The ever growing challenges of cybersecurity with no concrete solution yet…..
High profile data breach in 2020 and 2021
. Facebook users’ phone numbers leaked on hacking forum (Exposed personal data of over 500 million Facebook users)
. LinkedIn profiles had been put for sale on a popular hacker forum (Exposed 500 million users)
. ParkMobile breach exposes license plate data and mobile numbers of its users (Exposed Mobile Numbers of 21M Users)
. Air India cyber-attack(4.5 million customers)
. Marriott International (Marriott Data Breach 2020: 5.2 Million Guest Records Were Stolen)
. Magellan(More Than 364,000 Individuals Affected)
. Twitter( A malicious code was inserted into its app hasimpacted information worldwide)
. Garmin( Hackers deployed the ransomware tool and encrypts company’s digital infrastructure, paid $10 million as ransom)
. Software AG(It has hit with $23 million ransomware attack)
. FireEye and SolarWinds supply chain attack victims(Hackers inserting malicious code into a SolarWinds software update)
. Florida Water System( The intruder boosted the level of sodium hydroxidein the water supply to 100 times higher than normal)
. Microsoft Exchange Mass Cyber Attack( Causing Rampant Damage to Millions Worldwide)
. Airplane Manufacturer Bombardier( Confidential data of customers, suppliers and approx. 130 Bombardier employees has compromised)
. Sopra Steria Ransomware Attack( Sopra Steria cyber attack costs to hit €50 million)
. Acer(REvil Ransomware Attack cost a ransom of $50 Million)
. The US Fuel Pipeline(U.S. fuel pipeline operator Colonial Pipeline has shut its entire network)
. Telegram Hijack ( Millions are exposed as a malicious new threat exploits Telegram with dangerous malware)
. Mobikwik (10 million users for mobile wallet reported to be on sale on the dark web)
. Juspay( 35 million records with masked card data and card fingerprint were breached)
. Airtel denies claims that data of 2.5 million users was leaked
Worldwide spending on cybersecurity products and services has collectively exceeded $1 trillion from 2017 to 2021.The ever-growing number of public IP addresses and access points, a dramatic increase in the volume of Internet traffic, and the massive amounts of data that the world generates today, combine to create a highly favourable environment for cybercriminals to exploit vulnerabilities. The cost of cybercrime will reach 7 trillion dollars worldwide by 2021, and the cost of ransomware damages will rise to 20 billion dollars.
Technological advancements have not only given us the power to manage everything with a click of a button, but it has also made us vulnerable to many threats online.The Covid-19 pandemic has given an unprecedented opportunity to cyber attackers to hack and break down the organizations’ IT infrastructure. The work-from-home working module adopted by the organizations has been attributed to the rise of cyber-attacks. As per IBM's Cost of a Data Breach Report 2020 found that organizations took 207 days to detect a security breach and over 80 percent of the reported cybersecurity threats were phishing attacks.
As per a report, hackers had installed malware into IT company SolarWinds' Orion software and accessed critical data of blue-chip companies, hospitals, universities, and U.S. government agencies.According to the report, at least twenty-four tech giants, including Nvidia, VMware, Cisco, and Intel, fell victim to the malware embedded into the Orion software.In the second half of 2020, when the world was struggling to deal with the coronavirus pandemic, cybercriminals did not even spare Covid-19 vaccine research institutions, targeting seven high-profile establishments from around the world, including one in India.
Time to Protect Your Organization Against Cyber Attacks
Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals. The growing damages faced due to cyberattacks become necessary to take preventive measures right away.
• Generate Cyber Security Awareness:
• Implement a Phishing Incident Response Tool
• Carry Out periodic VAPT
• Keep the Systems Updated
• Implement Multi-Factor Authentication (MFA)
Technologies and business models have emerged in the cybersecurity space as the world embraced a remote work model where there’s no network perimeter and more applications and data are in the cloud than ever before. The funding landscape for cybersecurity startups has gone gangbusters this year, with 14 startups notching valuations in excess of $1 billion through the first four months of 2021 alone. Secondly,the lack of a network perimeter in this new world accelerated the adoption of SASE (secure access service edge), zero trust and XDR (extended detection and response) to ensure remote users and their data are protected.
The COVID-19 pandemic has accelerated the journey to zero-trust platforms as virtually the world’s entire workforce was shoved outside a defined network perimeter, forcing organizations to secure end users who are working remotely as well as fix anomalies and configuration issues revealed by the new approach.In light of the recent attack on the colonial pipeline, many countries have come forward to strengthen their network security.
