The ever growing challenges of cybersecurity with no concrete solution yet…..

High profile data breach in 2020 and 2021

.    Facebook users’ phone numbers leaked on hacking forum (Exposed personal data of over 500 million Facebook users)
.    LinkedIn profiles had been put for sale on a popular hacker forum (Exposed 500 million users)
.    ParkMobile breach exposes license plate data and mobile numbers of its users (Exposed Mobile Numbers of 21M Users)
.    Air India cyber-attack(4.5 million customers)
.    Marriott International (Marriott Data Breach 2020: 5.2 Million Guest Records Were Stolen)
.    Magellan(More Than 364,000 Individuals Affected)
.    Twitter( A malicious code was inserted into its app hasimpacted information worldwide)
.    Garmin( Hackers deployed the ransomware tool and encrypts company’s digital infrastructure, paid $10 million as ransom)
.    Software AG(It has hit with $23 million ransomware attack)
.    FireEye and SolarWinds supply chain attack victims(Hackers inserting malicious code into a SolarWinds software update)
.    Florida Water System( The intruder boosted the level of sodium hydroxidein the water supply to 100 times higher than normal)
.    Microsoft Exchange Mass Cyber Attack( Causing Rampant Damage to Millions Worldwide)
.    Airplane Manufacturer Bombardier( Confidential data of customers, suppliers and approx. 130 Bombardier employees has compromised)
.    Sopra Steria Ransomware Attack( Sopra Steria cyber attack costs to hit €50 million)
.    Acer(REvil Ransomware Attack cost a ransom of $50 Million)
.    The US Fuel Pipeline(U.S. fuel pipeline operator Colonial Pipeline has shut its entire network)
.    Telegram Hijack ( Millions are exposed as a malicious new threat exploits Telegram with dangerous malware)
.    Mobikwik (10 million users for mobile wallet reported to be on sale on the dark web)
.    Juspay( 35 million records with masked card data and card fingerprint were breached)
.    Airtel denies claims that data of 2.5 million users was leaked

Worldwide spending on cybersecurity products and services has collectively exceeded $1 trillion from 2017 to 2021.The ever-growing number of public IP addresses and access points, a dramatic increase in the volume of Internet traffic, and the massive amounts of data that the world generates today, combine to create a highly favourable environment for cybercriminals to exploit vulnerabilities. The cost of cybercrime will reach 7 trillion dollars worldwide by 2021, and the cost of ransomware damages will rise to 20 billion dollars.

Technological advancements have not only given us the power to manage everything with a click of a button, but it has also made us vulnerable to many threats online.The Covid-19 pandemic has given an unprecedented opportunity to cyber attackers to hack and break down the organizations’ IT infrastructure. The work-from-home working module adopted by the organizations has been attributed to the rise of cyber-attacks. As per IBM's Cost of a Data Breach Report 2020 found that organizations took 207 days to detect a security breach and over 80 percent of the reported cybersecurity threats were phishing attacks.

As per a report, hackers had installed malware into IT company SolarWinds' Orion software and accessed critical data of blue-chip companies, hospitals, universities, and U.S. government agencies.According to the report, at least twenty-four tech giants, including Nvidia, VMware, Cisco, and Intel, fell victim to the malware embedded into the Orion software.In the second half of 2020, when the world was struggling to deal with the coronavirus pandemic, cybercriminals did not even spare Covid-19 vaccine research institutions, targeting seven high-profile establishments from around the world, including one in India.

Time to Protect Your Organization Against Cyber Attacks

Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals. The growing damages faced due to cyberattacks become necessary to take preventive measures right away. 

•    Generate Cyber Security Awareness: 
•    Implement a Phishing Incident Response Tool 
•    Carry Out periodic VAPT
•    Keep the Systems Updated
•    Implement Multi-Factor Authentication (MFA)

Technologies and business models have emerged in the cybersecurity space as the world embraced a remote work model where there’s no network perimeter and more applications and data are in the cloud than ever before. The funding landscape for cybersecurity startups has gone gangbusters this year, with 14 startups notching valuations in excess of $1 billion through the first four months of 2021 alone.  Secondly,the lack of a network perimeter in this new world accelerated the adoption of SASE (secure access service edge), zero trust and XDR (extended detection and response) to ensure remote users and their data are protected. 

The COVID-19 pandemic has accelerated the journey to zero-trust platforms as virtually the world’s entire workforce was shoved outside a defined network perimeter, forcing organizations to secure end users who are working remotely as well as fix anomalies and configuration issues revealed by the new approach.In light of the recent attack on the colonial pipeline, many countries have come forward to strengthen their network security.

Government of India is one of the largest digital ecosystems and the cyber-security budgets are still paltry. Indian government has increased the expenditure for the Indian digital programme by 23 percent to Rs 3958 crore for the year 2020-21.India’s cybersecurity services industry is projected to grow from $4.3 billion in 2020 to $7.6 billion in 2022.According to the Data Security Council of India, the size of the industry is expected to be $13.6 billion by 2025, with a growth rate of 21%.  This proposal is geared toward helping the cybersecurity ecosystem in India to grow stronger. MeitY has launched the Cyber Surakshit Bharat initiative which was in conjunction with the National e-Governance Division (NeGD). Even though India is faceing a critical cybersecurity risk with a dire need to improve the cybersecurity defences, it is taking small steps in improving the overall cybersecurity infrastructure. 

At the same time Private equity firms continue to eye the sector. Thoma Bravo has helped build many of the world's leading companies in applications, infrastructure and cybersecurity. Today, the private equity software portfolio includes 40+ companies that generate over $16 billions of annual revenue and employ over 50,000 colleagues around the world.

Meanwhile, analysts say Netskope and Menlo Security are among cloud security startups that could launch IPOs. Analysts say a new wave of startups seems to be taking share from industry incumbents. They include Illumio, Cybereason, Exabeam, Darktrace and iBoss.

Microsoft is clearly pitching itself as offering a full security suite, a competitive advantage as customers increasingly want a unified view of threats. Microsoft has disclosed that its cybersecurity revenues top $10 billion annually. Microsoft uses its own cybersecurity platform,  Windows Defender Advanced Threat Protection (ATP), for preventative protection, breach detection, automated investigation and response. With 400,000 customers, Microsoft's computer security franchise is growing at more than 40%, as per the company.

Further, CrowdStrike's initial public offering in June, 2019 raised $612 million, one of the largest cybersecurity offerings. CrowdStrike's rivals include VMware's Carbon Black, Palo Alto, FireEye and startup Cybereason. Private equity firms Blackstone and ClearSky recently invested $400 million in FireEye.

As the Computers are attacking us, software is attacking us. The only way forward is using artificial intelligence. Now the cyber security companies are using AI and ML and a specialized database to detect malware on laptops, mobile phones and other devices that access corporate networks. Machine learning has become a vital technology for cybersecurity.In addition, many software companies are using artificial intelligence to get a competitive edge.

