News & Analysis

Cultivating a cybersecurity culture will help businesses to sustain in the digitally evolving world

India has made significant progress in its digital transformation journey and is poised to advance further over the next decade. The recent launch of 5G network is a testimony of India’s accelerated digital transformation curve. While automation and the adoption of emerging technologies are increasing across industries, ransomware attacks, data breaches, and other cyber-related threats are also surging rampantly. For threat actors, India offers a lucrative opportunity with its burgeoning economy, sizable corporate population, and rapid digitization. With the growing menace of cyber-threats coupled with hybrid working models, organizations are emphasizing on making sure they don’t fall victim to such hostile attempts and safeguard their sensitive data. With October being recognised as “Cybersecurity Awareness Month”, here are a list of technology leaders sharing their opinions on what it takes to create a cyber-resilient company and a cyber-aware workforce.

 

Anand Jain, Co-founder and Chief Product Officer, CleverTap

India is one of the fastest growing markets for digital technologies fuelling the government’s ‘Digital India’ initiative and the vision for India to become a developed nation by 2047. To be able to achieve such a feat, it would require India to become a technologically advanced powerhouse that has especially championed cybersecurity. The nation currently has over 1.15 billion phone users and 700 million active internet users, creating a sizable pool of digitally vulnerable targets. According to Google, 18 million cyberattacks and 200,000 threats were made against India in the first three months of 2022.

Cyber threats have become more complex than ever. Malware, viruses, trojan horses, spyware, backdoors that allow remote access, distributed denial of service (DDoS) attacks and DNS (Domain Name System) poisoning attacks, are just the tip of the iceberg. Adopting a Zero-Trust security framework should be every organization’s priority to combat these ever increasing threats. At an individual level, citizens should be privy to multi-factor authentication (MFA) and must adopt the method to secure their internet accounts. Netizens must be aware of the most common hacking techniques- phishing, vishing and shimming- to be able to safeguard themselves against cyber criminals. Keeping complex passwords will also decrease the chances of being targeted. More importantly, governments, enterprises and educational institutes must promote cyber awareness drives to educate all citizens, because the wars of today are already being fought online. 

 

Nitha Puthran, Senior Vice President – Cloud, Infrastructure & Security, Persistent Systems Ltd. 

Cyber security organizations have been increasing the number of tools and technologies they deploy to protect their environment and detect threats. With all these technologies, which are good at detecting critical cyber security threats based on logic built into each tool, one of the unintended consequences has been keeping up with all the alerts being triggered in their SOC. This leads to alert fatigue and reduces the time to detect and respond to real attacks.

In order to minimize the time it takes to remediate these threats, it requires breaking down the silos between security areas. To accomplish this, you need an integrated framework to connect the silos, share information and bring the different expertise across security domains together. The result of this integration is to prioritize and quantify alerts based on the business context. An organization can then validate the probability of exposure and exploitation on an ongoing basis. 

 

Rajesh Garg, EVP, Chief Digital Officer & Head – Cybersecurity, Yotta Infrastructure

With technology playing a pivotal role in business continuity, one cannot ignore the importance of cybersecurity. While businesses are unlocking new levels of digital transformation, they are also at risk of exposure to an evolving and complex cyber threat landscape. The growing instances of cyberattacks are alarming for businesses, especially when digital assets have seen exponential growth in the recent years. Organisations must safeguard their digital footprint across all layers of their infrastructure. Our newest portfolio of comprehensive as-a-service cybersecurity solutions, Yotta’s Smart Cybersecurity Services suite, can equip enterprises with holistic, robust cybersecurity. As a result, they can safeguard their critical assets and relieve their teams from the mind-numbing task of gatekeeping their IT environment.”