Government of India is one of the largest digital ecosystems and the cyber-security budgets are still paltry. Indian government has increased the expenditure for the Indian digital programme by 23 percent to Rs 3958 crore for the year 2020-21.India’s cybersecurity services industry is projected to grow from $4.3 billion in 2020 to $7.6 billion in 2022.According to the Data Security Council of India, the size of the industry is expected to be $13.6 billion by 2025, with a growth rate of 21%. This proposal is geared toward helping the cybersecurity ecosystem in India to grow stronger. MeitY has launched the Cyber Surakshit Bharat initiative which was in conjunction with the National e-Governance Division (NeGD). Even though India is faceing a critical cybersecurity risk with a dire need to improve the cybersecurity defences, it is taking small steps in improving the overall cybersecurity infrastructure.
At the same time Private equity firms continue to eye the sector. Thoma Bravo has helped build many of the world's leading companies in applications, infrastructure and cybersecurity. Today, the private equity software portfolio includes 40+ companies that generate over $16 billions of annual revenue and employ over 50,000 colleagues around the world.
Meanwhile, analysts say Netskope and Menlo Security are among cloud security startups that could launch IPOs. Analysts say a new wave of startups seems to be taking share from industry incumbents. They include Illumio, Cybereason, Exabeam, Darktrace and iBoss.
Microsoft is clearly pitching itself as offering a full security suite, a competitive advantage as customers increasingly want a unified view of threats. Microsoft has disclosed that its cybersecurity revenues top $10 billion annually. Microsoft uses its own cybersecurity platform, Windows Defender Advanced Threat Protection (ATP), for preventative protection, breach detection, automated investigation and response. With 400,000 customers, Microsoft's computer security franchise is growing at more than 40%, as per the company.
Further, CrowdStrike's initial public offering in June, 2019 raised $612 million, one of the largest cybersecurity offerings. CrowdStrike's rivals include VMware's Carbon Black, Palo Alto, FireEye and startup Cybereason. Private equity firms Blackstone and ClearSky recently invested $400 million in FireEye.
As the Computers are attacking us, software is attacking us. The only way forward is using artificial intelligence. Now the cyber security companies are using AI and ML and a specialized database to detect malware on laptops, mobile phones and other devices that access corporate networks. Machine learning has become a vital technology for cybersecurity.In addition, many software companies are using artificial intelligence to get a competitive edge.
Coronavirus Outbreak Boosted Demand For Cloud Security
Other cybersecurity firms with a sizable government business include Tenable Holdings, Rapid7 and CyberArk. Tenable in February acquired France-based Alsid, which focuses on identity access management.Rapid7 and Qualys specialize in vulnerability management services.
Gartner forecasts that the corporate computer security market will grow more than 10% on average annually through 2024 versus 3% growth for information technology department spending.As remote workers access company data via the internet, many businesses are setting up virtual private networks, or VPNs. Some are buying laptops with preinstalled security software.
However, industries hard hit by the coronavirus pandemic will spend less on security software. They include airlines, hotels, retail and restaurants. However, one view is that mergers and acquisitions will pick up.
Spending on security technologies has evolved as companies shift business workloads to cloud computing service providers. Amazon Web Services, part of Amazon.com is the biggest cloud services firm. Amazon looms as a potential rival as it builds more security tools into its cloud services.
In addition, Microsoft is integrating more security tools into its cloud-based Office 365 software. Microsoft competes with cybersecurity firms such as Proofpoint, Splunk, CrowdStrike, Okta, and startup Netskope. To slow down hackers, more companies are focusing on internal security threats though a strategy known as Zero Trust. The things are getting complicated as the state-sponsored hackers and cybersecurity firms are both using artificial intelligence to get an edge.
Zero Trust cybersecurity models focus on internal threats, such as hackers stealing someone's security credentials. Security firms verify the identity of network users and limit access to applications.
You may think the time is right to move into cybersecurity stocks but the Cybersecurity products are battling with Ransomware, Phishing and the enterprises are fighting with Cybersecurity stocks span a wide-range of products and services. In addition, some security vendors are shifting to software-based subscription business models from selling hardware appliances.
Let’s peep throughhow the OEMs are geared to secure industry with their various products and service offerings.
Rajeev Sreedhar, MD – India & SAARC, Infoblox
Infoblox’s BloxOne Threat Defense provides simple, ubiquitous protection for on-prem, cloud and hybrid networks from the network core
Measures to be taken for Cyber threats
The rise in remote work, branch offices, and IoT devices has led to the increased adoption of cloud-based applications, services, and infrastructure, and increased the challenge for enterprises. The growth of highly dispersed networks and the increased use of cloud have expanded the need to secure users and data located outside the four walls of headquarters, leaving organizations vulnerable to cyberthreats and highlighting the importance of end-to-end encryption.