Coronavirus Outbreak Boosted Demand For Cloud Security

Other cybersecurity firms with a sizable government business include Tenable Holdings, Rapid7 and CyberArk. Tenable in February acquired France-based Alsid, which focuses on identity access management.Rapid7 and Qualys specialize in vulnerability management services.

Gartner forecasts that the corporate computer security market will grow more than 10% on average annually through 2024 versus 3% growth for information technology department spending.As remote workers access company data via the internet, many businesses are setting up virtual private networks, or VPNs. Some are buying laptops with preinstalled security software.

However, industries hard hit by the coronavirus pandemic will spend less on security software. They include airlines, hotels, retail and restaurants. However, one view is that mergers and acquisitions will pick up.

Spending on security technologies has evolved as companies shift business workloads to cloud computing service providers. Amazon Web Services, part of Amazon.com is the biggest cloud services firm. Amazon looms as a potential rival as it builds more security tools into its cloud services.

In addition, Microsoft is integrating more security tools into its cloud-based Office 365 software. Microsoft competes with cybersecurity firms such as Proofpoint, Splunk, CrowdStrike, Okta, and startup Netskope. To slow down hackers, more companies are focusing on internal security threats though a strategy known as Zero Trust. The things are getting complicated as the state-sponsored hackers and cybersecurity firms are both using artificial intelligence to get an edge.

Zero Trust cybersecurity models focus on internal threats, such as hackers stealing someone's security credentials. Security firms verify the identity of network users and limit access to applications.

You may think the time is right to move into cybersecurity stocks but the Cybersecurity products are battling with Ransomware, Phishing and the enterprises are fighting with Cybersecurity stocks span a wide-range of products and services. In addition, some security vendors are shifting to software-based subscription business models from selling hardware appliances.

Let’s peep throughhow the OEMs are geared to secure industry with their various products and service offerings.

Rajeev Sreedhar, MD – India & SAARC, Infoblox

Infoblox’s BloxOne Threat Defense provides simple, ubiquitous protection for on-prem, cloud and hybrid networks from the network core

Measures to be taken for Cyber threats

The rise in remote work, branch offices, and IoT devices has led to the increased adoption of cloud-based applications, services, and infrastructure, and increased the challenge for enterprises. The growth of highly dispersed networks and the increased use of cloud have expanded the need to secure users and data located outside the four walls of headquarters, leaving organizations vulnerable to cyberthreats and highlighting the importance of end-to-end encryption.

In this network environment, organizations looking to protect themselves from cyberthreats need a solution that gives them visibility into their entire network. Without visibility into which devices are connecting to a network and where network traffic is going, network security professionals are working with one hand tied behind their back, forced to react to threats as they arise from unknown vectors instead of proactively managing threats before they cause damage.

BloxOne Threat Defense from Infoblox can provide this kind of visibility and security by enabling large organizations to secure and scale their networks to optimize the infrastructure for a cloud-first world. It provides simple, ubiquitous protection for on-prem, cloud and hybrid networks from the network core. It is a cloud-native, hybrid solution that uses the data generated by DDI to monitor network traffic, proactively identify threats and automatically inform security systems and branch office network managers, addressing security incidents with speed and efficiency in order to better protect data and mitigate the costs of an attack by catching the 90% of all malware that touches DNS to enter or exit the network.

Partner Network

Our channel partners are some of the most important components of our business, and we are proud to have partners on five continents. We are relentless in providing opportunities for our partners to succeed, through investment, enablement, and special incentive opportunities to help them deliver the networks of the future to the entire world.

In today’s cloud-first world, reaching the last mile has never been more important, and so we have stepped up our investments and innovation in our cloud-first BloxOne Platform--which comprises BloxOne DDI and BloxOne Threat Defense--to enable our partners to provide security and networking security services over the cloud, as services. Because the BloxOne platform is cloud-native, it offers cloud-managed deployment, requiring no new infrastructure to implement, and enabling customers to quickly and remotely secure and manage connected devices, whether at HQ, in a worker’s home, or in the middle of the ocean.

Microsoft security business driven by its unique approach

Rajiv Sodhi, Chief Operating Officer, Microsoft

Measures to be taken for Cyber threats

Security is a priority for organizations now, especially as organizations across industries are looking to transition from remote work to hybrid. But even as people begin to transition back to the office, we expect a future where hybrid work will be the norm. 

People are working on corporate networks and home networks and moving fluidly between business and personal activity online, thanks to technologies intertwined with both aspects of our daily routines. The growing sophistication of the threat landscape, coupled with the inflection point that is hybrid, is driving a sea change for the security industry.

Given Microsoft’s footprint across so many technologies, we are in a unique position to think holistically about the core aspects of security: stretching from identity and access management; through endpoint, email, and application security; to data loss prevention and into cloud security and SIEM. Across our platforms and services, we take in over 8 trillion security signals every 24 hours, which we then put to work on behalf of our customers. In 2020 alone, almost six billion malware threats were blocked on endpoints protected by Microsoft Defender.

What drives our security business is our unique approach, which enables organizations to adopt a Zero Trust architecture, while also reducing the complexity, cost, and risk created by stitching together point solutions.

Partner Network

With over 300,000 partners globally, our partners influence more than 95% of our commercial revenue, either directly or in partnership with us. In India, the ecosystem currently has more than 11,000 partners. Together, Microsoft and its partners are working toward the same goals: innovate and deliver new solutions and drive success and digital transformation for our customers. 

We have launched a co-selling program in 2017 under which partners, to date, have made $18.5 billion directly from co-selling their intellectual property (IP) with us. In the current fiscal year, our sales organization has shared and closed more than 166,000 co-sell opportunities with partners. It’s increasing its co-selling focus on small and midsize businesses this year.

The Microsoft Intelligent Security Association is a community of more than 175 partner companies who have created over 250 integrations with Microsoft products and services, helping organizations close the gaps between fragmented security solutions and minimize risk.

“Organisations in India need to shift from a traditional vulnerability management approach to one that is risk-based”

Kartik Shahani, Country Manager, Tenable India

Measures to be taken for Cyber threats  

Digital transformation and the work-from-home economy have converged and dramatically expanded the attack surface. To improve security in this expanded environment, organisations in India need to shift from a traditional vulnerability management approach to one that is risk-based. This will enable security teams to see and continuously assess the modern attack surface, predict which vulnerabilities pose the greatest business risk and act with confidence to effectively reduce risk. The ability to see, predict and act are foundational to stay ahead of cyber threats.

Best Practices

GPS is used by industries for critical navigation, control systems, and operational processes. This includes maritime, aviation, automotive, financial, telecommunications and defence industries. It serves as a mechanism to determine precise location and also as a critical, extremely accurate time reference.