 

Ravisha Chugh, Principal Analyst, Gartner

  • The importance of cyber awareness:  Cyber awareness is extremely important as there has been rise in data breaches caused by social engineering attacks which no single technology solution can detect.  Therefore, you need a combination of technology, process, and user awareness.
  • What are new emerging cyber threats that common people should be aware of, and how can they protect themselves: One of the most common threat these days are phishing scams ranging from email-based phishing to smishing (SMS Phishing) and social media phishing. Attackers are intelligent enough to persuade common people to collect personal and financial information. These types of attacks are difficult to detect and so the last line of defence is always the user.
  • Quick top-line trends in the cyber security space:
  1. Identity Threat Detection and Response: More and more we are seeing that attackers are now actively targeting the credentials and passwords. This can be managed through ITDR which includes multiple products like MFA tools, PAM tools Account takeover fraud detection tools etc.
  2. Vendor Consolidation: Across multiple security domains, security technology convergence is accelerating driven by the need to reduce complexity, leverage commonalities, reduce administration overhead and provide more effective security. As a result, 80% of SRM leaders are now looking to consolidate their security spending with fewer vendors.
  3. Beyond Awareness: Many Security and risk management leaders are enhancing their security awareness programs by moving beyond traditional security awareness programs and investing in holistic security behavior and culture change programs.

 

Umesh Bhapkar, Senior Director – Technology, Synechron

Businesses today have made significant investments in creating a strong security infrastructure to safeguard their data as well as their companies. Endpoint Security, Zero-Trust Security, Multi-factor Authentication, etc. are just a few of the solutions adopted by a majority of the organizations. Maintaining data security and privacy are of the utmost importance to Synechron particularly because a significant part of our work largely caters to the BFSI sector. We have employed a ‘defence in depth’ strategy, which involves creating multiple layers of security around critical data and information belonging to our firm.

To swiftly identify and handle any security breaches, our Security Operations Center (SOC) continuously monitors security operations. We regularly conduct vulnerability assessments and penetration tests to identify any gaps in our network and IT frameworks. As part of our cloud security, we use Web Application Firewall (WAF) and Cloud Security Posture Management (CSPM) technologies. We have deployed Privileged Access Management (PAM), a combination of tools and technologies to safeguard, regulate, and keep an eye on who has access to vital data and resources. We regularly assess our security posture with the help of unbiased security rating organisations like Bit Sight and Security Scorecard.

In addition to Implementing policies and having technical controls, it is also crucial to have a workforce that is cyber-aware and vigilant. Employees with little knowledge of cybersecurity, or a lax approach, can pose a threat since they can easily fall prey to phishing schemes and social engineering attacks. To educate staff members of their responsibilities in the battle against data security breaches and make them cyber resilient, we have created a variety of Information security awareness campaigns including mandatory bi-annual security trainings followed by security quizpop up quiz during our intranet portal access, monthly phishing simulations to detect and train vulnerable employees amongst several other initiatives.

 

Venkat Krishnapur, Vice-President of Engineering and Managing Director, Trellix India

“Cybercrime has become increasingly sophisticated, oftentimes infiltrating our workplaces and personal lives alike with relative ease. With a cyber-attack being reported every 40 seconds, it is critical to educate people on how they can be potential targets and ways they can safeguard themselves. From an India context, with an exponential increase in the use of digital applications for a variety of purposes and taking into account a fairly large section of Indian society that is not computer literate, the risks are compounded.

 The same is also applicable to organisations. The large volumes of business-critical data that they possess makes them a lucrative target for cyber offenders. It is therefore important that organisations are also well educated on how to protect themselves against such threats.

It is important to understand that the threats are no longer within the scope of being managed manually. It is critical businesses adopt the right Cybersecurity strategies and technologies to protect themselves, in a rapidly changing security environment.

 Adaptive technologies such as Trellix’s XDR platform that combine artificial intelligence, machine learning, automation, device monitoring, and database security in one place, give you the best chance of protecting your data in all its forms.

Living security that smartly adapts to the rapidly changing threat environment is the way to go.  It helps businesses stay one step ahead of their attackers, adapt to emerging threats, and accelerate detection and correction across the entire defense lifecycle.

Trellix XDR, for example, assists businesses in increasing analyst and security operations productivity by combining events from various security technologies and using co-relation logic, utilising many years of experience in the cybersecurity industry to provide the best, most optimum and manageable security outcomes.

As an organisation, we also educate Enterprises on various topics such as internet security, Health Insurance Portability Act, Zero Day exploits, and Information Rights Management among other topics to help them understand the cybersecurity landscape better and be abreast of the developing threats in the cyber space.”

