The proliferation of consumer-owned smartphones and tablets in the corporate network of organizations has given rise to network security solutions that are designed specifically for BYOD. Networking vendors are aggressively expanding their portfolios to address the consumerisation of smartphones and tablets text. Rise in employee mobility forces organizations to implement remote access network solutions.
The network security market in India has been experiencing an uptake with the growth of e-Services such as e-Commerce, e-Banking, e-Education, e-Healthcare, and e-government.
Networking vendors are expanding their solutions to cater to verticals such as healthcare, retail, education, and Government. Increased usage of smartphones and BYOD in organizations.
The use of smartphones, tablets, and other mobile devices is rapidly increasing across organizations in India. As the mobility of workforce increases, networking devices are increasingly being used for personal as well as professional purposes. Employees from healthcare, construction, investment banking, and insurance verticals are constantly on the move, which compels companies to provide them with access to the corporate network.
Earlier, Network Security was known to be a concern only for the IT and Banking industry, has now penetrated into every vertical as a serious threat to any business or organization. Awareness and preparedness of these cyber risks have become a priority for consumers, suppliers and manufacturers. While every sector is fast embracing the ‘Internet of things’, they are forced to challenge the existence of cyber threats, risks and malwares; there is thus an increase in focus among regulators.
In the past, India has been targeted through cyber-attacks primarily for political reasons and trends show that this landscape seems to only gain prominence with the availability of more sophisticated technology and more complex transactions increasing vulnerability of systems. The market that is driven by varied forces like the rise of analytics of big data, consistent rise in threats, fall in the availability of customer security software and strong regulatory compliances enforced by the Government, has few, yet giant hurdles to cross, namely, technical expertise and lack of awareness of security concerns.
According to Innovation Norway’s Cyber Security Landscape in India report, skills development remains high on the agenda, both for the Government and private enterprises, which aim to have around five lakhs cybersecurity experts in India within the next few years. The Central Government has been working hard to improve on the existing cyber regulations but face challenges in formalising them into laws. Currently, there is limited cyber security policy for the critical infrastructure like Defence, Space, Energy and Telecom. The overall Indian cyber security space is being dominated by the foreign players, the Indian companies partner as System Integrators (SIs), Managed Security Service Providers or Distributers.
Network Security Landscape in India
“The volume, sophistication, and variety of cyber threats continue to accelerate with the digital transformation of our economy. Cybercriminals have become emboldened in their attack methods as they undergo a similar transformation, and their tools are now in the hands of many. The stark reality is that traditional security strategies and architectures simply are no longer sufficient for a digital-dependent organization. There is incredible urgency to counter today’s attacks with a security transformation that mirrors digital transformation efforts. Yesterday’s solutions, working individually, are not adequate. Point products and static defenses must give way to integrated and automated solutions that operate at speed and scale,” said, Jitendra Ghughal, Director Channels, India & SAARC, Fortinet.
“ Let’s zoom out for a moment. The global network security landscape sits in a moment of transition. Organizations are rapidly digitizing, rendering traditional perimeter-based security approaches obsolete. At the same time, cybercriminals are evolving their attacks. They are utilizing AI to create targeted, bespoke threats that render traditional rules-based security measures insufficient. Within this global moment of transition, India faces a few specific drivers and challenges that make network security growth even more problematic,” said, Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
According to the findings of our latest Global Threat Landscape Report. The research reveals that attacks per firm increased over the previous quarter. In addition, automated and sophisticated swarm attacks are accelerating making it increasingly difficult for organizations to protect users, applications, and devices.
|Mr. Sunil Sharma, Managing Director Sales for Sophos India & SAARC
“We are upbeat and well positioned to manage IT security expectations for businesses of all sizes effectively leveraging the cloud. In fact Sophos has been an early cloud adopter and our cloud management platform Sophos Central is one of the fastest growing products. It is a key differentiator, and a catalyst to help our partners more easily drives new customer growth as well as cross-sell and upsell.”
“An average of 274 exploit detections per firm were detected, which is a significant increase of 82% over the previous quarter. The number of malware families also increased by 25% and unique variants grew by 19%. The data not only indicates growth in volume, but also an evolution of the malware as well. In addition, encrypted traffic using HTTPS and SSL grew as a percentage of total network traffic to a high of nearly 60% on average. While encryption can certainly help protect data in motion as it moves between core, cloud, and endpoint environments, it also represents a real challenge for traditional security solutions,” he added further.