GPS systems that are not properly secured are vulnerable to GPS jamming, spoofing, and cyberattacks. GPS location data should be monitored and benchmarked against other navigational data. In situations where extremely precise time is required, accurate backup time devices should be implemented. These two simple countermeasures will mitigate attacks against GPS navigation and time data or loss of signal. In addition, security teams require full visibility and real-time accounting of what is on the network – such as GPS time servers and protection devices to be able to detect and thwart threats. Cellular networks and many industrial processes use GPS for time synchronisation. Many operational technology (OT) plants have their own GPS receivers to run local instances of NTP (network time protocol). Time synchronisation is critical for industrial processes where certain functions must take place at precisely the right time for the operations to run properly. The best practice would be to use at least two of the four globally available satellite navigation-based time sources for redundancy. That way, if one source of time malfunctions, industrial plants can rely on the remaining sources for accurate time. In the event all GPS signals are disrupted, a high precision backup clock can be used.

Partner Network

Tenable has integrations with a variety of security and IT operations technology partners as part of its Cyber Exposure ecosystem. Alongside our ecosystem partners, we have the world’s richest set of Cyber Exposure data to analyse, gain context and take decisive action to better understand and reduce cyber risk. We collaborate with leading security technology resellers, distributors and ecosystem partners worldwide.

The most effective way to ensure privacy and security is by implementing a ‘security by design’ approach

Sanjay Manohar, Managing Director,  McAfee Enterprise India

Measures to be taken for Cyber threats  

Enterprise threats are growing in volume and sophistication, while rapidly targeting new vulnerabilities. Security practices must not only be established but updated and followed to safeguard against these agile, versatile threats.

There is a critical need to maintain an edge over cybercriminals and ensuring security teams are equipped to anticipate and outwit their next move. By adopting an active hunting approach, enterprises can develop an operational cycle to plan, execute, and review intelligence-driven activities, strengthen defences and stay one step ahead. There is a need for the cybersecurity framework to evolve towards deployment of a sustainable, proactive approach to adapt intelligently, and rapidly as and when advanced threat forms are identified. This progression mandates that CISOs transform their mindset, that has been traditionally focused on the prevention portion of the ‘prevent-detect-correct’ threat defence lifecycle to a balanced focus on detection and correction approach.

From an industry point of view, implementing a ‘security by design’ approach is the one of the most effective ways to ensure privacy and security. This ensures that data protection strategies are well incorporated into the technology, at the design stage. This allows the product or service to accept new technologies as threats evolve as well as work together with other systems as a cohesive defence.

Solutions for sophisticated attacks

Online threats are growing at a pace unprecedented, with McAfee Labs observing an average of 588 malware threats per minute. This makes it difficult for legacy threat detection systems to monitor threat behaviour and detect new malicious code. One of the biggest challenges of AI is that it is a two-way street - if security teams use AI to prevent cyberattacks, the attackers too use AI to conceal or dispense more effective attacks.

Last month, we released a substantial expansion to our XDR platform aimed at proactively stopping targeted attacks. This expansion of our MVISION extended detection and response (XDR) solution by correlating with its endpoint security solution, Secure Access Service Edge (SASE), and our threat intelligence solution powered by MVISION Insights. Our objective is to protect organisations against threats while making security operations from device to cloud easier. Our solution combines machine learning techniques with human analysis across complex threat campaigns using AI-guided investigations. This delivers end-to-end threat visibility across all attack surfaces, using automation to streamline operations, so enterprises can foresee an attack and not scuffle to contain a breach.

“Security should be built into the IT Infrastructure and applications, not bolted on”

Harshavardhan Kathaley, Director, Channel Sales (India & SAARC), Juniper Networks

Measures to be taken for Cyber threats

Situational awareness is the most important subject of interest for any Chief Security Officer (CSO) today. This is a very broad scope here but if any organization reaches a state of full visibility and proactive security landscape awareness, then they have won half the battle. The other half is about how well the organization responds.  

This is where I would reiterate the importance of an organization working as one. The responsibility to safeguard against cyber threats cannot be just owned by the security team. The discipline to be alert, preventative measures, and ability to thwart threats is a cultural goal that organizations should aspire to achieve.

Security should be built into the IT Infrastructure and applications, not bolted on. Different devices of the network should be able to talk to each other and act together to fight against cyber threats.
Solutions for sophisticated attacks

It is a fact that lot of development in machine learning (ML), AI and crowd sourced data utilization happens in the dark web. As security solution providers, we are constantly challenged by these attackers which drives innovation to be able to beat them.  Our success is how we could be a step ahead of them. Some of our best work also happens in this space.

•    Case in point is the Juniper Advanced Threat Prevention (ATP) solution. We have built one of the best ML based ATP system that combines the best of what Juniper had in its Cloud ATP offering and the cutting-edge solution we inherited from our acquisition of Cyphort. Juniper Sky ATP solution can provide protection against the day-zero malware attacks which are primary source of security concern these days.

•    The Juniper Mist AI Engine is widely considered as the flag bearer of the AI Revolution that is taking over the network & security Space. Our goal is to integrate all our Enterprise solutions under the Mist AI Umbrella and when that happens the possibilities are limitless.

•    Zero-trust security policy can be a good option to protect the organization against such coordinated attacks. The acquisition of 128Technology by Juniper empowered us with Session Smart Routing based SD-WAN solution, which is built on zero-trust security policy.

Juniper Connected Security solution can help organizations to protect against such coordinated attack.

Partner Network

We have extensive coverage across the various geographies through our own team, partner network and distributors catering to customers in various industry verticals and segments from Service Providers and Telcos to Large and Medium enterprise customer.

“Our customers globally are using SAFE to objectively measure their cyber risk posture across the enterprise”

Rahul Tyagi, Co-founder, Safe Security

Measures to be taken for Cyber threats

Firstly, we need to understand why we are seeing so many cyber threats globally, and not just in India. The COVID-19 pandemic has accelerated digital transformation plans for businesses, significantly increased cloud adoption and has forced companies to adopt a new way of working - from home. With this context in mind, hackers have exploited the lack of preparedness of most companies when it comes to cybersecurity, as security and risk management leaders globally face new security challenges because of the present economic and business environments.

Moreover, businesses today continue to use traditional forms of cybersecurity to defend against cyberattacks. Traditional forms of cybersecurity only give a sense of security without showing an enterprise wide, real-time risk posture. This is where we are seeing the increased adoption of Digital Business Risk Quantification platforms such as SAFE. Our customers globally are using SAFE to objectively measure their cyber risk posture across the enterprise in real-time, and know their Breach Likelihood and stay a step ahead of cybercriminals. 

Solutions for sophisticated attacks 

Every organization generates and manages data across three key areas - people, process, technology and third parties.  SAFE is an API first, machine learning enabled SaaS platform that aggregates automated signals across people, process, and technology, both for first and third party to dynamically predict the Breach Likelihood of the organization and the dollar value impact a hack can have. 

