Humans are the weakest link in Cyber Defense


Over 2000 Indian websites were hacked by hackers from Indonesia and Malaysia according to DCP cybercrime, Ahmedabad. The hackers disclosed sensitive information like the whereabouts of BJP’s former spokesperson Nupur Sharma, personal details of Andhra Pradesh police, and personal details of the Aadhaar cards and PAN cards of several people.

Cyberattacks have become complex beyond the capabilities of anti-virus. Cybercriminals are coming up with new ways to target the venerable. We interacted with Anter Virk, Co-founder & CEO, SubCom (Subconscious Compute), and Dilawar Singh, Co-founder & CTO, SubCom to know why we need the complex cybersecurity architecture and SubCom’s product offering to protect against Cyberattacks.

Read the interview here:

TimesTech: What are the types of Cyber Attacks that are common these days and the security architectures that are available to defend against these attacks?

SubCom: Malware and Phishing attacks continue to be commonplace and effective forms of attack for cybercriminals. Zero-day exploits and supply chain attacks have also gained a lot of prominence in recent years, especially for attacking enterprises. There is no dearth of cybersecurity tools in the market. In fact, on average, an enterprise in the US uses > 45 cybersecurity tools. Surprisingly, the average no. of days it takes to identify a breach still stands at > 200 days.  

TimesTech: Why do we need sophisticated security architectures to defend against cyberattacks? Why is an anti-virus no longer sufficient?

SubCom: About 90% of successful breaches are caused by human error — Either someone configured the tools wrong, or they clicked on a malicious link and fell victim to a sophisticated phishing attack. Humans are the weakest link in cyber defense. About 4-6% of the workforce clicks malicious links after phishing training. As the existing solutions rely heavily on users’ discretion and behaviour, they are only as effective as the resolve of the people they are trying to protect. 

Secondly, as most cybersecurity solutions process logged events, the alerts and insights are not generated in real-time. About 45% of alerts generated by new-age tools are false. This overwhelms the security teams and induces alert fatigue impairing their ability to respond in time.

We need performant tools capable of processing events in real-time, issuing proof-based alerts, and delivering automated defense. These tools must be effective despite human behaviour instead of relying on discretion, experience, and smarts. 

Anti-Viruses are about 40% effective as they are signature-based tools. An anti-virus is only effective against known and documented attacks. 

TimesTech: What is a Zero-Trust architecture? What are its features?

SubCom: Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of digital interaction. Rooted in the principle of “never trust, always verify,” Zero Trust is designed to protect modern environments and enable digital transformation by using robust authentication methods, leveraging network segmentation, preventing lateral movement, and simplifying access policies.

Three fundamental principles of ‘Zero Trust’ are:

– Never Trust, Always Verify

– Offer least-privilege access

– Always assume a breach

TimesTech: What is “Habitual Neural Fabric” that is being offered by SubCom for Endpoint observability?

SubCom: Similar to biological intelligence, SubCom’s Proprietary Neural Nets — ‘Habituation Neural Fabric’ learns to differentiate between actual threats and safe signals. It is adept at processing volumes of data on the endpoint itself and picking up anomalies with unprecedented precision in real-time while ignoring the harmless instances. SubCom quickly analyses, classifies, and quantifies the detected irregularities into a simple, easily understood Trust Score for the user. Organizations can automate threat detection, isolation, and remediation based on our Trust Score. 

TimesTech: What are SubCom’s product offerings? What features separate it from its competitors?

SubCom: SubCom is building ultra-compact security agents powered by Habituation Neural Fabric. Its mission is to create the most performant, fully automated, real-time defense for distributed devices.

The below-mentioned capabilities will set them apart:

1. Trust Score in real-time: No other solution can process volumes of security events in real-time on edge. 

2. Resource Footprint: Our agents are ultra-compact. We can deploy on the smallest of IoT devices. No other solution can be deployed on devices of varying sizes, forms, or resource capabilities.

3. Resource consumption: We can perform analytics on edge in a fraction of the resources of what existing solutions need to run inference

4. Performance: As we are an anomaly-based detection system, our chances of identifying and isolating new threats are significantly better. We’ll substantially lower the rate of false positives.

5. Automation of defense: Effective policies built on our Trust Score could help organizations automate the security of their devices.