With cybercriminals constantly developing new methods of attack, it becomes crucial to stay updated on the evolving threat landscape and adapt security measures accordingly.
It is therefore apt to say that cybersecurity is no longer an option, but it’s a necessity.
RE-EVALUATING THE CYBERSECURITY POSTURE
In the hyper-connectivity era, it is important for organizations to re-evaluate their cybersecurity strategy while evaluating and selecting tools that leverage a unified architecture across their digital landscape.
Says Sanjeev Iyer, Channel Sales Director, APAC, Forcepoint, “Today’s digital world requires workers and data to be everywhere. As such, it is essential to understand where sensitive data – the Crown Jewel of an organization – resides, understanding how and where said data is handled and who has access, before aligning a governance and protection strategy and assigning risk to potential use-cases.”
Organizations should start by conducting a thorough risk assessment. By identifying organization-specific threats and vulnerabilities and by analysing past attacks, industry trends, and utilizing threat intelligence feeds, businesses can gauge the potential risks they face and evaluate their preparedness to mitigate them. Equally important is taking stock of an organisation’s current security infrastructure, including their security awareness training programs, the security solutions they have in place, and the processes they have implemented to remediate. This comprehensive understanding enables organizations to prioritize their cybersecurity efforts and allocate resources effectively.
This should then be followed by putting up effective access controls, which would mean having strong password policies, using multi-factor authentication, and restricting data access only to those who are authorized to know. Additionally, regular software updates as well as patch management are necessary for fixing identified vulnerabilities promptly.
“Attackers are typically after one thing and one thing only – data. That is why organisations are paying attention to improving their data security posture,” says Maheswaran S, Country Manager, South Asia, Varonis. “Any cybersecurity strategy must center on securing data. Infrastructure can be rebuilt after an attack, and systems can be put back online. However, it is impossible to undo the damage once your data is exposed. Data Security Posture Management (DSPM) is a modern approach to cybersecurity that prioritizes the organization’s information. DSPM solutions are designed to protect sensitive data and ensure compliance with regulations, regardless of where data resides.”
“Organizations must establish clear protocols for data handling, incident response, and mitigation strategies to minimize the impact of cyber incidents,” points out Harshil Doshi, Country Director – India, Securonix. “They must also continuously review and update security policies, which is essential for keeping pace with evolving threats and regulatory changes.”
“A corporate cybersecurity strategy should be tailored to an organization’s unique security needs. Small, medium, and large businesses in different industries and locations can face very different threats and have different security requirements. To counter these threats, a robust cybersecurity strategy is essential,” says Manish Alshi, Head of Channels and Growth Technologies – India & SAARC, Check point Software Technologies.
Manish further adds that an effective security strategy is backed by a consolidated security architecture. A cybersecurity architecture should be designed based on security best practices like Zero Trust Security, and Defense in Depth.
In the views of Kartik Shahani, Country Manager, Tenable India, many organisations today prioritise reactive security solutions, which take an event-based approach by analyzing past activities through events, logs, and traces. “While these controls are valuable for incident response, they cannot prevent attacks. In contrast, preventative controls concentrate on assessing the current security state of assets to identify potential attack vectors. To illustrate the difference: reactive strategies resemble your neighbor informing you that a van arrived, the driver robbed your house an hour ago, and left with your belongings, while preventative strategies involve securing doors and windows to prevent the robber from entering in the first place.”
“Understanding the security status of assets enables organizations to develop remediation and mitigation strategies to close attack vectors before they are exploited. Moreover, prioritising preventative security strategies allows organisations to address potential risks proactively, resulting in more effective and efficient use of existing reactive controls,” he further adds.
Employees who form the most important asset of an organisation need to be properly trained and a structured awareness program should be put in place. This will help equip them to make better judgments about the emails they receive, how they surf the web, how they use social media, and so forth.
“Businesses should always ensure they include metrics in their cybersecurity strategy to gauge the performance of cybersecurity initiatives,” Asjad Athick, Cybersecurity Lead, APAC, Elastic. “Metrics should evaluate compliance, agility in threat detection, risk reduction, regular penetration testing, and the return on investment (ROI) to demonstrate the program’s success.”
SMEs- the weakest link
Organisations, irrespective of size, stand the risk of facing constant threat of cyberattacks. Many businesses, particularly SMBs lack the resources to detect, prevent and respond to such threats. As highlighted in The World Economic Forum’s Global Risks Report, the gap between cyber-resilient and struggling organizations is widening and this has emerged as a pressing risk in 2024. This gap poses a serious threat not only to individual companies but also to the broader ecosystem, as cyberattacks continue to evolve in sophistication and frequency.
“This prompts urgent calls for action,” says Harshil Doshi of Securonix. “While large enterprises have made strides in bolstering cyber resilience, small and medium-sized businesses have experienced a concerning decline. There is a significant gap between organizations that have robust cybersecurity measures in place and those that lack adequate protection or have the right tech stack.”
Securonix is strategically equipped to address these challenges. Its security intelligence platform provides real-time visibility and promptly identifies and mitigates risks. With User and Entity Behavior Analytics (UEBA), Securonix excels in spotting anomalies and insider threats, offering unparalleled protection. To stay ahead of emerging challenges, Securonix introduced its Unified Defense SIEM Platform, featuring advanced threat detection capabilities and streamlined incident response processes.