Partner Network 

We are actively working with Distributors, Channel Partners and System Integrators across the APAC, Europe and US region and are expanding our reach aggressively. Our product is a SaaS solution and truly enables our partners to become trusted advisors for their customers rather than being box sellers. 

Channel Empowerment 

We began our journey with direct evangelical sales, but are now completely a channel driven organization. We really need partners to scale. Our product is a very senior level sale. This opens up the opportunity for partners to be more relevant, and meshes well with their own services. 

We provide extensive technical training and empower our channel partners to have the right conversations with their customers to truly bring value rather than being a box seller. We are pioneers of a completely new category of products in cybersecurity - Digital Business Risk Quantification and it enables customers for the first time, to see an enterprise wide risk posture in real-time and the financial impact if a hack occurs. This brings a lot of opportunities for our partners as we grow and expand the market.

“Forescout solution actively defends the Enterprise of Things at scale”

Surojit Dasgupta, Channel Director, India & Saarc, Forescout Technologies Inc.

Measures to be taken for Cyber threats  

The modern enterprise is an Enterprise of Things. The Enterprise of Things (EoT) is comprised of PCs, mobile systems, cloud workloads and other traditional endpoints, as well as non-traditional IoT and OT devices that cannot be discovered or managed by agent-based solutions. Many EoT systems are not company-owned or managed and, increasingly, they reside beyond the corporate perimeter. Forescout is the only solution that actively defends the Enterprise of Things at scale. Forescout delivers the only solution that actively defends enterprises by continuously identifying, segmenting and enforcing compliance of every connected thing. Forescout provides continuous adaptive protection based on real-time, cloud-scale risk analysis leveraging an extensive enterprise customer base combined with robust external data sources. Our Vision is “The Enterprise of Things. Secured.”

Solutions for sophisticated attacks

Our latest product innovations help accelerate Zero Trust adoption, enable IT-OT convergence, reduce threat exposure and contain breach impact. We had announced updates to eyeSegment and eyeInspect (formerly SilentDefense). We are also enhancing segmentation enforcement capabilities for organizations embracing IT-OT convergence via our eyeExtend modules.

Partner Network

Forescout works through a model of Value Added Distributors and Partners. We have three tiers of partnership namely Platinum, Gold and Silver. Each tier of partnerships have a revenue commitment along with sales and technical enablement and certifications guidelines to maintain the partnership level every year. We also have service delivery partners who have the highest level of certifications to ensure very smooth deployments which ensures customer satisfaction. With the network of our VADs and Partners we cater to almost the entire length and breadth of India along with our major Saarc territories of Sri Lanka, Bangladesh and Nepal.

Channel Empowerment

Enablement is a key pillar in our channel program. We have two dedicated Channel enablement specialist across our APAC territories who spend almost all their time working with partners on their enablement needs and delivering certification trainings. Before the Covid Pandemic we had multiple in person training session  every quarter across the country for partner enablement . In the last one year of the pandemic we could not have any in person trainings but very very grateful to our channel community for always being in full attendance for all the virtual sessions we hosted.

Empowering security team with capabilities - The need of the hour

Sandip Panda, CEO, InstaSafe Technologies

Measures to be taken for Cyber threats  

Cybersecurity experts and CISOs in an organisation are often asked the same question over and over: How do we stay ahead of these attacks? The answer is simple: Experiment.Educate. Empower.

•    Cybersecurity as a business unit thrives on stagnancy. Companies and security teams tend to rely on old school methodologies and technologies when it comes to securing their networks. They are often resistant to new technology adoption and innovation, without realising that their nemeses are using all forms of neoteric interventions to break through their systems. In this scenario, it becomes critical for companies to experiment and adopt innovative technologies, and realise the fitment of these technologies with modern network needs.

•    No matter how many measures and defenses you put forth, the human element in cyberthreats is always an intimidating presence, and will continue to be so. Attacks driven by human error lead the pack when it comes to cyber incidents. And the same happens because of a singular reason: Lack of Investment in Cybersecurity Hygiene training. Educating and Training the end-users on security awareness so they can understand when a suspicious activity takes place, can potentially lead to millions of dollars saved on threat detection and response.

•    Without the presence of monitoring technologies that lend visibility across the network spectrum, security teams are left powerless, and are unable to fend off attacks. The need of the hour is to empower security teams with capabilities to monitor network and user activity, which can help them in realtime identification of threat vectors

Solutions for sophisticated attacks

Machine Learning attacks of this type often use a singular layer of protection. Once a set of credentials is compromised, attackers gain access to your network. But what if enterprises start using and implementing a system of continuous authentication and authorisation that leverages machine learning to assess the risk associated with every request for access, and limits access based on the privilege of the user? We end up with a system that trusts absolutely no one by default, and hides your entire network from the public cloud, granting restricted access only after a comprehensive process of pre authorisation and authentication. Essentially, InstaSafe’s Zero Trust Solutions endeavour to emulate these security principles. By securing all applications, whether hosted on the cloud, or on premise, with a robust security setup that individually assesses every request for access, and grants least privilege application access on a need to know basis, InstaSafe serves to minimise the attack surface that can be exploited by hackers.

F5 believes its partners need to be constantly reinventing themselves to make sure they handle enterprise-grade, complex projects

Dhananjay Ganjoo, MD - India, SAARC, F5

Measures to be taken for Cyber threats

Today, our world looks vastly different. The pervasiveness of the Internet, the ubiquity of mobile devices, the rise of social media, and dramatic shifts in web and cloud-based technology have changed, everything about the way we live, work and do business. Applications are at the heart of this ever-changing landscape; they power almost everything we do, and they are everywhere now. In addition to leveraging threat intelligence, there are a few key areas to concentrate on that will dramatically improve your security program and risk mitigation measures. Train Everyone from Administrative Staff to the Board: - Everyone is responsible for security, and awareness training makes everyone more alert. Train your users aggressively to recognize and avoid spear-phishing attempts. Help them understand the importance of proper password management (and the risks associated with not doing so) and provide tools such as Password Safes. 

Understand Hackers Motivations Targets and Tactics: - They range from unskilled newcomers who are only interested in wreaking havoc to those who are motivated by social and political agendas. The vast majority of today's hackers, on the other hand, are cybercriminals motivated solely by monetary gain. And, despite their reputation for perpetuating sophisticated schemes, many of their methods are decidedly unsophisticated. They eventually take the path of least resistance the easy targets and why should not they when so many organizations make it so easy for them.

Have a DDOS Strategy :- The DDoS attack landscape has rapidly shifted from complex, expensive attacks launched only against high-value targets, to low-cost bots with plug-and-play attacks, to the new reality of IoT botnets that are simple to build and capable of launching terabyte-per-second attacks.

