Business Logic Monitoring and Automation

Rajeev Bhargava, CEO of Decision- Zone Inc based in Canada participates in Risk Roundup to discuss “Business Logic Monitoring and Automation”. Overview Today, nations: its government, industries, organizations and academia (NGIOA) are vulnerable to security challenges from cyberspace, geospace and space (CGS). While entities across NGIOA do invest in information security products, the growing concern is whether the information security products are able to effectively understand the security risks of entities and initiatives that they are supposed to secure. Many of the information security products that are used by entities across NGIOA currently are off the shelf and has one-size-fits all approach. Because they are not customized to any business or entity needs specifically, they do not fully understand security vulnerabilities that are specific of the industry or business. This heavy emphasis on off the shelf information security products to manage cyber-security risks has become a cause of great concern. The reality of an inter-connected and inter-dependent digital global age is that understanding of operations, systems and processes is vital to understanding security vulnerabilities. Understanding of Security Process Logic seems to be fundamental. As cyber-security threats grow rapidly across NGIOA, the question is whether the conventional security technology solutions are able to cope up with security vulnerabilities and security threats in real time today and are effective. In today’s digital global age, data rules are at the center of the on-going cyber warfare. Safeguarding intellectual property, financial information, business information, strategy and reputation needs to be a crucial part of strategy. Yet with the number of security threats and the sophistication of attacks increasing, managing security is becoming a formidable challenge. There is a need for more effective security solutions. It is important to evaluate whether: * Do we have the right technical approach to cyber-security challenges? * Do the decision makers have the right approach to protect and strengthen their initiatives? * What is the relationship between logic and security? * How can billions of IoTs with trillions of interrelated and interconnected end-points and its communications and information sharing be secured? * Is there a need to monitor for the security effects rather than the causes? * How would monitoring security effects over causes work for security challenges? * How to identify security logic vulnerabilities? * How to test for business logic flaws? * How does human behavior and restrictions correlate with business functions and logic? * What will be the process to define business logic for different applications? * What tools are available for identifying, understanding, testing and monitoring business process logic? * What are some common tool types that can be useful in identifying business logic issues? * How to identify business logic vulnerabilities in web applications? * Would the core business logic be same for all different business processes? * How should business logic architecture be? * How to do gap analysis for business logic? Every action has an equal and opposite reaction. This is supposed to be at the heart of the “Business Logic Monitoring” proposed by Decision Zone, Inc. It is important that security community evaluates this approach to security. It is time for Security Community to take a closer look at the potential of “Business Logic Monitoring”! For more please watch the Risk Roundup Webcast or hear Risk Roundup Podcast About the Guest