CybersecuritySpecial Feature

In the Era of Digitization, Cybersecurity Needs to be Redefined

Securing future IT infrastructure for the technologies is a battle. As we move forward, Security has long been a challenge to cloud services. While it has been largely overcome, with the sharp increase in moving workloads to public cloud, there will be increased opportunity for hackers to easily hack a business.

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f2f2f2″]

“Our major focus would be on products such as Kaspersky Anti Targeted Attack Platform (KATA), Endpoint Detection and Response (EDR), Sandbox, Threat Intelligence Reporting, and Services, Managed Services Provider Partnerships, Security Cloud and Industrial Cybersecurity solutions.”

Dipesh Kaura,
General Manager for South Asia,
Kaspersky.

[/quote]

In today’s everyday threat landscape every organization – large or small is at risk of a cyber-attack. Every industry has suffered multiple high profile breaches, making it clear no one is safe. Even now security is becoming complex with each passing day and the organizations are under pressure to secure the company’s digital assets and network. As cyber attackers have become more sophisticated, organizations and cyber security experts have become better at dealing with threats.

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f2f2f2″]

“We offer our platform for Vulnerability Management called Holm Security VMP together with a powerful multi-tenant portal. The platform is a complete solution for continuous and automated scanning provided from the cloud and as an on-prem product.

Alok Sahay,
country manager India and SAARC,
Holm security
[/quote]

Dipesh Kaura, General Manager – South Asia, Kaspersky says, “Historically, APT actors have been the most innovative in designing new age attacks. We imagine that will continue, with the next level of false flag attacks. The continued use of commodity malware, scripts, publicly available security tools and administrator software will make attribution of the attack even tougher. Targeted ransomware is sure to take things up from where ransomware left them. They will perhaps focus more on organizations that are more likely to make substantial payments to recover their data”.

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f2f2f2″]
“Our long established, proven unified security and risk analytics technology paired with our partner’s knowledge of their individual customer needs is an unbeatable combination.”

Sandeep Puri,
Country Manager -India & SAARC
[/quote]

Alok Sahay, Country Manager India and SAARC, Holm Security added, “Over many years now the threat landscape has become more complex and the attacker use more and more sophisticated methods. We believe that social engineering continue to be the number one threat. IoT increases the attack surface – simply because the security in these devices is behind the actual development. So here we will see more and more incidents.”

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f2f2f2″]
“Training and upgrading partner skill sets in an ongoing process and we do this programmatically together with the channel marketing team. This is working well for RSA and we will continue with it in FY’20.”

Rajnish Gupta,
Regional Director
RSA Security
[/quote]

Rohan Vaidya, Regional Director of Sales – India, CyberArk, says “It’s not new, but phishing or using e.g. credentials procured from the Dark Web remains the most effective way of getting a foothold into an organization for sophisticated attackers. So the biggest threat to companies is how they lock down the route from initial compromise to their critical data and assets. The perimeter is porous and smart companies know that attackers will get in. They understand that defences need to be focused around preventing attackers moving around the network to get to the end goal, whether that be IP theft, network takeover or whatever else it might be”.

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f2f2f2″]
“SaaS cybersecurity offerings provide customers the ease and speed they have got accustomed to. It also allows vendors to automatically deploy updates and patches to protect against newly detected vulnerabilities.”

Harpreet Bhatia,
director, channels & strategic alliances
India & SAARC at Palo Alto Networks
[/quote]

As cyber security is evolving, so are the cyber criminals. It means the cyber attackers are winning; and it means businesses need to do all they can to mitigate the risk to their operations and customers operations too. Navigating IoT will become a minefield for everyone. Harpreet Bhatia, Director, Channels & Strategic Alliances – India & SAARC, Palo Alto Networks, says “2020 will see the evolution of IoT security play out in two key spheres: Personal and Industrial IoT. From connected doorbell cameras to wireless speaker systems, we will see a growth in attack modes coming in via unsecured apps or weak login credentials. Connected devices will need to be continuously retrofitted and updated in order to remain secure. There also is a growing trend among governments globally – including those in Asia Pacific- to issue guidance or regulations related to IoT device security. Further, efforts also are ongoing in industry standards groups to develop relevant security standards for IoT devices, such as the draft ISO/IEC 27037 standard. Both of these trends are certain to impact IoT device deployment to some degree. We also expect prioritization of public education to accompany the rapid growth and adoption of connected devices”.

[quote font=”tahoma” font_size=”13″ font_style=”italic” color=”#262626″ bgcolor=”#f2f2f2″]
“For the businesses that become CyberArk partners, we work with them to help customers move away from a perimeter focused defence to one that protects what is truly important, shifting focus to the critical data and assets that are the crown jewels of any organization.”