Channel Empowerment

F5 plays an important role in helping enterprises address the issues related to application performance, infrastructure scalability, and data centre security. Our programs are designed to build a robust ecosystem of partners and distributors capable of building profitable businesses around F5’s capability. With different consumption models on offer, a massive uptick in software/cloud-based deployments and the increased relevance of application security in today’s digital environment, F5 believes that its partners need to be constantly reinventing themselves to ensure that they have the required skills to be able to handle enterprise-grade, complex projects. With so many technologies to offer, F5 encourages its partners to focus on New Logo acquisition while ensuring that partners continue to invest in building skill sets that enable them to configure and troubleshoot. Not only are partners appropriately rewarded monetarily, but the program also helps build highly profitable recurring services revenue which adds to the bottom-line of the organization. Also, each partner qualifies for the Unity + program based on revenue, competencies, and Demand Generation.

Vehere’s solution takes advantage of both AI/ML and, policy-based automation to deliver actionable insights 

Praveen Jaiswal, Founder & Director, Vehere

Measures to be taken for Cyber threats

Businesses must understand that for them to stay ahead of cyber-threats, there is a pertinent need to have a clarity on the exposure first. The knowledge allows them to prioritize risk assessment and treatment plans. Anything that is out of this fundamental cycle is like jumping the queue and the more queues you jump, more gaps open up. Always follow the exposure and workflows to gain insights into your risks.

Solutions for sophisticated attacks

Attacks using AI/ML are real. Data-poisoning is a good example that corrupts the baseline being built by ML tools thereby allowing the attacker to have a free run. It is therefore important to have a hybrid approach – a combination of AI/ML to discover true unknowns and, an effective situational awareness – knowing the normal from deviations. Vehere’s solution leverage both AI/ML and, policy-based automation to deliver actionable insights from situational awareness. Since network is the conduit that carries data, listening to the network provides comprehensive visibility into exposure, assets and, entities – something best suited when you are dealing with connected devices. Using statistical anomaly detection techniques, you can observe changing behaviour of these entities and consequentially risk arising out of the changing patterns.

Best Practices

Organizations using fleet management need to ensure that the transmission of data is secure and tamper proof. Cryptography is and must be employed for such information exchange. In addition to that, heuristics and analytics should be employed to detect presence of rogue actor.

Partner Network

Vehere partners with major Systems Integrator and has a network of reseller and support partners in the country. Our products use standards-based integration with technologies deployed in the enterprise to enable faster response and, deliver a compelling value to the buyers. With two distributors supporting the partner network, we have managed to reach all corners of the country. 

Channel Empowerment

Vehere’s is a Channel’s First strategy. We assist them to identify market needs, industries based on their core strengths and, support their endeavours in creating the right buzz for their audience. In a nutshell, it is all about giving our channel better tools to communicate the right message and build simpler products to sell. We want to be known as a full security platform company with a hub and spoke model. Also, continue to build channel leverage and new customer momentum.
A channel specific discount structure and empowering them to qualify opportunity, perform proof of valve (POV) trials.

“The need of the hour is an integrated platform using machine learning and AI to lift the burden off cybersecurity teams”

Harpreet Bhatia, Director, Channels and Strategic Alliances - India and SAARC, Palo Alto Networks

Measures to be taken for Cyber threats  

At Palo Alto Networks, we are walking the talk by fully leveraging our own cloud-delivered network security product, Prisma Access, to securely connect all employees to the applications they need. Based on a cloud-native implementation, we have recently also introduced Enterprise Data Loss Prevention (DLP)—a cloud-delivered service that brings a fresh, simple and modern approach to data protection, privacy and compliance.

We have also transitioned our internal Security Operations Center (SOC) to a remote model in which all our analysts are working from home—the SOC is fully operational and continues to monitor for threats as our own user population shifts to remote work via Prisma Access.

Solutions for sophisticated attacks

The biggest risk in cybersecurity today is that organisations cannot keep up with the amount of work it takes to be secure. The people on cybersecurity teams in today's enterprises are overloaded as they are manually responding to sophisticated and advanced attacks mounted by an adversary (hackers) using machine learning algorithms to scale attacks that can only be prevented by comparable techniques using AI and ML. 

In this sophisticated threat landscape, one cannot be reactive. In fact, one must be proactive as well as predictive at the same time. The need of the hour is an integrated platform using machine learning and AI to lift the burden off cybersecurity teams. Using AI, the frequently observed threat data and multiple threat feeds can be automated and left to ML algorithms which can decipher attack patterns, leaving the cybersecurity teams to spend time on advanced threat hunting. Our network perimeters are typically well-protected, and organisations have the tools and technologies in place to identify threats and react to them in real-time within their network environments.

The cloud, however, is a completely different story. There is no established model for cloud security. The good news is that there is no big deployment of legacy security solutions in the cloud. This means organisations still have a chance to get it right. We can fix how to access the cloud and manage security operations centers (SOCs) to maximise ML and AI for prevention, detection, response and recovery. With an integrated platform, organizations can still use a wide range of tools, but they can coordinate them, manage them centrally, eliminate silos and ensure that all across the organisation, they are fighting machines with machines, software with software. 

Only with an integrated platform can cybersecurity teams leverage automation to rapidly monitor, investigate and respond across multi-cloud environments and distributed networks that encompass users and devices around the globe.

Sophos’s wide range of products and services keep its customers ahead of adversaries

Sunil Sharma, Managing Director – Sales, Sophos India and SAARC

Measures to be taken for Cyber threats  

The Sophos 2021 Threat Report flags how ransomware and attacker behaviours, from advanced to entry level, will shape the threat landscape and IT security in 2021. To defend against these attack trends, organizations need to have three main pillars in their cybersecurity:

1)    Next-gen security solutions that provide layered security to prevent threats and unwanted software from infecting their devices and networks
2)    A managed service that continuously monitors environments for organizations that don't have a security team
3)    Cybersecurity awareness within organizations (i.e., phishing awareness training)

Solutions for sophisticated attacks

Sophos has a broad portfolio of products and services to protect our customers from all kinds of cyberattacks ranging from mass attacks to the targeted ones. We have expanded synchronized security, where security solutions share threat intelligence and act as a system, to our whole portfolio. We have taken it to the next level with Sophos Adaptive Cybersecurity Ecosystem (ACE). ACE is an ecosystem of Sophos and non-Sophos products that feeds information into a data lake. This entire ecosystem helps us to detect suspicious behaviours and incidents faster and respond automatically with the help of AI. 

We have a next generation endpoint protection product called Sophos Intercept X and an Endpoint Detection and Response product called Sophos Intercept X with EDR, used by advanced threat hunters to do security operations. We also offer Managed Threat and Response (MTR), which is our threat hunting service for organizations that don’t have threat hunting capabilities. Under this service, our security practitioners will monitor customer environment 24/7 and take actions to neutralize threats.

