Cybersecurity Isn't One Size Fits All

by Sohini Bagchi    Nov 24, 2015

raja mohanty

Cybercriminals are becoming more sophisticated and collaborative with every coming year. Despite organizations deploying security solutions to keep cyber attacks at bay, they often fail to defend themselves against attacks. This clearly shows that cybersecurity is not a one size fits all but needs a lot more customization, believes Rajat Mohanty, CEO & Co-Founder, Paladion Networks. In a recent exclusive interaction with CXOtoday, Mohanty, an IITian and entrepreneur, discusses the trends and future of information security with a special mention of how Paladian is playing an important role in this space.

How has cybercrime changed over the last 5 years?

There has been a shift in both- the type of attackers and the nature of attacks over last 5 years. Attackers today are far more organized. There are groups involved today with lot for exchanges and coordination amongst attackers. Secondly, there is emrgence of nation state as another category to defend against.

Due to better organization and more resourceful attackers, the nature of attacks too have changed. Its no longer about single attack but a series of activities targeted against an organization to gain valuable data or carry out fraud. Single attacks have changed into attack campaigns which can be long drawn with very specific financial objectives and targeted against individual organization.

What cyber security challenges might organizations anticipate in 2016?

When an organization is up against targeted attacks from well funded groups, prevention can be very difficult. Attackesr can always find ways to bypass the preventive controls. The need therefore is to complement with strong and pervasive security monitoring. There will always be some indicators of security violations in a long attack campaign and the security monitoring can help in picking up these indicators. The main challenge will be in setting up well rounded security monitoring system with tools, skills and incident management processes.

The other challenge will be in protecting the endpoints and variety of devices that users are going to use within the organization’s network. Majority of attack campaigns begin with compromising the end points. Organization’s will need to enhance their capability to detect such compromises at end points with use of additional technologies complementing their Anti-viruses.

Paladion has currently listed 22 security services like monitoring, security  testing, access management, malware, encryption, data leakage for enterprise. Can you throw some light on this.

Paladion provides a full suite of security management to tackle growing cyber threats. Cyber security needs to be managed at multiple fronts- people, data, network, IT assets, IT processes. Managing security risks in isolation with processes and technologies working in silos prevent organizations from having a full visibility on threats. Paladion therefore provides a wide variety of offerings that can all work in integrated manner to provide unified risk and threat management.

The investment made by the company into its new Global security operation center. What would be the expected growth from the center?

To address the need for continuous threat detection and fast response, Paladion has invested into building advanced security intelligence product and creating Global security operation center. This center actively collects threat information across the globe and uses that to proactively protect our Clients. The center also houses over 250 security skilled professionals to provide deep threat detection and rapid incident response. The Global SOC is driving Paladion’s growth plan of doubling its revenue in 3 years.

What is Paladion’s key focus, expected revenue for the 2015-16?

Paladion’s key focus is to provide deeper security protection across the 3 areas of threat management, vulnerability management and compliance management. To enable that, Paladion has invested in advanced security technologies that helps in better discovery of risks and prioritized remediation of security weaknesses. The expected revenue for the current financial year is USD 35 million.

What impact with respect to cyber risk will the growth of connected devices have on the CIO’s role?

The growth of connected devices will further decentralize the data collection and storage. Data is a valuable assets for current attackers and there will be need to provide high security levels to all connected devices. Technology solutions as well as security processes are still maturing in this area and CIO’s will have the challenge of identifying the risks and creating right security architecture for end devices. Readymade templates for security are yet to be in place for CIO’s to deploy. They should realize cybersecurity isn’t one size fits all, so it will involve greater level of customization.