 

Jared Danaraj Vice President, Sales and Solutions Engineering, Asia Pacific, and Japan- UiPath 

India has seen a surge in cyber-attacks and has reported over 670,000 cases until June this year, making it essential for all stakeholders to come together and prioritize cybersecurity. According to a recent World Economic Forum report, 95% of cybersecurity problems result from human error, which is further aggravated due to the global cyber skills shortage. Employees often fail to recognize and report malicious activities such as phishing leading to significant financial losses. Organizations are prioritizing cybersecurity with training initiatives and incentivizing the reporting of phishing attacks as part of the overall company bonus policy. However, automating cybersecurity operations can help detect threats and prevent expensive consequences. Deploying software robots can help eliminate human errors and reduce the time taken to respond to a cyber incident.

Realizing the importance of security, we have entered into strategic partnerships with major security platforms like CyberArk, CrowdStrike, and eSentire. Software robots can ensure all malicious emails are automatically quarantined and trigger remediation actions when necessary. Robots can quickly action deletion or quarantining of suspicious malware-infected files, perform a geolocation lookup on a given IP address, quarantine a device from the network, and more. For example, UiPath robots can natively integrate with CrowdStrike to enable endpoint detection and response with Falcon Insight. Our integration with eSentire enables end-to-end security policy automation across multiple Microsoft Security services.

We urge CISOs to implement initiatives and adopt automation tools for cybersecurity operations that can also help them improve the overall cybersecurity posture of the organization and stay ahead of cybercriminals.   

 

Tushar Haralkar, Security Software Technical Sales Leader, IBM Technology Sales, India/South Asia

 “Over the past two years, India has become a new favorite destination for cybercriminals because of its increased digital footprint. In 2022, India’s data breach costs increased to 176 million, nearly 25% over the past 2 years, as per the latest Cost of Data Breach report. With organizations becoming increasingly vulnerable to sophisticated cyberattacks, responding fast is vital – whether it’s detecting and stopping potential attacks, limiting the window of access to your environment, stemming reputational damage, or restoring critical technology. The International Cybersecurity Awareness Month serves as a reminder that enterprises need to make cybersecurity a strategic imperative and help everyone learn how to stay safe online.

 Businesses have begun to realize that it’s time to look inward and identify and close security gaps to build a more resilient future. In today’s security environment, a successful program requires the right mix of ingredients due to the constant deluge of attacks and complex enterprise infrastructures. Most security teams today are unknowingly building “less trust” networks — not zero trust networks. The solution is to turn the tables and look at networks from an attacker’s perspective, by treating our network as if it had been compromised and attacked. It is imperative that companies detect, hunt for threats, scrutinize connections and relationships, and rely on AI and analytics In order to monitor, detect and contextualize dynamic behaviors across hybrid cloud environments, organizations should adopt a zero-trust approach to their security strategy.

Leadership in security is important, but a culture of security is what ensures that cybersecurity is embedded in every aspect of your business. In order to ensure the success of any security program, organizations need to educate and test the workforce – from continuous threat monitoring to vulnerability testing, to enhanced cybersecurity capabilities based on AI and Machine Learning. As one of the leading providers of enterprise security solutions, IBM has been helping companies improve their cybersecurity response on a number of fronts. We ALIGN the security strategy to the business, PROTECT identities, data, apps, endpoints, and cloud, MANAGE defenses against growing threats and MODERNIZE. By drawing on IBM’s wide array of security expertise and capabilities, we are ready to assist the nation in building a more secure future.

 

Pravin Kumar Sadasivam, Chief Technology Officer, Redington Limited.

“In recent years almost, all organizations have fast-tracked their digital transformation journey, which has also exposed them to increased frequency and complexity of cyber-attacks. Due to trends like work from home, remote working, and the growing demand for remote access to services from consumers and clients, businesses across industry sectors – be it healthcare, banking, entertainment or retail, are vulnerable to a wide gamut of cyber-threats. Hence, it is important for every business to have a strong team of cybersecurity specialists equipped with the most advanced and best-in-class security solutions to pre-empt, predict and protect the organization from these threats.

