With its innovative solutions, Mandiant is helping businesses build robust and resilient security infrastructure to sail across the current threat landscape
“Cyber resilience should be embedded into an organisation’s enterprise risk management strategy, with security leaders playing an active role in consulting during business decisions.”
Country Manager, India & SAARC,
The Pandemic has forced businesses to shift to online operations and there has been a massive adoption of remote working culture. and online learning, resulting in digitalisation on an unprecedented scale. Along with the shift to online has also come an unacceptable rise in cybersecurity issues.
With rising ransomware cyberattacks on IT infrastructure, businesses have realized the importance of embracing zero tolerance for gaps in their security strategy. They are increasingly investing on strengthening their cybersecurity to secure their crown jewels and their valuable data. This has thrown open a big opportunity for cybersecurity players.
As the India market remains in the eye of a major digital transformation buoyed by a tech-centred Union Budget, SME Channels embarks upon recording the voices of the who’s who of the Cybersecurity landscape.
As part of our effort to make the voices of major security players heard by the channel community, here is the Security Predictions from American Security major Mandiant.
In a special interaction with SME Channels, Balaji Rao, Country Manager, India & SAARC, Mandiant, reveals his organization’s strategy to address growing need for security solutions from customers, his predictions for the cybersecurity industry in 2022 and his vision and plans for the channel community. Edited excerpts…
Please give a brief introduction of your company
Since 2004, Mandiant has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats.
With the pandemic still lurking there, what are the major market trends you are forecasting for 2022?
The cyber security industry has experienced rapid shifts since the start of the pandemic.
With the popularity and adoption of remote working, organizations now understand the importance of bolstering their security posture to address security gaps and provide secure information accessibility. While the security risks of staff shifting from working in the office to working from home are often front of mind, they shouldn’t be the only point of focus.
Another, sometimes less addressed, challenge related to Internet connectivity is the ever growing attack surface being spawned out of digital transformation initiatives. As businesses become more agile, departments can often self-service their own IT requests through cloud services. IT and Security teams are left in the position of trying to understand what Internet-facing resources are used across all departments in the organization. These resources change dynamically and so this is a continuous rather than one time effort for those teams.
Why is it important to identify these assets? Because security teams can’t protect assets that they don’t know they have. As technology dependence only continues to grow, organizations are turning to Attack Surface Management tools to help identify Internet-facing assets and the issues those assets have which pose a risk.
We’ll continue to see ransomware evolve and dominate the cybersecurity landscape in the near future.
It’s become the preferred method of attack for cyber criminals. When ransomware attacks first started growing in volume a few years ago, payments were measured in the thousands of dollars. Now it’s not uncommon for the ransom demands to be in the millions for a single victim organization.
Ransomware itself has evolved into more of a multi-faceted extortion where attackers have advanced their techniques to gain multiple points of leverage against the organizations they victimize. In addition to locking organizations out of their own data, attackers now also steal data and threaten to shame victims by publishing that stolen data. That second technique is one where even a set of good backups won’t solve the problem. For many organizations a data breach and associated extortion might be more impactful from a business perspective than a service outage that results from a more traditional ransomware attacks.
Businesses need to develop a robust and resilient security infrastructure to identify, mitigate, and prevent present and future attacks, considering the current threat landscape.
The rise in online operations and huge business migrations to the cloud during the pandemic has created humongous security issues, how are you bracing to address the security challenges faced by businesses?
The Covid-19 pandemic witnessed an acceleration in cloud migration amongst companies as it provided businesses with the flexibility they needed to manoeuvre the uncertain times. In response, attackers are realigning their tactics and techniques, including social engineering and exploiting misconfigurations, to target cloud environments.
The Mandiant Cloud Architecture and Security assessment evaluates an organization’s current security state while prioritizing its cloud assets. The assessments enable companies to understand their threat and security controls that are unique to their cloud environment. It improves their ability to detect and respond to threats across all stages of their attack life cycle and strengthen their security posture to reduce risks of future compromise. Remaining vigilant will enable them to defend against upcoming threats and respond to those that inevitably get through.
For organizations asking what more they can do to defend against ransomware, preparation is not completely about technical security controls. Mandiant has responded to hundreds of ransomware attacks over the last year, and the organizations that have put in preparation around plans for response and recovery weather the storm a lot better than those organizations who find themselves in a ransomware crisis with no plan at all. A Ransomware Defense Assessment can help to guide on response and communications plans during the ransomware event and recovery plans after the ransomware event. Table Top Exercises that give executives an opportunity to practice decision making in a ransomware crisis can go a long way to improving outcomes as well. Ultimately, these attacks impact the business, so it’s not just IT and security teams that need to be prepared, the business stakeholders need to be prepared as well.
Cybersecurity is highly tech-intensive. How do you educate your partners to deliver in this highly challenging and competitive security landscape?
With rapid digitization, enterprises need to consider new approaches to cyber security – one that addresses the gaps in their cyber security landscape with support and direction from their leadership. Enterprises need to align their business priorities with their security framework. Cyber resilience should be embedded into an organisation’s enterprise risk management strategy, with security leaders playing an active role in consulting during business decisions. Not forgetting the cybersecurity skills gap has become more acute and prevalent as organizations adopt newer technologies. Companies need to continue to invest in recruiting cyber security talent and focus on reskilling their workforce. Businesses need to take decisive, quick actions with industry-leading intelligence to face emerging threats.