In this network environment, organizations looking to protect themselves from cyberthreats need a solution that gives them visibility into their entire network. Without visibility into which devices are connecting to a network and where network traffic is going, network security professionals are working with one hand tied behind their back, forced to react to threats as they arise from unknown vectors instead of proactively managing threats before they cause damage.
BloxOne Threat Defense from Infoblox can provide this kind of visibility and security by enabling large organizations to secure and scale their networks to optimize the infrastructure for a cloud-first world. It provides simple, ubiquitous protection for on-prem, cloud and hybrid networks from the network core. It is a cloud-native, hybrid solution that uses the data generated by DDI to monitor network traffic, proactively identify threats and automatically inform security systems and branch office network managers, addressing security incidents with speed and efficiency in order to better protect data and mitigate the costs of an attack by catching the 90% of all malware that touches DNS to enter or exit the network.
Partner Network
Our channel partners are some of the most important components of our business, and we are proud to have partners on five continents. We are relentless in providing opportunities for our partners to succeed, through investment, enablement, and special incentive opportunities to help them deliver the networks of the future to the entire world.
In today’s cloud-first world, reaching the last mile has never been more important, and so we have stepped up our investments and innovation in our cloud-first BloxOne Platform--which comprises BloxOne DDI and BloxOne Threat Defense--to enable our partners to provide security and networking security services over the cloud, as services. Because the BloxOne platform is cloud-native, it offers cloud-managed deployment, requiring no new infrastructure to implement, and enabling customers to quickly and remotely secure and manage connected devices, whether at HQ, in a worker’s home, or in the middle of the ocean.
Microsoft security business driven by its unique approach
Rajiv Sodhi, Chief Operating Officer, Microsoft
Measures to be taken for Cyber threats
Security is a priority for organizations now, especially as organizations across industries are looking to transition from remote work to hybrid. But even as people begin to transition back to the office, we expect a future where hybrid work will be the norm.
People are working on corporate networks and home networks and moving fluidly between business and personal activity online, thanks to technologies intertwined with both aspects of our daily routines. The growing sophistication of the threat landscape, coupled with the inflection point that is hybrid, is driving a sea change for the security industry.
Given Microsoft’s footprint across so many technologies, we are in a unique position to think holistically about the core aspects of security: stretching from identity and access management; through endpoint, email, and application security; to data loss prevention and into cloud security and SIEM. Across our platforms and services, we take in over 8 trillion security signals every 24 hours, which we then put to work on behalf of our customers. In 2020 alone, almost six billion malware threats were blocked on endpoints protected by Microsoft Defender.
What drives our security business is our unique approach, which enables organizations to adopt a Zero Trust architecture, while also reducing the complexity, cost, and risk created by stitching together point solutions.
Partner Network
With over 300,000 partners globally, our partners influence more than 95% of our commercial revenue, either directly or in partnership with us. In India, the ecosystem currently has more than 11,000 partners. Together, Microsoft and its partners are working toward the same goals: innovate and deliver new solutions and drive success and digital transformation for our customers.
We have launched a co-selling program in 2017 under which partners, to date, have made $18.5 billion directly from co-selling their intellectual property (IP) with us. In the current fiscal year, our sales organization has shared and closed more than 166,000 co-sell opportunities with partners. It’s increasing its co-selling focus on small and midsize businesses this year.
The Microsoft Intelligent Security Association is a community of more than 175 partner companies who have created over 250 integrations with Microsoft products and services, helping organizations close the gaps between fragmented security solutions and minimize risk.
“Organisations in India need to shift from a traditional vulnerability management approach to one that is risk-based”
Kartik Shahani, Country Manager, Tenable India
Measures to be taken for Cyber threats
Digital transformation and the work-from-home economy have converged and dramatically expanded the attack surface. To improve security in this expanded environment, organisations in India need to shift from a traditional vulnerability management approach to one that is risk-based. This will enable security teams to see and continuously assess the modern attack surface, predict which vulnerabilities pose the greatest business risk and act with confidence to effectively reduce risk. The ability to see, predict and act are foundational to stay ahead of cyber threats.
Best Practices
GPS is used by industries for critical navigation, control systems, and operational processes. This includes maritime, aviation, automotive, financial, telecommunications and defence industries. It serves as a mechanism to determine precise location and also as a critical, extremely accurate time reference.
