Cyber Crooks See Much Opportunity In The Digital Playground

by Priyanka Pugaokar    Dec 01, 2016

Sunil Sharma

Businesses today are using disruptive technologies to attain maximum business agility in their business. However, while leveraging on these digital tools, most of the times, the security aspect lacks behind. 

In a scenario where cyber criminals are on a regular hunt of loopholes in the security system to launch a massive attack, it is inevitable for CIOs or CISOs to beef up the security around the modern technology they deploy or intend to deploy in their organizations. 

The cyber security awareness is rapidly rising among the establishments in India. However, the security spend is still less than 5 percent in the overall technological expenditure. India is rapidly heading towards digital economy and at the same time it is also one of the prime targets of cyber criminals. Therefore, cyber security needs a proactive approach from the IT managers to mitigate both internal and external threats. 

In a candid interaction with CXO Today, Sunil Sharma, Vice President, Sales, Sophos India and SAARC lists out the priorities of enterprises in terms of cyber security preparedness and also gives a forecast on the trends that will be prevalent the security domain in 2017. 

According to the recent SophosLab research, India, ranked fifth in terms of highest percentage of endpoints exposed to malware attack. How will you describe the current security landscape in the country?

Yes, our vulnerability to threats stands at 16.9 percent, which is amongst the highest in the world. Data privacy and data security are the top concerns of companies globally. With India being ranked as one of the top 5 targets of endpoints exposed to malware attack, CIO’s and CSO’s in India too are searching for solutions to manage their risks. 

From our perspective, the risk that cyber-attacks face are being acknowledged by large number of businesses but when it comes to synching it with business operations, cyber-security protection doesn’t find any takers. Organizations not only lack integrating security with business operations, but also find it difficult to assess the risk, respond effectively to an unwanted situation as well as logging the incident and reporting it to the concerned authorities. In fact what is alarming is that investment in cyber defence mechanism contributes less than 5 percent of the total IT expenditure.

What are the complex cyber-security threats that are largely present in India? How do you see the preparedness of enterprises to tackle these cyber threats? 

India’s high economic growth rate, adoption of digital technology, makes it a big target for attack. SophosLabs has seen instances where attacks may be localised with cultural reference, local language and other tactics to target a particular country – local malware for local people.

Phishing is a huge threat to the world today. It is a technique whereby the crooks try to hook the bait into their trap of malicious malware using the humble electronic mail. And if this was not complex enough, we have HD Phishing – where the crook knows who you are and what you do and makes a custom made trap for you to fall prey

Ransomware, which is an after effect of phishing, is giving our enterprises a hard time. Data collected at recent Sophos webinars found that at least 55 percent of the organizations surveyed in India (790 organizations) had been attacked by a form of ransomware.

In spite of the high stakes, enterprises’ approach to cyber security is still reactive. They not only need to deploy security solutions that work together as a system, they need to educate their workforce of best security practices. 

According to you, what are the major pain points of CIOs and CISOs in terms of security framework? What are the necessary steps that need to be taken by digital businesses to mitigate risks?

According to the KPMG survey on cybercrime, spends on cyber defence is less than 5 percent of IT spend. Organizations, whether big or small, have to look at a more proactive and synchronized approach to security rather than isolated or standalone security solutions to ensure that security works as a system to effectively combat today’s threats.

It’s increasingly evident that cyber-crooks are becoming better at breaking into systems and security always has to stay a step ahead of them. Yet, all of this isn’t the result of any remarkable advances in malware. It’s mostly due to tricking users into handing over the keys to their kingdom. Creating awareness amongst the employees in the organization is a difficult feat for the CIOs and CISOs to achieve. Involving and empowering employees could help in mitigating the risks to a great level. 

I believe that phishing and ransomware attacks will be the top concerns of our CIOs and CISOs. It has become increasingly important for them to deploy synchronized security solutions and increase awareness levels of these attack vectors.

According to SANS survey 66 percent organizations lack incident response skills – a must to ensure minimum damage to property in case of an attack. Enterprises need to deploy security solutions that talk to each other instead of working in isolation. 

How are the technologies such as Cloud, IoT and concepts like BYOD disrupting the cyber security landscape worldwide?

Digital advancements like Cloud, IoT and BYOD is throwing open a new set of issues. IoT is a powerful tool that can enable several digital devices and communication between them. And this connectivity makes a large number of endpoints easily accessible through a single link. The factors like enterprise mobility and BYOD provide a green field to insider cyber crooks. So, instead of ONE device, now the organization is vulnerable to attacks from multiple. Due to these emerging advancements the opportunities for cyber criminals are increasing.  As a result, we are seeing more attacks, more successful breaches, and increased data loss.

