Cybersecurity Needs A Concerted Effort

by Sohini Bagchi    May 13, 2014

murali

Businesses across the world are witnessing significant evolutions in the cyber-threat landscape. In an exclusive interaction with Murali Ramalingam, Country Manager and senior Director of sales, Ixia, shares his broad cyber perspective on how executives can best protect their organization’s most vital information today and into the future.

Cybersecurity has been around for some time. Why is it particularly important in current times?

What’s different from five years or even two years ago is that more and more critical business functions are online. Doing business “online” now no longer means having an ecommerce store front. Today, everything from education to banking, and from entertainment to social interactions happen online. Corporations are also keeping key intellectual property on networks as well as sending confidential and competitive information via email on a minute-by-minute basis.

While individuals and businesses are increasingly relying on online presence for critical day-to-day interactions, this means that there is a wealth of information that is readily available for hackers to access. As the amount of information online grows, the number and sophistication of hackers grows along with it and so does the need for comprehensive cyber security. As this happens, the criminal aspects of cyber crime are becoming big businesses, and they are a risk to our use of networks. Cyber security technologies and techniques are having to evolve rapidly to address these changes and risks.

 With people like Chelsea Manning and Edward Snowden significantly altered the cyber landscape, what would be the key lesson for organizations/government?

The major lesson learned is that organizations need to think very carefully about what valuable information they have and what they are doing to protect it. Anyone who has access, both electronic and physical, becomes a security risk. There must be a lot of thought and effort put in to protecting information, from the encryption, to network security to access controls. Additionally, there is a greater level of staff/employee education needed on cyber security risks and how to safeguard critical information.

Who in the organization should be in charge of making cyber security policy – CIO/IT department, CISO or the entire C-suite? And why?

Cyber security policies should be a concerted effort from all stakeholders to ensure a secure cyberspace besides protection of critical infrastructure in an organization. The CSO or CISO should create the policy with influence and knowledge gained from the IT department. From there, the full C-suite should review, ask critical questions to ensure the validity of the policy, and then approve the final policy. 

What’s the biggest challenge in managing security issues in a company. Where is the gap and how to close it?

The cyber threat landscape is evolving, and with it, attackers are becoming increasingly sophisticated – both with techniques and with technology. One of the biggest challenges today is staying ahead of these attackers – again from both a technology innovation standpoint as well as from an attacker technique perspective.

With changes in networking technology and changes in attackers, these hackers are looking for any small vulnerability that they can exploit in order to gain access to valuable and private data. Technology adoption, vulnerabilities in current IT products and in user behavior all become very big threats to closing security gaps. Organizations need to ensure that their security systems and policies work – and the best way to do that is to test the infrastructure against the types and volumes of traffic the real-world network sees.

There are so many cyber security vendors in the market. Big names are always in an advantageous position. How can a mid-sized or small security vendor make a dent here. What is your USP?

Big names may have an advantage when it comes to recognition of brand, but much of security innovation comes from small-to mid-sized companies that are innovative and growing.  Security is a rapidly changing area and needs technologies that can be just as nimble when it comes to developing the products that can stop hackers in their tracks.

Ixia not only works with enterprises, service providers and government organizations to ensure their networks can withstand the traffic mixes and loads that are common today, but we also work with network equipment manufacturers to ensure that the security products they sell can withstand the same load and mix of traffic. Ixia security solutions leverage the Application and Threat Intelligence (ATI) program to simulate over 245 applications and 35,000 malicious attacks. The information provided with Ixia’s security solutions gives our customers the actionable security insights needed to ensure their products and networks are resilient.