GPS systems that are not properly secured are vulnerable to GPS jamming, spoofing, and cyberattacks. GPS location data should be monitored and benchmarked against other navigational data. In situations where extremely precise time is required, accurate backup time devices should be implemented. These two simple countermeasures will mitigate attacks against GPS navigation and time data or loss of signal. In addition, security teams require full visibility and real-time accounting of what is on the network – such as GPS time servers and protection devices to be able to detect and thwart threats. Cellular networks and many industrial processes use GPS for time synchronisation. Many operational technology (OT) plants have their own GPS receivers to run local instances of NTP (network time protocol). Time synchronisation is critical for industrial processes where certain functions must take place at precisely the right time for the operations to run properly. The best practice would be to use at least two of the four globally available satellite navigation-based time sources for redundancy. That way, if one source of time malfunctions, industrial plants can rely on the remaining sources for accurate time. In the event all GPS signals are disrupted, a high precision backup clock can be used.
Partner Network
Tenable has integrations with a variety of security and IT operations technology partners as part of its Cyber Exposure ecosystem. Alongside our ecosystem partners, we have the world’s richest set of Cyber Exposure data to analyse, gain context and take decisive action to better understand and reduce cyber risk. We collaborate with leading security technology resellers, distributors and ecosystem partners worldwide.
The most effective way to ensure privacy and security is by implementing a ‘security by design’ approach
Sanjay Manohar, Managing Director, McAfee Enterprise India
Measures to be taken for Cyber threats
Enterprise threats are growing in volume and sophistication, while rapidly targeting new vulnerabilities. Security practices must not only be established but updated and followed to safeguard against these agile, versatile threats.
There is a critical need to maintain an edge over cybercriminals and ensuring security teams are equipped to anticipate and outwit their next move. By adopting an active hunting approach, enterprises can develop an operational cycle to plan, execute, and review intelligence-driven activities, strengthen defences and stay one step ahead. There is a need for the cybersecurity framework to evolve towards deployment of a sustainable, proactive approach to adapt intelligently, and rapidly as and when advanced threat forms are identified. This progression mandates that CISOs transform their mindset, that has been traditionally focused on the prevention portion of the ‘prevent-detect-correct’ threat defence lifecycle to a balanced focus on detection and correction approach.
From an industry point of view, implementing a ‘security by design’ approach is the one of the most effective ways to ensure privacy and security. This ensures that data protection strategies are well incorporated into the technology, at the design stage. This allows the product or service to accept new technologies as threats evolve as well as work together with other systems as a cohesive defence.
Solutions for sophisticated attacks
Online threats are growing at a pace unprecedented, with McAfee Labs observing an average of 588 malware threats per minute. This makes it difficult for legacy threat detection systems to monitor threat behaviour and detect new malicious code. One of the biggest challenges of AI is that it is a two-way street - if security teams use AI to prevent cyberattacks, the attackers too use AI to conceal or dispense more effective attacks.
Last month, we released a substantial expansion to our XDR platform aimed at proactively stopping targeted attacks. This expansion of our MVISION extended detection and response (XDR) solution by correlating with its endpoint security solution, Secure Access Service Edge (SASE), and our threat intelligence solution powered by MVISION Insights. Our objective is to protect organisations against threats while making security operations from device to cloud easier. Our solution combines machine learning techniques with human analysis across complex threat campaigns using AI-guided investigations. This delivers end-to-end threat visibility across all attack surfaces, using automation to streamline operations, so enterprises can foresee an attack and not scuffle to contain a breach.
“Security should be built into the IT Infrastructure and applications, not bolted on”
Harshavardhan Kathaley, Director, Channel Sales (India & SAARC), Juniper Networks
Measures to be taken for Cyber threats
Situational awareness is the most important subject of interest for any Chief Security Officer (CSO) today. This is a very broad scope here but if any organization reaches a state of full visibility and proactive security landscape awareness, then they have won half the battle. The other half is about how well the organization responds.
This is where I would reiterate the importance of an organization working as one. The responsibility to safeguard against cyber threats cannot be just owned by the security team. The discipline to be alert, preventative measures, and ability to thwart threats is a cultural goal that organizations should aspire to achieve.
Security should be built into the IT Infrastructure and applications, not bolted on. Different devices of the network should be able to talk to each other and act together to fight against cyber threats.
Solutions for sophisticated attacks
It is a fact that lot of development in machine learning (ML), AI and crowd sourced data utilization happens in the dark web. As security solution providers, we are constantly challenged by these attackers which drives innovation to be able to beat them. Our success is how we could be a step ahead of them. Some of our best work also happens in this space.
• Case in point is the Juniper Advanced Threat Prevention (ATP) solution. We have built one of the best ML based ATP system that combines the best of what Juniper had in its Cloud ATP offering and the cutting-edge solution we inherited from our acquisition of Cyphort. Juniper Sky ATP solution can provide protection against the day-zero malware attacks which are primary source of security concern these days.