We have an emergency incident response service called Rapid Response, aimed at customers hit with an attack to help them get through the incident and minimize damage. We have just released a new next-gen firewall dubbed XGS to inspect encrypted traffic on the network security side. Cybercriminals are using TLS encryption to hide their malware, and we have precise capabilities to inspect this traffic at wire speed, which is something most firewalls can’t do. 

There are a range of exciting products and services at Sophos to keep our customers ahead of adversaries. 

CyberArk encourages organizations to adopt an ‘assume breach’ mentality 

Rohan Vaidya, Regional Director of Sales – India, CyberArk

Measures to be taken for Cyber threats

Successfully staying a step ahead of attackers means adopting a strategy in advance that recognises that breaches are inevitable and will affect your organisation at some point. At CyberArk we encourage organisations to adopt an ‘assume breach’ mentality. 

We advise that customers identify what is most valuable to their organisation, then put in place privileged controls that help contain attackers - when they have entered your network - from accessing and compromising what is most valuable to the organisation.

Channel Empowerment

Today’s security and compliance environment is complex, and no single vendor can solve the entire problem. CyberArk take a competency-based approach to help ensure partners are empowered and, in turn, customers are successful using our Identity Security platform to take on today’s threat environment. 

We have created dedicated training paths and certifications for both sales and technical engineers, addressing all aspects of the buying cycle. Training types include self-paced online learning, virtual classroom and face-to-face classroom training. 

Our services organisation offers a combination of technology and cyber security expertise to support partner implementations, and a broad set of tools and support are offered to partners to build demand and help create differentiation in the market.

“Check Point provides customers of all sizes with the latest security solutions across the data center, edge and cloud”

Manish Alshi, Head of Channels and Growth Technologies, India and SAARC, Check Point Software Technologies

Measures to be taken for Cyber threats

•    Adopt real time prevention rather than just adopt a detection approach: Vaccination is better than treatment – even when it comes to cyber security. Real-time prevention of threats, before they can infiltrate the network, is the key to blocking future attacks.

•    Secure your everything: The “new normal” requires organizations to revisit and check the security level and relevance of their network’s infrastructures, processes, compliance of connected mobile and PC devices, IoT etc. The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers and serverless applications on multi and hybrid cloud environments.

•    Boosting visibility makes a huge difference: So many changes in the company’s infrastructure present a unique opportunity to check security investments. The highest level of visibility, reached through consolidation, will guarantee the best effectiveness.

•    Cybersecurity cannot be reactive or incident driven - rather there has to be a proactive focus towards security.

•    Recognize that cybersecurity is the responsibility of everyone within the organization, from the CEO down to the employees. It is not just an issue for the CIO or CISO to solve.

Partner Network

Check Point has a vibrant channel ecosystem across the country. Our main goal is to continue evolving our partner network, so as to maximize reach and serve our customers better. In addition, we are always looking to diversify our partnerships by collaborating with partners who specialize in integration, cloud, pure play cyber security, managed services, etc. At Check Point, we strongly feel that there is tremendous opportunity working with partners whose competencies include selling advanced technologies or developing new market segments.

Check Point provides customers of all sizes with the latest security solutions across the data center, edge and cloud via an integrated next generation threat prevention platform, reducing complexity and lowering the total cost of ownership. CheckMe is a fast security assessment tool our partners can run in their customer environments within a minute for network, cloud endpoint or mobile and show customers the potential threats within their environment. Security checkup is an advanced assessment tool that brings up the actual threats and security events that have happened on the customer’s environment over a period of 1-2 weeks.

Our user-friendly mobile application, “Check Point Engage 2.0” empowers our partners to be the best trained and most growth-oriented channel they can be, so that they can be the ultimate trusted advisor to their customers. Engage allows our partners to master our solutions, prepare for their meetings and grow their business with all of the Engage 2.0 features such as direct access to Check Point experts, sales enablement resources, customer insights, and real-time updates - anytime, anywhere.

“VSP enforces runtime protection across the web, host and memory for a zero-trust approach”

Bobby Gupta, SVP & MD-International Business, Virsec

Measures to be taken for Cyber threats  

Fundamentally, conventional security tries to solve yesterday’s problem such as protecting the perimeter, identifying known attacks, and relying on patching to cure all ills. With the explosion of cloud deployments, mobile apps, and virtual infrastructure, a mindset focused on the perimeter and the user remains dangerously obsolete.

Proficient attackers are increasingly finding it easier to bypass conventional security tools to target undefended blind spots, attacking critical application runtime elements, and at the memory level. Runtime has become the new security battleground, yet most of our defences have no visibility or control across the runtime infrastructure. Hence, in order to stay ahead of the curve, Enterprise organizations concerned about “Zero trust” need to focus security on protecting Runtime as Application/Server Workloads execute. Virsec Security Platform (VSP) enforces runtime protection across the web, host and memory for a zero-trust approach thus ensuring that applications never get derailed, regardless of threats, vulnerabilities, or patch status.  
Solutions for sophisticated attacks.

Virsec Security Platform is designed to provide continuous application-aware workload protection at runtime from the inside without prior knowledge, which AI and ML based tools tend to miss.  It stops common and zero-day attacks at the earliest point in the threat cycle no matter how they manifest thus preventing exploits from metastasizing and exerting damage downstream.

Here's how VSP stops advanced attacks:

Accurate, Practical, and Effective Approach: Unlike other solutions that depend on behavioural and heuristics rules for detecting attacks, VSP relies on a deterministic app-centric approach for detecting and protecting against advanced cyberattacks with no tuning, no noise, and no signatures.

Complete Runtime Visibility: VSP maintains full awareness across the application stack covering all software elements (files, scripts libraries) used during execution as it relates to   web, host, memory, and container images, Application Awareness: With patented AppMap technology, VSP maps all elements and what applications are allowed to do and stop deviations instantly before any damage occurs to ensure zero dwell-time and control flow integrity across all applications and components. Comprehensive Protection: VSP is designed to safeguard applications, including COTS, customs, legacy, third-party, SCADA, within all environments including on-premise, virtual, hybrid, cloud, & containers. Advanced Ransomware Protection: VSP precisely detects complex, never seen ransomware attacks upon the first insurgency within milliseconds and instantly executes protective actions that stop attacks and prevent any disruption or data theft.

Comprehensive Supply Chain Protection: With VSP, you can effectively prevent highly sophisticated supply-chain attacks from exploiting application runtime and memory to ensure malicious code never executes, and without isolating or unplugging the system until the patches are available. Virsec’s app-aware workload protection uniquely enables Zero Trust runtime protection against sophisticated attacks.

