Every business has a different perspective and approach to cybersecurity.

At Grab, Southeast Asia’s largest ride-hailing platform, early detection of cybersecurity risks is the key for the company to avoid repeating the footsteps of competitors*, according to Grab’s cybersecurity Chief.

Speaking at the Splunk event in Singapore, Suchit Mishra, Head of Information Security at Grab, revealed that the company is building an information security incident detection controller. This controller works across all of the company’s products, services, applications, and infrastructure to collect information about vulnerable components.

That information is used to enhance Grab’s network security, which Mishra calls an “offense informing defense” strategy. This method has better intrusion prevention and is cheaper. Because the company will only invest in what is absolutely necessary to reduce cybersecurity risks.

To implement this strategy, Mishra says the key is to collect log data about everything that’s happening in both internal and external systems, such as customer service portals or apps using BI (business intelligence). Such data should be stored in a central component.

But that’s not enough, organizations need one more step to prevent data collection from becoming useless, which is building a dashboard to turn the insights into meaningful. This way, we can get an overview of the cybersecurity situation in the organization, Mishra said.

“This is not a new concept. If you look at things like A/B testing or performance monitoring, it’s all logged and put up in dashboards for all involved parties to monitor and analyze.”

In addition to valuable information from Grab’s bug bounty program with rewards for white hat hackers up to $10,000, Grab’s information security team also relies on log data poured into the Splunk dashboard to identify vulnerabilities and security incidents, for example when someone tries to steal employee information and export the data. All such information is sent to Grab’s engineering team to take the necessary measures.

“If we just build a risk prevention system, we can only detect weaknesses based on the available risk models. But with this data (log data), we have more resources to drive the security initiatives we launch based on the data we collect”.

*In 2017, Uber, Grab’s rival in Southeast Asia, was exposed that the company had tried to cover up an information disclosure incident affecting 57 million car and motorbike drivers. The incident started when Uber did not implement multi-factor authentication for Uber accounts on GitHub, from which the personal information of the company’s programmers was stolen for unauthorized access into an Uber data center on Amazon Web Services.

Uber then withdrew from the Southeast Asian market, selling its entire business in the region to Grab. The deal is valued at $6 billion and gives Uber a 27.5% stake in Grab.

Reference: E-guide @ComputerWeekly