• The Juniper Mist AI Engine is widely considered as the flag bearer of the AI Revolution that is taking over the network & security Space. Our goal is to integrate all our Enterprise solutions under the Mist AI Umbrella and when that happens the possibilities are limitless.
• Zero-trust security policy can be a good option to protect the organization against such coordinated attacks. The acquisition of 128Technology by Juniper empowered us with Session Smart Routing based SD-WAN solution, which is built on zero-trust security policy.
Juniper Connected Security solution can help organizations to protect against such coordinated attack.
Partner Network
We have extensive coverage across the various geographies through our own team, partner network and distributors catering to customers in various industry verticals and segments from Service Providers and Telcos to Large and Medium enterprise customer.
“Our customers globally are using SAFE to objectively measure their cyber risk posture across the enterprise”
Rahul Tyagi, Co-founder, Safe Security
Measures to be taken for Cyber threats
Firstly, we need to understand why we are seeing so many cyber threats globally, and not just in India. The COVID-19 pandemic has accelerated digital transformation plans for businesses, significantly increased cloud adoption and has forced companies to adopt a new way of working - from home. With this context in mind, hackers have exploited the lack of preparedness of most companies when it comes to cybersecurity, as security and risk management leaders globally face new security challenges because of the present economic and business environments.
Moreover, businesses today continue to use traditional forms of cybersecurity to defend against cyberattacks. Traditional forms of cybersecurity only give a sense of security without showing an enterprise wide, real-time risk posture. This is where we are seeing the increased adoption of Digital Business Risk Quantification platforms such as SAFE. Our customers globally are using SAFE to objectively measure their cyber risk posture across the enterprise in real-time, and know their Breach Likelihood and stay a step ahead of cybercriminals.
Solutions for sophisticated attacks
Every organization generates and manages data across three key areas - people, process, technology and third parties. SAFE is an API first, machine learning enabled SaaS platform that aggregates automated signals across people, process, and technology, both for first and third party to dynamically predict the Breach Likelihood of the organization and the dollar value impact a hack can have.
Partner Network
We are actively working with Distributors, Channel Partners and System Integrators across the APAC, Europe and US region and are expanding our reach aggressively. Our product is a SaaS solution and truly enables our partners to become trusted advisors for their customers rather than being box sellers.
Channel Empowerment
We began our journey with direct evangelical sales, but are now completely a channel driven organization. We really need partners to scale. Our product is a very senior level sale. This opens up the opportunity for partners to be more relevant, and meshes well with their own services.
We provide extensive technical training and empower our channel partners to have the right conversations with their customers to truly bring value rather than being a box seller. We are pioneers of a completely new category of products in cybersecurity - Digital Business Risk Quantification and it enables customers for the first time, to see an enterprise wide risk posture in real-time and the financial impact if a hack occurs. This brings a lot of opportunities for our partners as we grow and expand the market.
“Forescout solution actively defends the Enterprise of Things at scale”
Surojit Dasgupta, Channel Director, India & Saarc, Forescout Technologies Inc.
Measures to be taken for Cyber threats
The modern enterprise is an Enterprise of Things. The Enterprise of Things (EoT) is comprised of PCs, mobile systems, cloud workloads and other traditional endpoints, as well as non-traditional IoT and OT devices that cannot be discovered or managed by agent-based solutions. Many EoT systems are not company-owned or managed and, increasingly, they reside beyond the corporate perimeter. Forescout is the only solution that actively defends the Enterprise of Things at scale. Forescout delivers the only solution that actively defends enterprises by continuously identifying, segmenting and enforcing compliance of every connected thing. Forescout provides continuous adaptive protection based on real-time, cloud-scale risk analysis leveraging an extensive enterprise customer base combined with robust external data sources. Our Vision is “The Enterprise of Things. Secured.”
Solutions for sophisticated attacks
Our latest product innovations help accelerate Zero Trust adoption, enable IT-OT convergence, reduce threat exposure and contain breach impact. We had announced updates to eyeSegment and eyeInspect (formerly SilentDefense). We are also enhancing segmentation enforcement capabilities for organizations embracing IT-OT convergence via our eyeExtend modules.
Partner Network
Forescout works through a model of Value Added Distributors and Partners. We have three tiers of partnership namely Platinum, Gold and Silver. Each tier of partnerships have a revenue commitment along with sales and technical enablement and certifications guidelines to maintain the partnership level every year. We also have service delivery partners who have the highest level of certifications to ensure very smooth deployments which ensures customer satisfaction. With the network of our VADs and Partners we cater to almost the entire length and breadth of India along with our major Saarc territories of Sri Lanka, Bangladesh and Nepal.
