocol (VoIP) connections. Traffic is also related to security because an unusually high amount of traffic could be the sign of an attack.

Before you get into details, you need to get acquainted with some conceptual framework here. There is your data-center...

Details: Written by: Meena; Category: Cybersecurity PRISM

An endpoint is any device that connects to your corporate network from outside your firewall, e.g., Computers, Laptops, Tablets, Mobile devices, Servers, Printers, IoT devices, POS systems, Switches, ATM machines, Industrial machines, Medical devices and other devices that communicate with your corporate network.

They encompass any machine or connected device that could conceivably connect to your corporate network. And for hackers, these endpoints are particularly lucrative entry points to your business networks and systems. It is therefore vital for your organization to consider every device that is or could be connected to your network and ensure it is protected.

Every endpoint that connects to your corporate network is a vulnerability, providing a potential entry point for cyber criminals. Therefore, every device an employee uses to connect to any business system or resource carries the risk of becoming the chosen route for hacking into your organization. These devices can be exploited by malware that could leak or steal sensitive data from your business.

What is Endpoint Security?

Details: Written by: Meena; Category: Cybersecurity PRISM

SCADA (Supervisory Control And Data Acquisition) is a category of software application program for industrial process control, the gathering of data in 'real-time' from remote locations in order to control equipment and conditions.

SCADA is a system of software and hardware elements that allows industrial organizations to:

Control industrial processes locally or at remote locations

Monitor, gather, and process real-time data

Directly interact with devices such as sensors, valves, pumps, motors, and more through human-machine interface (HMI) software

Record events into a log file

SCADA systems are used by industrial organizations and companies in the public and private sectors to control and maintain efficiency, distribute data for smarter decisions, and communicate system issues to help mitigate downtime. SCADA is used in power plants as well as in oil and gas refining, Food and beverage, Telecommunications, Transportation, Water and waste control, Manufacturing, Recycling, Pharmaceutical/Bio-tech, HVAC and commercial building management, Energy pipelines and utilities, Energy management and refrigeration, and many more.

Evolution of SCADA systems

Details: Written by: Meena; Category: Cybersecurity PRISM

First there was DAP...

Directory Access Protocol was a protocol for accessing information in a directory service based on the X.500 recommendations. It specified how an X.500 Directory User Agent (DUA) communicates with a Directory System Agent (DSA) to issue a query. Using DAP, network users were able to view, modify, delete, and search for information stored in the X.500 directory if they had suitable access permissions.

But it was a complex protocol with a lot of overhead. That's why, it was generally considered 'unsuitable' for implementations in a Microsoft Windows environment. Thus, a group of developers wanted to come up with a less complex replacement for DAP, and they created LDAP in 1993. It was a new protocol that used far less code and would become more accessible to people using desktop computers. Since then, LDAP has remained very popular, to the extent that the LDAPv3 became a directory services 'standard' and it also inspired the creation of OpenLDAP, the leading open source directory services platform. It also laid out the foundation on which Microsoft built 'Active Directory' in the late 1990s. LDAP has been very crucial to developing cloud-based directories also.

What is LDAP?

Page 1 of 28

Knowledge Center

Popular Blog Posts

Management Consulting

Blog Feed

Returning to my roots was more than a visit—it was a promise to give back