J S SODHI
CSO100 Award 2019
Dr JS Sodhi is the senior VP at Amity Education Group. Sodhi has 25 years of professional experience with Doctorate in Information Security. He is leading team of 200 IT professionals for overall IT management responsibility of Amity Institutions (www.amity.edu) throughout 35 locations in India & 10 International locations and AKC Group of Companies (www.akcgroup.com).
KEY SECURITY INITIATIVES
Security Operation Centre (SOC) with Artificial Intelligence was set up Amity Education Group. The aim of this project was to build a self-learning machine that can act like a human while taking SOC decisions. This is completely different from rule-based. This is like machine learning from the decisions taken by SOC Analyst and increasing its knowledge base over months or years. The decision making the ability of such machine increases and more accurate with time as its knowledge base increases. Some of the benefits achieved by the solutions were firewall, servers, IDS/IPS and other such devices generated logs of millions of lines daily. These devices secure network infrastructure based on pre-defined rules. As these devices make entry of each and every in-out connection they are most helpful in identifying any security breach. It has been seen that organizations came to know about security breach after months of incidence and then they start analyzing earlier logs. It is difficult to analyze such a large log on a daily basis by human and also there is no use if analyzed by some pre-defined rules. Idea was to build a self-learner machine that can check logs in run-time and will learn on the basis of past decisions and incidences. As time will pass the machine will become more accurate in decision making as its knowledge base will increase. So, logs will be analyzed in run-time and a more accurate decision will be taken to any incidence. As the machine's decision making ability is based on its knowledge base so as its knowledge base will increase it will be able to take more accurate decisions. The organization has also deployed the biggest honeypot network, all across the country, to capture logs, so that machine can learn quickly and start taking more accurate decisions.