SonicWall always believes in and works towards providing a more holistic and intrinsic approach to securing organizations – no matter the size: be it an enterprise or SMEs. This approach ensures end-to-end visibility and the power to share intelligence across the unified security frameworks.
“Products such as the SonicWall next-generation firewalls (NGFW) together with Capture Client ensures endpoints and users are protected against threats and growing threat vectors. When integration is enabled, endpoints are detected on the network by the SonicWall enforcement service,” says Debasish Mukherjee: Vice President, Regional Sales APJ – SonicWall Inc. “Presently MDR services, which strengthen the SonicWall offerings are offered from North America-based SOC, but we are committed to investing in countries like India and supporting our Service Provider Partners.”
Through substantial enhancements to its ExposureAI capabilities within the Tenable One Exposure Management Platform, Tenable is changing the way security teams navigate and respond. ExposureAI enables organisations to quickly summarise relevant attack paths, ask questions of an AI Assistant and receive specific mitigation guidance to act on intelligence and reduce risk. “To help organisations easily navigate any step on their cloud security journey, we also recently announced expanded Tenable Cloud Security cloud-native application protection platform (CNAPP) capabilities for Kubernetes on-premises and public cloud environments,” says Kartik Sahani of Tenable.
Varonis is constantly developing and strengthening its cloud-native Data Security Platform. In the first few weeks of 2024, it unveiled many updates to improve its customer’s cybersecurity posture. “In February 2024, we announced the latest evolution in our mission to deliver effortless outcomes for our customers – Managed Data Detection and Response (MDDR), the world’s first managed service dedicated to stopping threats at the data level. MDDR combines Varonis’ award-winning threat detection technology and automation with a global team of elite threat hunters, forensics analysts, and incident responders who investigate and respond to threats 24x7x365,” says Maheswaran S.
“Norton remains steadfast in our resolve to protect the businesses and SMEs. We make use of cutting-edge antivirus programmes built to identify and neutralise a variety of online threats,” comments Ritesh Chopra, India Director – Norton. “Our services adapt to tackle new threats by means of proactive monitoring, integration of threat intelligence, and frequent upgrades. In addition, we work together with companies on educational projects, offering them tools and guidance to improve their cybersecurity posture.”
BOLSTERING CYBER DEFENSE THROUGH RESEARCH
Research and development are of utmost importance at SonicWall. SonicWall Capture Labs threat researchers gather, analyze, and vet cross-vector threat information from the SonicWall Capture Threat Network, consisting of global devices and resources, including more than 1 million security sensors in nearly 215 countries and territories.
“Research can help develop effective strategies for addressing such risks. Therefore, sharing results with other members within the industry through annual conferences, journals, or even by making it available online ensures that today’s knowledge becomes tomorrow’s foundation,” says Piyush Somani, Chairman and Managing Director, ESDS. “Moreover, this collective support system of trust is important to enhancing our defense mechanisms. This might involve joining professional organizations and forums where you meet colleagues from different cultures; hence providing a chance to exchange useful ideas about information security practices based on one’s specific experience.”
“Barracuda contributes actively to the cybersecurity community and advances in collective defence,” cites Rohit Aradhya, Vice President and Managing Director, Engineering, Barracuda. “Barracuda Threat Intelligence is a powerful framework that combines threat data collected from multiple sources, advanced analysis, and research, as well as a global operations network that supports on-premises gateways, end point security and real time protection through cloud. This framework is designed to provide comprehensive, near real time threat protection across multiple threat vectors. Barracuda collects emails, URLs, binaries, and other threat data from tens of thousands of honeypots located in more than 100 countries and an extensive web crawler network. This is supplemented by data contributions from more than 180,000 collection points across several types of organizations.”
Barracuda then shares this threat intelligence information and indicators of compromise with the Cyber Threat Alliance, which drives a coordinated industry effort against cyber adversaries through the sharing of threat intelligence and Indicators of Compromise. Barracuda also shares its threat intelligence information with MISP, an open-source threat intelligence and sharing platform.
Check Point Software has global threat intelligence and vulnerability research teams, called Check Point Research (CPR), dedicated to discovering new malware, threats, and developing solutions that benefit customers and organizations worldwide.
“CPR provides leading cyber-threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point Software products are updated with the latest protections. The research team consists of over 150 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs,” explains Manish Alshi.
In its commitment to the cybersecurity community, Data Safeguard actively contributes by conducting cutting-edge research and sharing our expertise to fortify collective defenses against cyber-threats. “This is done through Research & Innovation, Thought Leadership, Collaboration & Partnerships, Training & Education, and Community Engagement,” says Damodar Sahu, Co-Founder & Chief Growth Officer – Data Safeguard Inc. “We share our knowledge and expertise through various channels, including white papers, blog posts, webinars, and speaking engagements at industry events. By disseminating thought leadership content, we aim to educate and empower cybersecurity professionals, businesses, and the wider community to enhance their security posture and resilience against cyber-threats.”
