Business Logic Monitoring and Automation

Rajeev Bhargava, CEO of Decision- Zone Inc based in Canada participates in Risk Roundup to discuss “Business Logic Monitoring and Automation”.

Overview

Today, nations: its government, industries, organizations and academia (NGIOA) are vulnerable to security challenges from cyberspace, geospace and space (CGS). While entities across NGIOA do invest in information security products, the growing concern is whether the information security products are able to effectively understand the security risks of entities and initiatives that they are supposed to secure.

Many of the information security products that are used by entities across NGIOA currently are off the shelf and has one-size-fits all approach. Because they are not customized to any business or entity needs specifically, they do not fully understand security vulnerabilities that are specific of the industry or business. This heavy emphasis on off the shelf information security products to manage cyber-security risks has become a cause of great concern.

The reality of an inter-connected and inter-dependent digital global age is that understanding of operations, systems and processes is vital to understanding security vulnerabilities. Understanding of Security Process Logic seems to be fundamental.

As cyber-security threats grow rapidly across NGIOA, the question is whether the conventional security technology solutions are able to cope up with security vulnerabilities and security threats in real time today and are effective.

In today’s digital global age, data rules are at the center of the on-going cyber warfare. Safeguarding intellectual property, financial information, business information, strategy and reputation needs to be a crucial part of strategy. Yet with the number of security threats and the sophistication of attacks increasing, managing security is becoming a formidable challenge. There is a need for more effective security solutions. It is important to evaluate whether:

  • Do we have the right technical approach to cyber-security challenges?
  • Do the decision makers have the right approach to protect and strengthen their initiatives?
  • What is the relationship between logic and security?
  • How can billions of IoTs with trillions of interrelated and interconnected end-points and its communications and information sharing be secured?
  • Is there a need to monitor for the security effects rather than the causes?
  • How would monitoring security effects over causes work for security challenges?
  • How to identify security logic vulnerabilities?
  • How to test for business logic flaws?
  • How does human behavior and restrictions correlate with business functions and logic?
  • What will be the process to define business logic for different applications?
  • What tools are available for identifying, understanding, testing and monitoring business process logic?
  • What are some common tool types that can be useful in identifying business logic issues?
  • How to identify business logic vulnerabilities in web applications?
  • Would the core business logic be same for all different business processes?
  • How should business logic architecture be?
  • How to do gap analysis for business logic?

Every action has an equal and opposite reaction. This is supposed to be at the heart of the “Business Logic Monitoring” proposed by Decision Zone, Inc. It is important that security community evaluates this approach to security.

It is time for Security Community to take a closer look at the potential of “Business Logic Monitoring”!


For more please watch the Risk Roundup Webcast or hear Risk Roundup Podcast


About the Guest

Rajeev Bhargava, is the CEO of Decision Zone Inc and is based in Canada. He has over 35 years’ experience in process management, computer software development and IT security and management consulting. He has held executive and senior technical positions with companies in the high- tech, telecom, nuclear and financial industry space. Managed design & implementation teams for large scale projects for network infrastructure deployment, ERP, CRM, government & health-care information portals and telecom cable management & security. He has led software teams for the product development of fifth generation pattern programming language, complex event processing, business process management and deep message inspection.

About Decision- Zone, Inc

In 2005, Rajeev Bhargava, inspired by the “Rapid Language and Toolset,” envisioned the value of software that could rapidly audit application to application messages (also referred to as “Events” and “Utility System Events”) as they occur on the bus, “on the wire,” in real time for security, compliance and business assurance. In the early stages of development, he further expanded the capabilities of the Rapid Language until it could read operational workflow processes (business logic) and logically translate diagrams of workflow into a single three-dimensional model, in the context of space, time and causality. With the advent of this new language, Mr. Bhargava created a code free development platform that automatically determines what utility system events must occur to facilitate correct operational workflow, and what events do not belong in an operational process. In 2015, after ten years of development, testing, market evaluation and multiple Proof of Concepts, Decision Zone Technologies, Inc. released dzAudit, a powerful Deep Message Inspection software that gives users a code free development platform to create applications that autonomously secure, learn and detect threats and anomalies on the message bus.

About the Host of Risk Roundup
Jayshree Pandya (née Bhatt) is a visionary leader, who is working passionately with imagination, insight and boldness to achieve “Global Peace through Risk Management”. It is her strong belief that collaboration between and across nations: its government, industries, organizations and academia (NGIOA) will be mutually beneficial to all—for not only in the identification and understanding of critical risks facing one nation, but also for managing the interconnected and interdependent risks facing all nations. She calls on nations to build a shared sense of identity and purpose, for how the NGIOA framework is structured will determine the survival and success of nations in the digital global age. She sees the big picture, thinks strategically and works with the power of intentionality and alignment for a higher purpose—for her eyes are not just on the near at hand but on the future of humanity!
At Risk Group, Jayshree is defining the language of risks and currently developing thought leadership, researching needed practices, tools, framework and systems to manage the “strategic and shared risks” facing nations in a “Global Age”. She believes that cyberspace cannot be secured if NGIOA works in silo within and across its geographical boundaries. As cyber-security requires an integrated NGIOA approach with a common language, she has recently launched “cyber-security risk research center” that will merge the boundaries of “geo-security, cyber-security and space-security”.
Previously, she launched and managed “Risk Management Matters”, an online risk journal and one of the first risk publications, publishing “Industry Risk Reports of Biotechnology, Energy, Healthcare, Nanotechnology, and Natural Disasters” over the course of five years. Jayshree’s inaugural book, “The Global Age: NGIOA @ Risk”, was published by Springer in 2012.

About Risk Roundup

“Risk Roundup” is an “integrated strategic security risk dialogue” for nations: its government,  industries, organizations and academia (NGIOA) in cyberspace, geospace and space (CGS).Risk Roundup is released in both audio (Podcast) and video (Webcast) format and is available for subscription at (Risk Group WebsiteiTunesGoogle PlayStitcher RadioAndroid, and Risk Group Professional Social Media).

About Risk Group
Risk Group believes that risk management, security and peace walk together hand in hand. Though security is related to management of threats and peace to the management of conflict, risk management is related to management of security vulnerabilities as well as management of conflict, and it is not possible to conceive any one of the three without the existence of the other two. All three concepts feed into each other. Risk Group believes that the security we build for ourselves is precarious and uncertain until it is secured for everyone across nations. Tradition becomes our security-so if we build a culture of managing risks effectively it will lead us to security and security will lead us to peace!

Copyright Risk Group LLC. All Rights Reserved