Skybox Security platform collectively visualises and analyses hybrid and multi-cloud environments

Shantanu Srivastava, Vice President, Sales - APAC, Skybox Security

Measures to be taken for Cyber threats  

The threat landscape is continuously expanding and evolving. An important first step is to understand your unique threat landscape. A network model approach enables enterprises to walk the path of a potential breach. With attack simulation and exposure analysis, it is possible to remediate attack vectors ahead of an incident proactively.

Solutions for sophisticated attacks

Skybox Security is the only platform that collectively visualises and analyses hybrid and multi-cloud environments to provide full context and understanding of the attack surface. We can identify the most critical vulnerabilities by running attack simulations and correlating our in-house threat intelligence to highlight business-critical risks.

Our unique vulnerability and policy management capabilities help organizations establish mature, consistent, and enterprise-wide security posture management programs. Over 500 of the largest and most security-conscious enterprises in the world rely on Skybox for the insights and assurance required to stay ahead of their dynamically changing attack surface.

Partner Network

Skybox Security integrates with over 150 solutions that range from on-premise network devices to hybrid cloud environments. Skybox also integrates with IT/OT partners, ingesting their vulnerabilities to highlight business risks across complex environments. We are one of those very few cybersecurity vendors who have such a high technology integration coverage. Our threat intelligence feed is a unique differentiator, and we have alliances with bodies such as NIST and NVDs to highlight critical risks.

Channel Empowerment

Channel partners are critical to Skybox’s overall strategic mission to achieve business growth. One of the best ways to achieve that growth is for a concerted and focused strategy with critical partners. We are constantly working with our partners’ goals in mind. We strive to be the cybersecurity industry’s easiest and most valued company to partner with. 

Cyble aids organizations in building stronger resilience to cyber breaches and hacks

Mandar Patil,  VP - International Market and Customer Success, Cyble

Measures to be taken for Cyber threats

With cybercrime evolving and growing in sophistication, the first step towards having a security roadmap is acknowledging that no organization, big or small, is immune to cyberattacks. Along with the rampant rise in data breaches across the world, a large volume of criminal transactions, including the sale of breach data, are taking place through darkweb marketplaces and cybercrime forums. We strongly recommend the incorporation of cybercrime and darkweb risk assessment in your cybersecurity strategic plan.

Cyble is a Y Combinator-backed global cybersecurity company specializing in providing advanced intelligence on threats at the earliest stages. Our Darkweb monitoring and Cybercrime Intelligence capabilities are proven to enable organizations make well-informed security decisions based on our evidence-based knowledge on threat actors and their techniques, along with indicators of compromise in the organization’s security infrastructure.

Solutions for sophisticated attacks

With more and more data entering the darkweb for sale, Cyble strives to help its clients detect and identify their exposure in the darkweb. Our proprietary SaaS platform, Cyble Vision empowers organizations with a 360-degree visibility of their threat landscape. With more than 150B+ darkweb records, 15B+ OSINT records, and 80% visibility into cybercrime markets, we aid organizations in building stronger resilience to cyber breaches and hacks.

Those worried about their sensitive data making their way into the darkweb can use our AmIBreached app to get faster and greater visibility of their exposed credentials and personal information that threaten the security of their accounts. With AmIBreached.com or the app, individuals can scan through 150 B+ darkweb repositories to detect and investigate potential identity thefts and frauds.

Partner Network

Our partners serve as the bridge to our diverse and widespread customers across the country. At Cyble, we rely on our reputable channel partners who are fully invested in our product along with the aims and objectives of our customers. Cyble’s channel ecosystem comprises Global Systems Integrators (GSI), National Security Integrators (NSI), Value-Added Partners (VAP), and Managed Security Service Providers (MSSPs). In order to reach the last mile, ie. our customers, we direct a considerable amount of our efforts at strengthening our partner ecosystem and aiding them with the tools and strategies to perform better. This is done by frequently engaging with our partner ecosystem to decipher and address the challenges they face.

Zero-trust model for application access enables organizations to shift away from relying on traditional VPN tunnels to secure assets being accessed remotely

Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet

Measures to be taken for Cyber threats

The massive shift to remote work and a continually expanding attack surface has made the concept of perimeter-based security naïve at best and dangerous at worst. The major trends and factors of the past year include the erosion of barriers between corporate and home offices and the expansion of targets. In today’s work-from-home world, organizations need to find ways to give users secure access to the network and applications so they can do their jobs without compromising security. 

Using the zero-trust model for application access or zero-trust network access (ZTNA), makes it possible for organizations to shift away from only relying on traditional virtual private network (VPN) tunnels to secure assets being accessed remotely. A VPN often provides unrestricted access to the network, which can allow compromised users or malware to move laterally across the network seeking resources to exploit. 

With Zero Trust Network Access (ZTNA), access is only granted to network resources on a policy-based, per-session basis to individuals and applications after devices and users have been authenticated and verified. The system applies this policy equally whether users are on or off the network. So, you have the same zero trust protections no matter from where a user is connecting.

Solutions for sophisticated attacks

FortiGuard Labs goes on the threat hunt every day, not just to react to existing threats, but to get ahead of the curve and research everything from the latest targets to following recent attacks campaigns. It is interesting to note as well that there has been a lot of information disclosure that could have consequences. People are going to public, open-source platforms with samples of emails or other information because they believe they are being targeted. While those people may have good intentions, cybercriminals can get access to that information and use it to launch spear phishing attacks. Some of the information people upload can also contain sensitive corporate information and personal identifiable information (P.I.I.), which really leaves no work for cybercriminals other than downloading the documents and public information that has been shared with the forum.

For organizations it is important to work collaboratively to respond to events and trust is also a key solution. The zero trust model is super important here, as operating on a zero trust model significantly scales down the room for cybercriminals to enter. This solution was paramount during the shift to telework and should be carried through for the shift to hybrid work, or work from anywhere.

“Our core expertise is analysing files and URLs, delivered typically via email, as if they are being viewed by the victim”

Gaurav Chawla, Business Development Manager - APAC, VMRay

Measures to be taken for Cyber threats  

Clearly understanding where the enterprise is most vulnerable is key to preventing cyber incidents and staying ahead of attackers. Cybersecurity is not static – organizations need to conduct regular security audits, assess the discovered risks to provide the appropriate level of protection, and fine-tune their security programs accordingly. Having a multi-layered security approach is more important than ever. You will need to put in place the right balance of defensive, detection and responsive measures. Integrate the security environment tightly to avoid blind spots and implement process automation at every possible stage of your security concept to allow your security teams to concentrate on critical tasks.