We, at Redington provide our customers with all kinds of IT security solutions designed by various trusted and reliable global brands. These solutions include Hybrid Cloud Security, Network Security, Cyber Security, Enterprise Security, Enterprise Service Management, API Access management, Single Sign-on and more. Additionally, we are also focusing on building awareness and upskilling our own employees to combat potential risks and threats. Further, we have equipped our IT team with advanced technologies to address any potential cybersecurity threat.

By creating and implementing a Defence in Depth (DiD) Security infrastructure, we ensure strong security controls at different layers starting from Attack Surface, Firewall till Endpoint Security. Today, new ways of threats have unveiled through social engineering methods and to fight such threats, Redington has enforced a strong security system to monitor emails and internet traffic. We have enabled URL redirecting, ATP and sandboxing mails to prevent from known or unknown threats and ensure zero day exploits. Advanced systems like Behaviour Based Security are enforced with XDR solutions to tackle system or device related risks. We have also partnered with known security agency to outsource our SOCS (24X7) and SIEM services. Recently, we also upgraded our locations connectivity from MPLS to SD-WAN with security solutions and for the roaming profiles we have ZTNA security solution deployed.

We strongly believe and encourage our workforce including the infrastructure, security and development teams for continuous learning and adapting to new technologies and trends for their personal and professional growth“.

 

Vikram R. Singh, Founder and CEO, Antier

“The rapid development of emerging technologies presents businesses with exciting opportunities for future expansion, but each new advancement also grants cyber-predators a chance to malevolently use your proprietary data. Every new technology in the digital era includes a digital component, and every digital component has a security component. Therefore, it is essential that every organisation give the development of scalable and secure digital infrastructure first priority.

Major corporations have recently been the targets of a number of widespread cyberattacks that compromised bank records, credit card numbers, usernames, passwords, emails, phone numbers, addresses, and other private data. The need for experts educated in detecting cybercrime has significantly increased in reaction to cyberattacks. In order to keep the Internet stable, these unsung heroes not only create new solutions to tackle cyberthreats but also serve as the first line of defence against spam, phishing, malware, viruses, and other threats.

Cybersecurity is poised to serve as a foundation across all sectors going digital, thus opening up unlimited career opportunities in the global job market. Since the cyber security skills gap is so wide, there are many vacant positions in the industry, which work to the advantage of students looking to enhance their career prospects. Applications Development Security and Cloud Security will be among the fastest-growing and most sought-after skills in cybersecurity with projected growth rates of 164% and 115%, respectively, over the next five years.”

 

Satya Machiraju, VP, Information Security at Whatfix

“With accelerated adoption of the cloud-first model, there has been an exponential rise in cybercrimes. India has seen a major spike in cybersecurity-related threats, with over 6.7 lakh cases recorded so far in 2022. Cybercriminals have now realized that instead of targeting company networks, they are better off targeting users by leveraging the information available on public forums and social media. Phishing and social engineering attacks have increased more than ever before. CISOs need to invest in solutions that help users identify phishing emails and also be cautious about their social media footprint.

Organizations now need to focus on specific training such as secure coding and security hackathons for developers. IT leaders should understand that the targeted attacks will continue to rise and ensure that they invest heavily in user education and enablement towards Cybersecurity.

It is also imperative that before the adoption of any cloud technology, organizations should carry out a thorough risk assessment and ensure that all risks are documented and reviewed adequately. Security teams should augment their existing security controls portfolio with new-age technologies such as Zero Trust, data leakage detection technologies that are more focussed towards end-user computing devices, regulate and monitor access to cloud infrastructure and solutions.”

 

Nitin Varma, Managing Director, India & SAARC, CrowdStrike India

“Every industry in recent years has undergone rapid digital transformation. While the rapid adoption of digital technologies helps in implementing new and disruptive business models and processes, it also involves risks, increasing cyberattacks being the biggest risk factor.  In fact CrowdStrike’s Falcon OverWatch report 2022 highlights how threat hunters identified more than 77,000 potential intrusions or approximately one every seven minutes in the year to end of June 2022.  The rapid adoption of cloud-native architectures have expanded the attack surface for adversaries to exploit especially where security provisions haven’t kept pace with the acceleration of digital transformation.