While looking at the security industry from a larger perspective, how do you see the growth of UTM and Firewall market in India? What technological advancements have taken place in these segments in recent years? 

UTM is the fastest growing market in security space globally - which in turn - is also the fastest growing market segment within the IT industry. Various analysts valued the UTM market at more than US$1.5 billion in 2013, growing at 15 percent CAGR every year. The next gen firewall market viewed separately - which probably should not be the case- makes it a colossal US$3 billion market. I don’t think hardware security appliance business will slow down soon. With Sophos’ total billings growth for India at 37 percent for FY 16 over FY15, Sophos in India is growing at a faster rate than the overall company, demonstrating the opportunity in the India market.

With businesses shifting to cloud-based email for both infrastructure and security services, Email security has gained a lot of significance. Sophos has recently announced expansion of Sophos Central cloud-based management platform with Sophos Email. How will this ensure robust email security? 

Email is a popular choice for cybercriminals targeting businesses. Different types of threats such as phishing, ransomware etc. are regularly getting past the protection built into the most widely used cloud based-email services.

Sophos Email is a secure email gateway engineered to keep businesses safe from all email threats. It simply stops spam, phishing, and malware and data loss and keeps your people productive. And if want to consolidate protection it lets you control email security alongside endpoint, mobile, web, and wireless protection from Sophos Central’s single interface.

There has been increasing targeted attacks on Android, IoS and Windows based devices. What security solutions you have come up with in this space?

We have an award winning free to use security solution for individual users, Sophos Home, that protects up to 10 home computers – PC or Mac. It includes the same antivirus, malware protection, and web filtering technology trusted by hundreds of thousands of businesses. 

Then there is free to use Sophos Mobile Security for iOS that contains Authenticator to manage one-time passwords for multi-factor authentication, QR Code Scanner which blocks malicious content that may be hiding in QR codes. Sophos Mobile Security for Android detects malware and blocks potentially unwanted apps and online threats. It also protects against loss and theft with remote lock, wipe, and locate.

Sophos also offers free to use Malware Removal Tool that removes viruses, trojans, rootkits, spyware, and other malware. They are easy to use and no setup or installation is needed separately. The Virus Removal Tool identifies and cleans up infections, viruses, Conficker, rootkits, and fake antivirus that the installed antivirus solution might have missed. And, it works well alongside the existing antivirus. 

While the cyber-crime industry is rapidly growing, the dearth of cyber-security professionals is one of the biggest challenges in India. How do you address the issue?

Lack of cyber security professionals is one of the biggest challenges we face in India. In fact, the demand for cybersecurity professionals is outpacing the supply of qualified workers. According to NASSCOM, at present we only have about 50,000 cyber security professionals in India and we require 1 million cyber security professionals by 2020 to meet the demand.  Ideally, we should be training 77,000 security researchers per year. But the current supply is only of a mere 15,000 professionals. The reason behind this lack of skilled professionals is largely the absence of awareness, effective training, and preparation. 

Security research is often used synonymously with hacking. And the general perception concerning hacking among most people in India is pessimistic—often hacking is conceived as an unlawful activity. On the contrary, security researchers help in discovering diverse security vulnerabilities faced by several private and government sector organisations, which goes unsung on most occasions.

DDoS and ransomware attacks dominated the security industry in 2015-16. What is your security prediction for the year 2017?

We see a global trend towards increased number of sophisticated attacks even in 2017. Ransomware will continue to be a hot as not all businesses have deployed anti-ransomware technology and some are not backing up data on a regular basis. 

We see a lot of social engineering threats continuing to be popular in 2017 including HD phishing (high definition phishing. In this type of attacks hackers buy data from known breaches and use that data to create very convincing phishing emails), as well as document and macro malware. Exploit kits will continue to be popular as we enter 2017 – these kits enable all kinds of hackers to easily leverage pre-built hacking tools, select whatever targets they prefer, and drop any kind of attack on systems from ransomware to data stealing malware to remote access Trojans. 

Finally, we will see an increase of “in-memory” attacks in 2017. These are very insidious types of attacks that instead of dropping a payload (i.e. adding or change a file) they infect system files in memory and start attempting to send data outside the organization. Sophisticated traffic detection security software, like that available from Sophos, can stop this type of attack, but many other companies will miss this type of malware.