Channel Empowerment
Enablement is a key pillar in our channel program. We have two dedicated Channel enablement specialist across our APAC territories who spend almost all their time working with partners on their enablement needs and delivering certification trainings. Before the Covid Pandemic we had multiple in person training session every quarter across the country for partner enablement . In the last one year of the pandemic we could not have any in person trainings but very very grateful to our channel community for always being in full attendance for all the virtual sessions we hosted.
Empowering security team with capabilities - The need of the hour
Sandip Panda, CEO, InstaSafe Technologies
Measures to be taken for Cyber threats
Cybersecurity experts and CISOs in an organisation are often asked the same question over and over: How do we stay ahead of these attacks? The answer is simple: Experiment.Educate. Empower.
• Cybersecurity as a business unit thrives on stagnancy. Companies and security teams tend to rely on old school methodologies and technologies when it comes to securing their networks. They are often resistant to new technology adoption and innovation, without realising that their nemeses are using all forms of neoteric interventions to break through their systems. In this scenario, it becomes critical for companies to experiment and adopt innovative technologies, and realise the fitment of these technologies with modern network needs.
• No matter how many measures and defenses you put forth, the human element in cyberthreats is always an intimidating presence, and will continue to be so. Attacks driven by human error lead the pack when it comes to cyber incidents. And the same happens because of a singular reason: Lack of Investment in Cybersecurity Hygiene training. Educating and Training the end-users on security awareness so they can understand when a suspicious activity takes place, can potentially lead to millions of dollars saved on threat detection and response.
• Without the presence of monitoring technologies that lend visibility across the network spectrum, security teams are left powerless, and are unable to fend off attacks. The need of the hour is to empower security teams with capabilities to monitor network and user activity, which can help them in realtime identification of threat vectors
Solutions for sophisticated attacks
Machine Learning attacks of this type often use a singular layer of protection. Once a set of credentials is compromised, attackers gain access to your network. But what if enterprises start using and implementing a system of continuous authentication and authorisation that leverages machine learning to assess the risk associated with every request for access, and limits access based on the privilege of the user? We end up with a system that trusts absolutely no one by default, and hides your entire network from the public cloud, granting restricted access only after a comprehensive process of pre authorisation and authentication. Essentially, InstaSafe’s Zero Trust Solutions endeavour to emulate these security principles. By securing all applications, whether hosted on the cloud, or on premise, with a robust security setup that individually assesses every request for access, and grants least privilege application access on a need to know basis, InstaSafe serves to minimise the attack surface that can be exploited by hackers.
F5 believes its partners need to be constantly reinventing themselves to make sure they handle enterprise-grade, complex projects
Dhananjay Ganjoo, MD - India, SAARC, F5
Measures to be taken for Cyber threats
Today, our world looks vastly different. The pervasiveness of the Internet, the ubiquity of mobile devices, the rise of social media, and dramatic shifts in web and cloud-based technology have changed, everything about the way we live, work and do business. Applications are at the heart of this ever-changing landscape; they power almost everything we do, and they are everywhere now. In addition to leveraging threat intelligence, there are a few key areas to concentrate on that will dramatically improve your security program and risk mitigation measures. Train Everyone from Administrative Staff to the Board: - Everyone is responsible for security, and awareness training makes everyone more alert. Train your users aggressively to recognize and avoid spear-phishing attempts. Help them understand the importance of proper password management (and the risks associated with not doing so) and provide tools such as Password Safes.
Understand Hackers Motivations Targets and Tactics: - They range from unskilled newcomers who are only interested in wreaking havoc to those who are motivated by social and political agendas. The vast majority of today's hackers, on the other hand, are cybercriminals motivated solely by monetary gain. And, despite their reputation for perpetuating sophisticated schemes, many of their methods are decidedly unsophisticated. They eventually take the path of least resistance the easy targets and why should not they when so many organizations make it so easy for them.
Have a DDOS Strategy :- The DDoS attack landscape has rapidly shifted from complex, expensive attacks launched only against high-value targets, to low-cost bots with plug-and-play attacks, to the new reality of IoT botnets that are simple to build and capable of launching terabyte-per-second attacks.
Channel Empowerment
F5 plays an important role in helping enterprises address the issues related to application performance, infrastructure scalability, and data centre security. Our programs are designed to build a robust ecosystem of partners and distributors capable of building profitable businesses around F5’s capability. With different consumption models on offer, a massive uptick in software/cloud-based deployments and the increased relevance of application security in today’s digital environment, F5 believes that its partners need to be constantly reinventing themselves to ensure that they have the required skills to be able to handle enterprise-grade, complex projects. With so many technologies to offer, F5 encourages its partners to focus on New Logo acquisition while ensuring that partners continue to invest in building skill sets that enable them to configure and troubleshoot. Not only are partners appropriately rewarded monetarily, but the program also helps build highly profitable recurring services revenue which adds to the bottom-line of the organization. Also, each partner qualifies for the Unity + program based on revenue, competencies, and Demand Generation.