To address these challenges, cyber-security should be woven into the digital fabric so as to achieve a state of “security by design”. Timely detection of intrusions is a crucial element of every comprehensive cybersecurity strategy. The earlier an organization can detect an attack, the less impact it will have on the business and the easier it will be to resolve. Organizations should understand their own data assets and have absolute visibility and security capabilities for protection such as by maintaining a register of processing activities. Without centralized visibility, organizations risk leaving a back door open and falling victim to significant attacks or ransomware often via illegal access to their networks through stolen credentials.

Whether the goal of cybercriminals is monetary gains, compromising data, or causing operational disruptions, timely intervention and visibility across the threat landscape with continuous learning about new tactics will be the key. Other points to consider include protecting all workloads, adopting zero trust approach to protect identity, using VPN with multifactor authentication, monitoring the criminal underground, eliminating misconfigurations, incorporating email security software to detect phishing emails, investing in elite threat hunting and building a cybersecurity culture with user awareness programs to combat the continued threat of phishing and related social engineering techniques.”

 

Uthaman Bakthikrishnan, Executive Vice President, ClearTouch

“Cybersecurity has been a topic of discussion since the early 2000s, and it has been about the technology that defends us against these threats. When we think of security, any system is only as strong as the weakest link, and that link happens to be humans. Because of the pandemic-caused lockdown, businesses were forced to migrate their operations from on-premises to cloud-based in order to facilitate remote working. While using cloud-based services has advantages such as immediately shutting down your processes in the event of a network breach to avoid more damage than on-premises operations, cloud breaches must not be overlooked.  Data is the most valuable resource in the world today. As simple as this made business operations, it also introduced new challenges and opportunities for data breaches. ClearTouch, being a cloud contact center platform, is committed to providing a high level of security through various regulatory compliance, allowing our users to increase productivity by eliminating intrusions and ensuring that they are working safely online to enhance customer experiences.”

 

Akshat Jain – Co-founder and CTO, Cyware

“Cybercriminals frequently morph their attack methods to stay under the radar of existing cyber defenses deployed by organizations. Every newly discovered software vulnerability or unguarded asset on an enterprise network presents an opportunity for attackers to infiltrate. To counter this, security teams require a thorough knowledge of how the sophisticated threat actors operate, and accordingly evolve their detection, analysis, and response workflows. They also need to maintain complete visibility and control over their entire attack surface to ensure no loopholes exist in their defensive measures. This means smarter decision-making for SecOps can be enabled by strategic and tactical threat intelligence, along with threat visibility and real-time situational awareness to bring about positive security outcomes.

In modern SecOps, there is a deluge of threat data that security teams need to ingest, process, and analyse in order to uncover hidden threats. Without the use of automation, it becomes humanly impossible to contextualize, prioritize, and operationalize this immense flow of threat alerts and intelligence from both internal and external sources. Therefore, to make meaningful strides toward achieving their objectives, security teams must look to orchestrate and automate their threat data collection, processing, analysis, and auctioning. Security automation also multiplies the efficiency of security processes and enables proactive defense through automated last-mile threat intelligence delivery and operationalization. Moreover, it is crucial to eliminate silos and bottlenecks in SecOps by integrating diverse functions through Cyber Fusion and advanced Security Orchestration, Automation, and Response (SOAR) for end-to-end threat response and management across cloud and on-premise environments.

Above all, organizations across sectors must recognize that they face many shared challenges when it comes to cybersecurity. To pave the way towards a secure cyberspace for all, organizations across the spectrum must participate in collaborative efforts such as cross-sectorial threat intelligence sharing and coordinated threat response for collective defense against all critical threats.”

 

Nandita Bery, Director of Awareness and Education, Infosec Team, Equinix

“India is undertaking digitization across sectors, and while it has its advantages, it is also causing a sharp rise in cyberattacks and the cost of security breaches. The recent annual study of Equinix titled ‘Global Tech Trends Survey 2022’ finds that cyberattacks are a top-of-mind threat for Indian IT decision-makers.