The Global Cybersecurity Association (GCA) is dedicated to elevating cybersecurity awareness, particularly among businesses of varying sizes. Its focus is on conducting comprehensive campaigns to educate these organizations about the spectrum of cyber threats. Additionally, GCA is committed to compiling a curated list of reliable and effective cybersecurity products and solutions.
“Our contribution to the cybersecurity community involves fostering a collaborative environment between industry and academia,” says Roopali Mehra, Governing Council Member, Global Cybersecurity Association. “By bridging this gap, we facilitate cutting-edge research that addresses current and future cybersecurity challenges. This partnership enables practical, real-world application of academic research, enriching the cybersecurity domain with fresh insights and innovative solutions. We actively share this expertise within the community, enhancing collective defenses and empowering both sectors to stay ahead in the evolving cyber-landscape.”
STANDING TOGETHER FOR A COMMON CAUSE
Forming partnerships and collaborations in the cybersecurity industry is becoming essential to strengthen one’s security posture and address cyber-threats. Different organisations in the industry often have access to unique sets of information. When this information is shared, the stakeholders get a holistic picture of their threat landscape.
According to Sanjeev of Forcepoint, there is no one-size-fits-all to security; so when organizations and expert voices come together to share unique insights and experiences, this often enhances the collective defense and resilience against evolving challenges. “Through collaborative efforts, we don’t just identify emerging threats – we preemptively develop countermeasures, staying one step ahead of potential cybercriminals and malicious actors. These joint efforts lead to establishing unified defense mechanisms and coordinated responses to cyber incidents, bolstering the overall security posture of the region. It’s this continuous cycle of improvement that ensures the sustained resilience of the cybersecurity industry against the continuously evolving landscape of cyber threats.”
“Cybersecurity collaboration is a powerful approach to combat the ever-growing challenges of cyber threats. Through collective action, organizations can harness shared knowledge, resources, and expertise to bolster threat detection, enhance incident response, and fortify overall security defenses,” says Manish Alshi.
In 2024, Check Point will focus on strengthening security through collaboration. The Check Point technology partner alliance unites a global network of leading security industry partners. Leveraging our joint solutions, customers can construct a cohesive, tightly integrated, and secure ecosystem. Among our esteemed partners are AWS, Google, Microsoft Azure, Oracle and numerous others.
As Harshil points out, some of the key benefits of collaborations are Enhanced Threat Intelligence, Faster Incident Response, Access to Specialized Expertise, Enhanced Innovation and Cost-Effectiveness.
Damodar Sahu reiterates the same by saying that forming partnerships is becoming necessary to foster collective resilience. “Through collaborations and partnerships, organizations can effectively navigate the complex cybersecurity landscape and safeguard their digital assets in an increasingly interconnected world.”
Elastic is a key contributor to the cybersecurity community through open development, integration with threat intelligence feeds, research, and active community engagement. In addition, its annual Global Threat Report provides valuable insights into the evolving threat landscape, showcasing the changes made by threat actors in the past year. Drawing from Elastic Security Labs’ investigations and expert threat intelligence, the report serves as a valuable resource to steer security teams in safeguarding against malware, endpoint, cloud security, and more.
Fortinet is a founding member of the Cyber Threat Alliance, an organization focused on sharing critical threat intelligence to raise the level of security for organizations globally. “We are also an active member of the World Economic Forum (WEF) and a founding member of its Centre for Cybersecurity, and a partner with INTERPOL: Project Gateway and NATO NICP, where we collaborate on intelligence sharing on cyberthreats and respond to breaking requests for intelligence as new cases emerge,” says Vivek Srivastava, Country Manager, India & SAARC, Fortinet.
In 2023, FortiGuard Labs released numerous outbreak alerts each month, making it a notable year in terms of the frequency of significant incidents with widespread reach. These outbreaks highlighted the various targeted and 0-day attacks, weaponized vulnerabilities, malware, ransomware campaigns, and OT/IoT threats launched last year. This diversity emphasizes the importance of timely threat intelligence, proactive protections, and a multi-layered security approach to ensure organizations remain safe by addressing all threat vectors.
AND SO…
The cybersecurity market in India reached $6 billion in 2023, growing at a CAGR growth of over 30% during 2019-23. The products segment grew by more than 3.5X to touch $3.7 billion in 2023 from $1 billion in 2019. The market is expected to account for 5% of the global market by 2028. This growth is underpinned by the dynamic and evolving challenges characterizing the current cybersecurity landscape. With our increasing reliance on digital technologies, the attack surface for cyber-threats has expanded, encompassing both the virtual and physical realms.
Three months into 2024, the industry has realized the collective responsibility of maintaining a cyber-aware culture which is becoming more pronounced. Considering the modern cybersecurity scenario being complex, marked by advanced threats like zero-day exploits and disruptive ransomware campaigns across diverse industries, collaboration and information sharing is pivotal, as marked by every security player. The need of the hour is international cyber-intelligence networks and ongoing professional upskilling to bridge the talent gap. Through awareness, robust defences, and global collaboration, we can navigate the evolving threat landscape, ensuring the continued growth and innovation of the interconnected digital ecosystem.