Vehere’s solution takes advantage of both AI/ML and, policy-based automation to deliver actionable insights
Praveen Jaiswal, Founder & Director, Vehere
Measures to be taken for Cyber threats
Businesses must understand that for them to stay ahead of cyber-threats, there is a pertinent need to have a clarity on the exposure first. The knowledge allows them to prioritize risk assessment and treatment plans. Anything that is out of this fundamental cycle is like jumping the queue and the more queues you jump, more gaps open up. Always follow the exposure and workflows to gain insights into your risks.
Solutions for sophisticated attacks
Attacks using AI/ML are real. Data-poisoning is a good example that corrupts the baseline being built by ML tools thereby allowing the attacker to have a free run. It is therefore important to have a hybrid approach – a combination of AI/ML to discover true unknowns and, an effective situational awareness – knowing the normal from deviations. Vehere’s solution leverage both AI/ML and, policy-based automation to deliver actionable insights from situational awareness. Since network is the conduit that carries data, listening to the network provides comprehensive visibility into exposure, assets and, entities – something best suited when you are dealing with connected devices. Using statistical anomaly detection techniques, you can observe changing behaviour of these entities and consequentially risk arising out of the changing patterns.
Best Practices
Organizations using fleet management need to ensure that the transmission of data is secure and tamper proof. Cryptography is and must be employed for such information exchange. In addition to that, heuristics and analytics should be employed to detect presence of rogue actor.
Partner Network
Vehere partners with major Systems Integrator and has a network of reseller and support partners in the country. Our products use standards-based integration with technologies deployed in the enterprise to enable faster response and, deliver a compelling value to the buyers. With two distributors supporting the partner network, we have managed to reach all corners of the country.
Channel Empowerment
Vehere’s is a Channel’s First strategy. We assist them to identify market needs, industries based on their core strengths and, support their endeavours in creating the right buzz for their audience. In a nutshell, it is all about giving our channel better tools to communicate the right message and build simpler products to sell. We want to be known as a full security platform company with a hub and spoke model. Also, continue to build channel leverage and new customer momentum.
A channel specific discount structure and empowering them to qualify opportunity, perform proof of valve (POV) trials.
“The need of the hour is an integrated platform using machine learning and AI to lift the burden off cybersecurity teams”
Harpreet Bhatia, Director, Channels and Strategic Alliances - India and SAARC, Palo Alto Networks
Measures to be taken for Cyber threats
At Palo Alto Networks, we are walking the talk by fully leveraging our own cloud-delivered network security product, Prisma Access, to securely connect all employees to the applications they need. Based on a cloud-native implementation, we have recently also introduced Enterprise Data Loss Prevention (DLP)—a cloud-delivered service that brings a fresh, simple and modern approach to data protection, privacy and compliance.
We have also transitioned our internal Security Operations Center (SOC) to a remote model in which all our analysts are working from home—the SOC is fully operational and continues to monitor for threats as our own user population shifts to remote work via Prisma Access.
Solutions for sophisticated attacks
The biggest risk in cybersecurity today is that organisations cannot keep up with the amount of work it takes to be secure. The people on cybersecurity teams in today's enterprises are overloaded as they are manually responding to sophisticated and advanced attacks mounted by an adversary (hackers) using machine learning algorithms to scale attacks that can only be prevented by comparable techniques using AI and ML.
In this sophisticated threat landscape, one cannot be reactive. In fact, one must be proactive as well as predictive at the same time. The need of the hour is an integrated platform using machine learning and AI to lift the burden off cybersecurity teams. Using AI, the frequently observed threat data and multiple threat feeds can be automated and left to ML algorithms which can decipher attack patterns, leaving the cybersecurity teams to spend time on advanced threat hunting. Our network perimeters are typically well-protected, and organisations have the tools and technologies in place to identify threats and react to them in real-time within their network environments.
The cloud, however, is a completely different story. There is no established model for cloud security. The good news is that there is no big deployment of legacy security solutions in the cloud. This means organisations still have a chance to get it right. We can fix how to access the cloud and manage security operations centers (SOCs) to maximise ML and AI for prevention, detection, response and recovery. With an integrated platform, organizations can still use a wide range of tools, but they can coordinate them, manage them centrally, eliminate silos and ensure that all across the organisation, they are fighting machines with machines, software with software.
Only with an integrated platform can cybersecurity teams leverage automation to rapidly monitor, investigate and respond across multi-cloud environments and distributed networks that encompass users and devices around the globe.
