Cyber Security: It's About Creating A Strong Defense Mechanism

by Sohini Bagchi    Dec 02, 2016

sanjai

The IT security industry is clearly responding to an ever increasing number (and complexity) of attacks. In a recent conversation with CXOtoday, Sanjai Gangadharan, Regional Director, SAARC, A10 Networks, explains that as cyber-attacks take various forms, it is important to understand all the possible modes of assault, and guard against them. Most importantly, he recommends organizations to set up strong defensive mechanisms around critical infrastructure. Excerpt.

- What is driving cyber security spending in India?

In the past, cyber security wasn’t given a considerable thought as it mostly revolved around keeping viruses away from computers. However, today that has changed drastically as cyber-attacks are a heavy burden straining government agencies, businesses and individuals alike. With businesses, especially in India, increasingly being targeted, organizations are investing fiercely in safeguarding their digital assets. With cyber security breaches in organizations over the past year in India swelling up to 117% and losses incurred reaching 135%, it comes as no surprise that cyber security spending in India will touch $1.23 billion in 2016. This clearly showcases how badly organizations were affected and have taken effective and constructive steps in combating this menace. The government recognizing the need for a robust cyber security program is increasing cooperation with US and UAE to strengthen India’s cyber perimeter.

- Does spending more on cyber security help enterprise build a safe environment?

With government initiatives like Digital India, Smart Cities and Start-up India all of which escalates the internet user-base thereby increasing the potential of being a target of cyber-attacks. Therefore it is imperative for government agencies and private organizations to step up their cyber security measures. To put it literally cyber-attacks come in any shape and size and as there is no comprehensive solution or product that can shield organizations from all these attacks, organizations have to adopt and setup multiple defence mechanism. This requires an ample amount of monetary investment to upgrade their security measure, however considering the financial brunt that organizations could otherwise face in the absence of a sturdy cyber security.

- A10 recently commissioned a study on the cost of cyber-attacks vs cyber security solutions. What would be the lesson for CISOs from the study? Can you throw some lights on it?

We had recently published a survey report in partnership with Ponemon Institute which showed that nearly 80% of organizations in North America and Europe were victims of cyber-attacks of which nearly half of the cyber-attacks used malware hidden in encrypted traffic to evade detection, this clearly highlights the challenges professionals in organizations face in preventing and detecting cyber-attacks. The cost of cyber-attacks has been growing exponentially in the last decade, quadrupling between 2013 and 2015. Due to data breaches, it is expected to quadruple again between 2015 and 2019 to reach USD 2.1 trillion globally. In other report by Kaspersky Lab shows how a single cyber security incident costs large businesses $861,000 while its costs small and medium businesses (SMB) $86,500.

Looking at how dearly it costs organizations it’s advisable for them to invest in cyber security solutions significantly, as this will cut down on their losses considerably. Hence, having a thorough understanding of the financial impact due to cyber-attacks can help organizations gauge the appropriate amount of investment and resources needed to minimize and mitigate the consequences of an attack. 

- How can Indian enterprises best prepare themselves from a security perspective in the near future?

Of late, two types of insidious cyber-attacks have been gaining traction: Encrypted threats and Multi-vector DDoS attacks. Regarding encrypted threats, most organizations deploy dedicated security devices that provide in-depth inspection and analysis of network traffic.  However, these are rarely designed to decrypt and re-encrypt SSL traffic at high speeds, rendering most of them ineffective in stopping potential threats. With speed being imperative, offloading complex SSL operations such as processing decryption and encryption in gigabits per second with virtually zero latency becomes critical as volume of data scale up.  Businesses need to put in place SSL inspection solutions that offer scale and performance and are compatible their existing third-party security devices such as a firewall, intrusion detection system or forensics tool. This is the best solution to improve the effectiveness of exiting security.

As for DDoS, most enterprises have existing DDoS security solutions that are unable to handle the attacks volume and or lack the granularity of control to manage the complexity of multi-vector DDoS attacks effectively and affordably.  And because of the inability to adapt quickly to new attack vectors, some organizations respond to the rapid CPU depletion and poor scalability by adding more resources or rack units, which end up being costlier.

The best protection against multi-vector attacks is hybrid protection which is on-premised with a cloud bursting option. The on-premise solution should have the ability to offload common attack vectors to specialized hardware, and has multicore, powerful CPU cores that can focus on complex application layer attacks, which requires very resource-intense deep packet inspection (DPI) processing.   Meanwhile the cloud bursting option is needed to handle volumetric attacks that exceed network capacity.

- With so many enterprise security players in the market, what is A10 Networks’ USP for customers?

A10 Networks offers a range of security solutions built on the Advanced Core Operating System (ACOS) that leverages a shared memory architecture and efficiently utilizes multi-core processors, allowing customers to meet rapidly growing application networking performance scalability requirements. With A10, customers can inspect SSL traffic without degrading security performance. Also, we offer an all-inclusive licensing where customers get multiple features in one product, ranging from application acceleration to protecting the business from malicious threats that can steal data or disrupt access, be it inbound or outbound.