Founded in 2017, US-headquartered DXC Technology has fast emerged as one of the prominent players in the B2B IT Services space. Security is one of the most important components of DXC Technology’ services.
Analytics India Magazine caught up with Rashmi Chandrashekhar, Lead – Security, DXC Technology India to understand more about the cybersecurity trends, company’s product pipeline and future plans.
Sign up for your weekly dose of what's up in emerging technology.
AIM: What are the various security-related services and products DXC Technology offer?
Rashmi Chandrashekhar: DXC Technology helps customers in improving cyber defence, verifying digital identities, and protecting sensitive data. Our expert advisory services and 24×7 managed security services help in securing an organisation’s digital enterprise.
DXC security offerings:
- Cyber Defence: Tailored solutions to support the digital enterprise, enabling monitoring and response to the evolving threat landscape.
- Secured Infrastructure: Solutions to meet unique security requirements through design, installation and integration of perimeter, network, endpoint and advanced threat protection solutions.
- Digital Identity: Number of digital identity solutions — from provisioning and access governance to strong authentication and Public Key Infrastructure (PKI) to protect the enterprise.
- Data Protection: Protects critical data and helps enterprises understand the use of critical content, all while meeting constantly increasing privacy requirements.
- Application Security: Application Security Testing enables accelerated delivery of high-quality and secure business applications that lower the risk of a successful security breach.
AIM: Tell us about the AI and ML features in your cybersecurity solutions
Rashmi Chandrashekhar: The DXC Security Platform provides intuitive investigation and intelligence with an automated response. We are enabling enterprise security intelligence and automation through DXC Bionix, our digital generation services delivery model based on intelligent automation at scale.
The DXC Security Solution harnesses the full power of the ServiceNow platform and DXC Bionix through:
- Analytics and AI – Analytics and artificial intelligence to gain new, real-time insights into the business and its operations
- Lean – Data-driven optimisation to eliminate waste and enhance value
- Automation – Innovative, partner-engineered technologies integrated to create DXC’s intellectual property and assets
AIM: What are your upcoming projects?
Rashmi Chandrashekhar: Some of the key upcoming projects for DXC Security include:
- Strengthening Cloud security, METDR capability, OT Security defence strategy
- SaaS solutions for digital identity
- Security monitoring strategies for AWS, AZURE and GCP
- Security detection based on UEBA capabilities
- CTI platform with rationalized feeds and reporting requirements
- Integrate with industries and other DXC offerings for solutions that address business problems
- Define solutions for data-centric encryption
AIM: Tell us about DXC Technology’s future plans
Rashmi Chandrashekhar: DXC’s Security vision for the coming years is to provide orchestrated, predictive security analytics and response from anywhere. This will be achieved through initiatives such as predictive intelligence, orchestration and response, hybrid cloud, serverless security, Secure Access Service Edge, automated data lifecycle management, analysis and operationalization and machine learning-driven data management.
Security is foundational to what we do across our Enterprise Technology Stack of services for our customers, and we make all of our end-to-end solutions secure.
AIM: How do you secure infrastructure and increase agility in a hybrid world?
Rashmi Chandrashekhar: DXC defines four ways in which security can respond with new models and practices better aligned with today’s business needs:
- SaaS-enabled security – Delivering security with cloud connectivity, scale, and efficiencies
- Extended detection and response (XDR) – Providing greater visibility and control into more environments
- Secure access service edge (SASE) – Enabling location-independent access to corporate resources, where access is controlled based on extensive information about the context of the connection, the activity and the data being accessed
- Container security – Providing a rapidly patched and consistently configured platform for microservices
AIM: What effect did pandemic have on organisations with respect to cybersecurity?
Rashmi Chandrashekhar: The current threat landscape is dominated by COVID-19. Nearly every established cyber-attack has been used with the COVID-19 theme.
Not too long ago, organisations deployed security strategies that focused on blocking and securing the perimeter and ‘locked down’ users, access, and data. The new style of business has dissolved the perimeter. Users include more than just employees, and they are interacting with organisational data and applications in the cloud, on mobile devices and from outside networks.
Today, speed and agility matter more than ever. Organisations must leverage the opportunities that cloud, and mobile bring to increase time to value; enhance customer experiences and improve workforce productivity.
To protect their digital enterprise, organisations must secure the interactions between business-critical digital assets, thus securing the free flow of information in, around and outside the enterprise. Digital environments will also need to be defined with Zero Trust architecture by leveraging network segmentation, preventing lateral movement, and simplified granular user-access control.
AIM: How do you ensure the relevance of security operations centres?
Rashmi Chandrashekhar: Next-generation security operations centres will need to be built with intelligent security operations that include a high level of automation/cognitive security capabilities. Key capabilities that need to be built in next-generation SOC include:
- Threat Hunting and Analytics: Proactive identification and visualization of security threats to gain new insights.
- Risk Management: Proactive identification and management of security vulnerabilities and threats.
- Threat Intelligence: Event and alert enrichment through integrated intelligence and threat contextualization.
- Security Incident Response: Accelerated security incident response, workflow, alert management, enrichment, and reporting. Data-driven optimization to reduce dwell time and enhance time to value.
AIM: What are your views on the current Cybersecurity landscape in India?
Rashmi Chandrashekhar: In recent times, cyber intrusions and attacks in India have increased in scope and sophistication, targeting sensitive data, and critical infrastructure, that has an impact on the national economy and security.
The present cyber threat landscape poses significant challenges due to rapid technological developments such as Cloud Computing, Artificial Intelligence, the Internet of Things, 5G, etc. Additional challenges include data protection/privacy, enforcement of law in cyberspace, misuse of social media platforms, cybercrime etc. Digitisation in India will dramatically rise in post-COVID-19 scenario which in turn will increase demand for greater cybersecurity and privacy.
Amid the COVID-19 crisis, as businesses are still coping up, cybersecurity is being seen as a core technology to keep companies secure as they go online and virtual, and as emerging deep technology such as Artificial Intelligence, Machine Learning, Blockchain, and investment in cybersecurity will be key differentiators for companies offering such services.
AIM: What are the essential skills for a successful cybersecurity career?
Rashmi Chandrashekhar: To sustain a thriving career in cybersecurity, aspirants need to focus on strong technical skills along with soft skills; and the ability to work methodically.
Technical skills include understanding of architecture, administration, and management of operating systems (various Linux distros, Windows, etc.), networking, and virtualization software. This is in addition to general programming/software development concepts and software analytics skills. Developing cybersecurity domain skills in areas of digital identity, application security, cyber defense, infrastructure security, cloud security etc. is important. Ability to link cybersecurity solutions to address business challenges will allow cybersecurity professionals to connect with business requirements and enable faster career growth.
Important soft skills include excellent presentation and communications skills to effectively communicate with management and customers. The ability to clearly articulate complex concepts, and active listening skills also help immensely.