Sophos’s wide range of products and services keep its customers ahead of adversaries
Sunil Sharma, Managing Director – Sales, Sophos India and SAARC
Measures to be taken for Cyber threats
The Sophos 2021 Threat Report flags how ransomware and attacker behaviours, from advanced to entry level, will shape the threat landscape and IT security in 2021. To defend against these attack trends, organizations need to have three main pillars in their cybersecurity:
1) Next-gen security solutions that provide layered security to prevent threats and unwanted software from infecting their devices and networks
2) A managed service that continuously monitors environments for organizations that don't have a security team
3) Cybersecurity awareness within organizations (i.e., phishing awareness training)
Solutions for sophisticated attacks
Sophos has a broad portfolio of products and services to protect our customers from all kinds of cyberattacks ranging from mass attacks to the targeted ones. We have expanded synchronized security, where security solutions share threat intelligence and act as a system, to our whole portfolio. We have taken it to the next level with Sophos Adaptive Cybersecurity Ecosystem (ACE). ACE is an ecosystem of Sophos and non-Sophos products that feeds information into a data lake. This entire ecosystem helps us to detect suspicious behaviours and incidents faster and respond automatically with the help of AI.
We have a next generation endpoint protection product called Sophos Intercept X and an Endpoint Detection and Response product called Sophos Intercept X with EDR, used by advanced threat hunters to do security operations. We also offer Managed Threat and Response (MTR), which is our threat hunting service for organizations that don’t have threat hunting capabilities. Under this service, our security practitioners will monitor customer environment 24/7 and take actions to neutralize threats.
We have an emergency incident response service called Rapid Response, aimed at customers hit with an attack to help them get through the incident and minimize damage. We have just released a new next-gen firewall dubbed XGS to inspect encrypted traffic on the network security side. Cybercriminals are using TLS encryption to hide their malware, and we have precise capabilities to inspect this traffic at wire speed, which is something most firewalls can’t do.
There are a range of exciting products and services at Sophos to keep our customers ahead of adversaries.
CyberArk encourages organizations to adopt an ‘assume breach’ mentality
Rohan Vaidya, Regional Director of Sales – India, CyberArk
Measures to be taken for Cyber threats
Successfully staying a step ahead of attackers means adopting a strategy in advance that recognises that breaches are inevitable and will affect your organisation at some point. At CyberArk we encourage organisations to adopt an ‘assume breach’ mentality.
We advise that customers identify what is most valuable to their organisation, then put in place privileged controls that help contain attackers - when they have entered your network - from accessing and compromising what is most valuable to the organisation.
Channel Empowerment
Today’s security and compliance environment is complex, and no single vendor can solve the entire problem. CyberArk take a competency-based approach to help ensure partners are empowered and, in turn, customers are successful using our Identity Security platform to take on today’s threat environment.
We have created dedicated training paths and certifications for both sales and technical engineers, addressing all aspects of the buying cycle. Training types include self-paced online learning, virtual classroom and face-to-face classroom training.
Our services organisation offers a combination of technology and cyber security expertise to support partner implementations, and a broad set of tools and support are offered to partners to build demand and help create differentiation in the market.
“Check Point provides customers of all sizes with the latest security solutions across the data center, edge and cloud”
Measures to be taken for Cyber threats
• Adopt real time prevention rather than just adopt a detection approach: Vaccination is better than treatment – even when it comes to cyber security. Real-time prevention of threats, before they can infiltrate the network, is the key to blocking future attacks.
• Secure your everything: The “new normal” requires organizations to revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and PC devices, IoT etc. The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers and serverless applications on multi and hybrid cloud environments.
• Boosting visibility makes a huge difference: So many changes in the company’s infrastructure present a unique opportunity to check security investments. The highest level of visibility, reached through consolidation, will guarantee the best effectiveness.
• Cybersecurity cannot be reactive or incident driven - rather there has to be a proactive focus towards security.
• Recognize that cybersecurity is the responsibility of everyone within the organization, from the CEO down to the employees. It is not just an issue for the CIO or CISO to solve.
Partner Network
Check Point has a vibrant channel ecosystem across the country. Our main goal is to continue evolving our partner network, so as to maximize reach and serve our customers better. In addition, we are always looking to diversify our partnerships by collaborating with partners who specialize in integration, cloud, pure play cyber security, managed services, etc. At Check Point, we strongly feel that there is tremendous opportunity working with partners whose competencies include selling advanced technologies or developing new market segments.
Check Point provides customers of all sizes with the latest security solutions across the data center, edge and cloud via an integrated next generation threat prevention platform, reducing complexity and lowering the total cost of ownership. CheckMe is a fast security assessment tool our partners can run in their customer environments w