Rohan Vaidya,
Regional Director of Sales – India,
CyberArk
[/quote]

To manage increasingly distributed and complex networks, organizations are adopting technologies like Artificial intelligence and Machine learning to automate time consuming activities that require human supervision. This will lead hackers to use AI advancements to scan networks for vulnerabilities and automate phishing attacks. There are more access points than ever for cyber criminals to exploit now. Sandeep Puri, Country Manager -India & SAARC, Gurucul maintains,” In cybersecurity, the resilient enterprise of today adjusts control procedures daily. The resilient enterprise of the future, however, will adjust controls hundreds of times daily, through AI that adapts in real time as the data changes. In certain types of cybersecurity AI helps organizations make sense of the large volume of information generated by a range of data sources including SIEMs, firewalls, identity and access management (IAM), NetFlow, HR databases and more. AI can be applied to the events from these various datasets so that risky behavior patterns can be identified — and remediation can be immediately implemented”.

Dipesh of Kaspersky comments, “The growth of AI has been very significant in recent times. It is the key technology these days to detect any kind of suspected malware. AI will become more pervasive than it is today. It is set to multiply it power in the coming years. It has the potential to become the single most disruptive force of technology in coming years.”

In fact the hackers are also leveraging the tools such as analytics and known vulnerabilities in popular application to launch focused attacks with financial gains in mind. Threats from Ransomware, Data Leak, Malware, and Phishing will increase in 2020, at the same time Identity and authentication cloning are likely to grow. It means the landscape is going to be very complex. On this Rajnish of RSA Security says, “In 2020, we can expect 75% of all major breaches to happen due to fundamental mistakes, and not by extremely sophisticated techniques. As a result, new standards and regulations will drive a return to basic security best practices forcing security providers to improve some of the foundational security work that they should have been doing all along. On the business front, the accountability for cyber risk will move up the organizational chart, with businesses appointing board members with experience in risk management and information security. On the technology front, businesses will look to reduce dependency on talent via security orchestration and automation software, risk-based prioritization and comprehensive threat analytics”.

Cloud security is the future of cyber security. To predict and defeat attacks in real time, cybersecurity must move to the cloud, Harpreet of Palo Alto Networks added, “More businesses are seen to be leveraging containers (i.e., operating system virtualisation) for their efficiency, consistency and lower costs. However, the potential dangers of exposed and misconfigured containers will soon rear their ugly heads, leaving organisations vulnerable to targeted reconnaissance. With the usage of proper network policies or firewalls, or both, internal resources can be prevented from being exposed to the public internet. Additionally, investing in cloud security tools can alert organisations to risks within their current cloud infrastructure.”

As Cyber Security is an important concern for every organization. Organizations understand the risks and for them it is very important to set their priorities right, right supporting processes are needed along with the right enabling technology. To implement this, strategy is needed to enable partners with adequate technology and skillset. Channel partners must be aware of new attacks and about the solutions for them. On this, Dipesh added, “Across the world, Kaspersky is recognized for its innovative security solutions. We have developed an innovative program- Kaspersky United Partner Program that does more to help our partners. Whether you’re a software reseller, system integrator, managed service provider (MSP) or security service provider – and regardless of whether you sell IT protection to SMBs or enterprise-grade solutions to telecoms operators, financial institutions or government, the Kaspersky United Partner Program can help our partners to grow profitable and explore new revenue streams. We provide partners with regular trainings on the evolving threat landscape as well as the latest solution updates as part of the program”.

VERTICALS LIKELY TO INVEST MORE IN 2020

Many industries still assume that attacks only happen to banks or companies that hold consumer data or something else that can be easily exploited and sold. This is not the case. law and recommendations, like Data Protection Bill in India, puts a higher pressure on not only government and the financial sector, but also organizations that provided services that are crucial like energy companies, transportation, infrastructure and healthcare.

Finally….  

Today’s disruptive technologies including IOT, cloud computing, edge computing, etc. are changing threat landscape drastically. As IOT has produced different ways to interact and exchange data which makes it easy for the hackers to take advantage of the situation and gain access to all the information that is being exchanged online. Similarly cloud computing and edge computing offers many passages to the cyber criminals to play guerrilla warfare with the organizations. Therefore, Cyber security has been more widely accepted as board level topic and the senior executives have become more aware about its impact on achieving business goals and brand protection. Security leaders are striving to help their organizations securely use technology platforms to become more competitive and drive growth for the business.

Related posts

Palo Alto Networks Unveils Cortex XSOAR

adminsmec

Tenable advises Organsations to Patch Windows OS to Protect from “zero-day” Exploit

adminsmec

Businesses receive boost to security with Zyxel’s latest VPN solution

adminsmec