Solutions for sophisticated attacks

Cyber criminals are indeed using more sophisticated toolset. This is mainly true to phishing attacks which is responsible for the vast majority of malware infections. We are seeing ML and AI being used to make email attacks look more realistic, and thus trick users to open malware attachments and click on malicious links. The irony is that these types of attacks are harder to detect by ML and AI, which are considered the emerging detection technologies, because these technologies are focusing on the delivery method and not on the payload. This is like fighting fire with fire. Luckily, the VMRay threat analysis and detection technology is agnostic to the way attacks are delivered. Instead, we are focused on the “malicious payload”, i.e. the actual code that harms the user. Our core expertise is analysing files and URLs, delivered typically via email, as if they are being viewed by the victim. This concept also known as “sandboxing”. However, existing sandbox solutions are becoming less effective to detect more advanced threats, because these have learned to differentiate between a real user and a sandbox. Based on many years of research, VMRay uses a unique technology that makes it impossible for threats to know that they are being analysed by our sandbox. If a malicious payload is delivered via the email, we will detect it.

Partner Network

We have established our regional presence in mid-2020 and are building up our 2-tier channel across the region to support our quickly growing number of customers. VMRay has already developed an extensive partner networks to support regional market requirement through recruitments of Distributor, VAR’s, Global System Integrators, Regional Technology partners, Consulting organizations. As a provider of leading-edge technologies for advanced malware detection and analysis, we are adding partners with extensive experience in SOC and Incident Response.

"Accops’s unique methods of implementation of ZTA principles ensure that a majority of the threat landscape becomes irrelevant and attack surface gets reduced”

Nandan Bhatkal, VP - Enterprise Solutions, Accops Systems

Measures to be taken for Cyber threats

Have a security strategy and architecture consistent with the lay of the land of your company. Map the threat landscape and attack surface. Keep all systems and platforms patched and under control. Apply Zero Trust Architecture (ZTA) principles to every device, every network, and every application both internal and external to your company with principles of least privilege and least access strictly on a need to have or know basis. Do not expose your internal network and applications directly to the internet, as the perimeter of the company is now beyond the firewalls. Apply ZTA principles inside the corporate network as well. 

Solutions for sophisticated attacks 

Solution based on sound ZTA principles gives total control over who accesses what, how, when and from where. ZTA also addresses the question of why does a user or application need to access a specific resource or an application. Accops’s unique methods of implementation of ZTA principles ensure that a majority of the threat landscape becomes irrelevant and attack surface gets reduced. Such leakage of user data does not pose a risk to business systems as Accops’ ZTA implementation reduces the risks.

Best Practices 

Accops’ ZTA principles apply to the geolocation of user and device. Any workflow automation should also consider the geolocation and act accordingly. When geolocation is not made visible, it's always better to err on the side of caution and grant no or least privileges and flag off for anomalies and outlier events for further investigation.

Partner Network

Our distribution network is across all geographies. Accops is all about secure remote access and last-mile connectivity. Accops makes it possible for your most complex and legacy applications to be available on all form factors like tablets, smartphones, laptops, desktops and reach the last mile over any network at any geolocation, and still retain control and governance within the organization.

Channel Empowerment 

It is all about people. We recognize that the technology space is very crowded and the sales force is hard-pressed for intellectual bandwidth to address the client’s most relevant business problems with the most apt and relevant technology solution. We make the problem solving simple for the salesforce in the channels by offering extensive training about our product technology as well as sales techniques to empower our partners towards success.

“By leveraging Mandiant’s scalable detection and response capabilities, CISOs can streamline operations and concentrate resources”

Shrikant Shitole, Vice President, India & SAARC, FireEye

Solutions for sophisticated attacks      

When it comes to cyber security, many organizations remain reactive. Cyber security becomes a top priority only when a breach occurs, or critical threat risks are discovered during an audit. This approach also means that organizations are not prepared when new attack campaigns emerge or when adversaries suddenly change their attack strategy.

With Mandiant Advantage: Threat Intelligence, we are setting a new standard, a game changer - changing how organizations are able to identify and confirm relevant cyber security threats. The new platform gives you access to comprehensive threat data and intelligence into current, past and possible future threat activity.

As the first intelligence offering available on the Mandiant Advantage platform, only Mandiant Advantage: Threat Intelligence is able to inform organizations what threat actors are active, what tactics they use, what their motivations are, when they are operational, and which malware arsenal they deploy. The solution scales across all security stakeholders in the enterprise from security planning to operations helping them to better prepare, uncover and deflect attacks with their existing tools.

We are able to do this by giving organizations direct access to expert optimized breach intelligence data cultivated from multiple frontlines of cyber security this includes more than 300 intelligence analysts and researchers in 26 countries and 200,000 hours responding to breaches by the Mandiant incident response team in the last year alone.

We are providing organizations with a new level of threat visibility so that they can be better prepared, understand which actors or tactics target their environment, validate their security effectiveness, and scale their cyber security controls to threats that matter to them now.

And with the newest addition of Mandiant Automated Defense, a scalable, automated SaaS-based solution to help security team detect and respond to the alerts that matter fast, we are rounding out Mandiant Advantage with automated triage at machine speed.

By leveraging Mandiant’s scalable detection and response capabilities, combined with the ability to measure and prove security effectiveness against the threats that matter most, CISOs can streamline operations and concentrate resources where they will have the greatest likelihood of success. Security leaders can then rationalize their security program by identifying areas where more spending may be needed or areas where costs can be cut without impacting risk.

Poor State of Cybersecurity Readiness
Despite all the warnings and high-profile breaches, the state of readiness for most companies when it comes to cybersecurity is abysmal:
•    Nearly 80% of senior IT employees and security leaders believe their companies lack sufficient protection against cyber-attacks despite increased IT security investments made in 2020
•    On average, every employee has access to 11 million files – but only 5% of companies’ folders are properly protected
•    Just 57% of companies conducted a data security risk assessment in 2020
•    More than 77% of organizations do not have an incident response plan
•    More than 93% of healthcare organizations reported at least one security breach in the last three years

Cybersecurity Startups to Watch for in 2021
Acquiring new customers is a difficult task. It’s not as simple as putting out an amazing product and hoping for the best you need to make a crystal clear customer journey to supplement it. It is fact that, hackers attack every 39 seconds, or about 2,244 times a day. Senior business leaders and the board may see cybersecurity as a priority only when an intrusion occurs, whereas cyber security is a major concern for all the stake holders in the eco-system.

The average time to identify a breach in 2020 was 228 days and The average time to contain a breach was 80 days as per IBM and the average time to identify a breach in 2019 was 206 days, at which point the cost could be in excess of $3.92 million. Besides the numbers of attacks having grown significantly over the past few years, the sophistication of those threats has also increased dramatically. This is due to the application of emerging technologies such as machine learning / AI, as well as the greater tactical cooperation among hacker groups and state actors.

           
The Year 2021 is going to witness these companies into cyber security to bring unique differentiation as the worldwide spending on information security and risk management systems is going to reach $174B in 2022 for protecting the endpoint. These 40 companies into Cyber security are expected to enter the Indian market.