As digital infrastructures continue to evolve, access points are increasing. The security models recognize that as long as there’s inherent trust or human intervention, there is the potential for security issues. That’s why the industry is taking notice of how a zero-trust security approach would complement technological advances and how digital businesses accelerate. Adopting a risk-based, identity-centric approach provides the needed security foundation. As security teams face the constant barrage of cyber threats, security automation is shaping up to be an answer to efficiently handling common phishing, insider risks, and other alerts.

Zero trust and zero touch are the potential security models for the evolving security challenges in the future. Platform Equinix implants security in every step of advancements to deliver robust interconnection to hybrid clouds while connecting digital infrastructure and services on demand and providing full control of data and security perimeters.

In a Zero trust model, there is no implicit trust granted to users or devices and it employs a more granular perimeter control based on users, devices, geolocation, and historical usage patterns to identify if something can be trusted to be in the enterprise. It is a well-established concept in the security industry by now, but what’s also gradually gaining attention is zero touch security.”

 

Shuja Mirza, Director, Solutions Engineering, NetApp India & SAARC

“In today’s highly digitalised world, data is any organisation’s most valuable resource. Amidst increasing cyberattacks, data-related risks are at an all-time high and are growing more complex in terms of scale and impact every day.

To mitigate threats, enterprises can operate as a Zero-Trust Network and take a data-centric approach. To build such a network, security controls should be as close to the data as possible.  Under the Zero-Trust model, the administrator specifies a set of rules to enumerate permitted activities, and the software will evaluate every activity against that set of rules to determine whether it is on the ‘Allowed’ list. If it is not, the activity gets blocked.

Organisations should also employ multi-factor authentication for administrative and data access, as well as use encryption for data at rest, and in flight. Additionally, monitoring and logging all access to data can go a long way in improving security across networks.

It is advisable for enterprises to work along with technical consultants to implement a robust data protection methodology across on-prem and cloud environments. Organisations must consider the latest tools and technologies like Blockchain and AI that help combat threats efficiently and cost-effectively in the long run.”

 

W. Curtis Preston, Chief Technical Evangelist, Druva

“The security environment is ever-evolving. Since malware strains continue to emerge every day, organizations have to do more than just maintain their defenses. Even the largest companies have fallen victim to cyber-attacks because it is almost impossible to keep pace with the relentless horde of attackers.

The only way to counter an army of attackers is to have an army of your own – a service that can protect data, proactively identify, alert and respond to problems, and prepare you for full recovery. For this, businesses should adopt cloud enabled protection systems with fully automated and non-disruptive infrastructure updates.

Second, you need a cross-organisation plan. Security, IT, legal, and executive management must work together to respond to a ransomware attack. Unfortunately, most organizations are depending on a decade-old disaster recovery plan they have never tested.

There is no better time than now to evaluate your current protection strategies than Cybersecurity Awareness Month. A strategy that is flexible, adaptable, ever-evolving and robust is the best route to business continuity, regardless of any threats.”

 

Dr. Rishi Bhatnagar, President at Aeris Communications

“Over the last few years, the proliferation of smart devices and changing customer preferences have led to the evolution of digital transformation. As a result, businesses are increasingly exploring opportunities and high-end capabilities for competitive advantage and growth. However, with the emergence of new technologies such as cloud, artificial intelligence (AI)/machine learning, internet of things (IoT), big data, and other operational technologies, technology risk is continuously elevating.  Apart from emerging technologies, even mobile devices carry significant security risks. Mobile apps are often the cause of unintentional data leakage which can have a catastrophic impact on an organization as today’s businesses operate through mobile devices. This makes it mandatory for organizations to train their employees to protect the company’s digital assets, create a cyber-threat response planning that consists of a plan of action for specific attack scenarios. At Aeris Communications, critical assets and data are safeguarded by a secure and protected network. As a leading IoT solutions & services provider, we believe that a strong security policy can help businesses lower their risk of compromise. It essential for organizations to use effective tools that can identify real-time threat intelligence, apply AI to detect threat pattern, data breaches and anomalies, and automatically initiate a coordinated response across different networks. This holistic approach to a cybersecurity architecture propels a well-knitted integration and increased automation, making it easier for security and IT teams to coordinate and respond quickly to threats in real-time”.

Pankaj Sachdeva, Vice President, Data Science & Analytics, and Managing Director, India Innovation at Pitney Bowes

“Cybersecurity is no longer an IT problem but has evolved as a business risk. Cybersecurity attacks not only cost companies billions every year but it also pose significant threat to life with critical infrastructure failures. Organizations are left prone to cyber-attacks by systematic and cultural gaps between non-IT and IT personnel. Executives need to think beyond traditional ways to solve such issues and evolve their strategy and architecture. Organizations should emphasize on the importance of cybersecurity awareness among employees and organize programs & trainings which play a critical role in developing cyber risk understanding among employees. These programs not only teach cyber threat identification but response to suspicious activity as well. The priorities and investments in cybersecurity should be focused on obtaining a set of results that are consistent and efficient.”

 

Anjali Mahajan, Regional Vice President at Amdocs

Due to digital disruption, we are witnessing an increase in technology adoption and dependency. As 5G rolls out, it is lauded for its low power consumption and enhanced interconnectivity. With its advent, billions of devices and IoT devices can be interconnected, enabling use cases such as smart cities, AR/VR on mobile networks, remote medicine, and much more. However, implementing a 5G network is not without risk. As 5G becomes available, activities will now be routed directly to a network of digital routers, eliminating the possibility of chokepoint monitoring and control. By replacing higher-level network functions previously performed by physical appliances with software, 5G increases its cyber vulnerability. In such a case, for businesses, identifying the types of data handled and where that data resides, whether on devices, cloud providers, or remote employee laptops, becomes a critical benchmark for data risk evaluation. In a time where cybersecurity vulnerabilities are at their peak, organisations must be aware of the flaws and potential risks and implement necessary practise to create a cyber-safe environment.”

 

Prakash Krishnamoorthy, Director, India, Aruba, a Hewlett Packard Enterprise company

 “Creating an environment that is resilient, reliable, and that employees can trust on to simply meet their needs is one step closer to sustaining the link between technology and people. According to a report by GlobalData, more than 50% of Indian businesses have significantly boosted their Information and Communications Technology (ICT) budgets for this year compared to 2021, as a result of the expanding digitisation of organisations. Therefore, Secure Access Service Edge (SASE) and Zero Trust framework have rather become vital elements for IT leaders to ensure complete visibility, control, and enforcement of their network security.

 The Zero Trust Security should ensure that home or remote workers are subject to the same security measures as campus or branch networks. With AI-powered client visibility and integrated security ecosystems, enterprises can provide a holistic edge-to-cloud security to its customers and therefore, tackle the ever-evolving security threats. “

 

Phalachandra Kerekudige, CISO, Fidelity Investments India

“The cybersecurity threat landscape continues to evolve at a fast pace, especially as organizations expand and data flows increase. Bad actors are responding with increasingly sophisticated ways to steal this data. It has never been more important to keep your employees aware of the latest cyber trends and what they need to do to ensure the cyber safety of your company. Fidelity maintains a comprehensive awareness and training program for all our associates. We focus on making sure everyone understands it’s a shared responsibility to keep our customers’ data safe. “

 

 Srikanth Doranadula, Vice President – Hybrid Cloud Systems, Oracle India

“As technological advancements are propelled in the country, there is an unspoken need of building trust on these innovations. Businesses no longer want to be bogged down by dated technology however at the same time, the risk of losing their most critical data to a cyber attack is holding them back and keeping their business centered around traditional way of doing business. Threats of cyber theft are especially amplified in our digital economy with an enormous data explosion.” 

 He added “Organizations must focus on a security-first culture and only rely on technology providers that lead with the same thought. To future-proof and attack-proof their data, businesses must also invest in threat intelligence programs that can help gauge the intensity of any hazard. At Oracle too, we have the privilege and a huge responsibility of managing customers’ databases so we prioritize security over any other pillar and therefore we have successfully managed world’s most critical and sensitive data with over four decades of experience. Our customers have been able to strengthen their security posture by reducing risk with security-first design principles. We also automate security to reduce complexity, human error and also lower cost with automated patching for Autonomous Database and threat mitigation for OCI by Access Management.”

Leave a Response