““Since traditional endpoint technologies are often unable to keep up with advanced exploit attacks used to compromise a system, Sophos has added predictive, deep learning capabilities to the newest version of its next-generation endpoint protection product, Sophos Intercept X,” said, Sunil Sharma, Managing Director Sales for Sophos India & SAARC.
“ While 2017’s most prominent attacks in media were ransomware – major security attacks like WannaCry and NotPetya – the real underlying story was the massive public breaches affecting companies like Uber, which were a wakeup call for everyone to realize the potential of cyber-attacks and how they can impact companies globally. Initiatives like the move to the cloud, the growth in DevOps and the increasing convergence of IT and operational technology (OT) have drastically changed networks and expanded responsibilities of security teams of protecting them. These initiatives, for all their business benefits, have caused network complexity to skyrocket — issue cyber attackers are all too eager to exploit. The skills shortage to safeguard against such attacks remains stubbornly inadequate as a major concern, said, Rohan Vaidya, Regional Director of Sales – India at CyberArk.
“ Network security has evolved to be an essential element in an organization presently considering the rise of security threats. Last year we saw many firms suffer huge losses due to ransomware and other Cyberattacks. Apart from banking and IT/ITeS, other industries such as healthcare, manufacturing and telecom also endured the monetary losses. India is one of the fastest growing economies in the world and Government’s push for digitization in the form of Digital India and other initiative is a commendable move in terms of strengthening the security landscape in the country. This presents great opportunities for network security solution vendors.” Said, Prashanth GJ, CEO, TechnoBind.
“The growing risk from cyber threat has attracted the attention of various stakeholders in India including the government, business organisations and individuals alike. The year 2017 saw sophisticated attacks like WannaCry and NotPetya underscoring the importance of cybersecurity in this digital age. Now, there is an impetus for organisations to look at cybersecurity more holistically – they need to engrain cybersecurity beyond their network and ensure that endpoint devices and the cloud are also protected against increasingly sophisticated threats. There is also a need to shift organisations’ mind-set when it comes to mitigating cyberthreats. Our State of Cybersecurity in Asia-Pacific report published last year revealed about 4 in 5 organisation in India adopt a ‘detect and respond’ approach to address cybersecurity. But generally, organisations in India have lost at least US$ 100,000 from data breaches according to the same report. This raises the question on the effectivity of organisations’ cybersecurity strategy and look at prevention and not just prevention, concluded, Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks.
|Mr. Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
“We have deployed our foundational MDR service for years, and have provided many leading companies with the world’s most comprehensive security solution. This year, our new AI platform—AI.saac—will take our security offering to the next level. AI.saac will allow us to stand up to 2018’s AI-driven cyberattacks, empowering and accelerating every stage of our full left-to-right-of-hack MDR service.”
Drivers and Challenges to the growth
According to Rohan Vaidya, Regional Director of Sales – India at CyberArk, For India, there are a good number of large infrastructure projects in the pipeline, such as: large scale government sponsored digitization endeavors; the fostering of smart cities; the “Make in India” initiative; new transportation projects (airports and metro railways); the development of electronic cities; and the formation of new banking and finance organizations. These large-scale projects are driving massive growth in India, which in turn will drive growth in security spend. Growth in these areas will also increase IT and OT (operational technology) network size complexity and result in more targeted attacks. Consequently, Indian organizations (including businesses in the private sector, government and PSUs) will invest heavily in multi-layer security solutions that provide a holistic approach to cyber security and can address the complexity of managing risk and protecting against advanced threats on very large, heterogeneous networks.
“Amongst the challenges that India needs to overcome in the cyber security space are Creating awareness among users, especially newcomers, about cyber threats as well as safe and secure use of the Internet / IT systems. – Addressing the security skills shortage – putting in place the right people to tackle current and evolving cyber threats within cyber security teams,” he added further.
“The main driver and challenge (momentary – or until we overcome) is Digital India. On the one hand, this campaign is performing great work as it connects and modernizes every corner of our country. At the same time, this rapid digitization is opening new threat vectors and vulnerabilities, quickly making India a rich playground for cybercriminals. This is a widespread problem with digitization, it isn’t India-specific. But our particularly swift transformation requires an equally swift adoption of next-generation cybersecurity services,” said, Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
“Most of the Indian SMBs are still reluctant to focus on networking security. They don’t consider opting for the proper and updated security program and hence putting the company’s confidential information at risk. The other challenges enterprises facing are skill shortage, complex nature of security policies and a massive increase in malware volume. Apart from external threats, the growth in IoT has contributed significantly to the rise of internal threats. The lack of awareness among employees and IT managers is another reason to consider security as a priority for the organizations,” said, Prashanth GJ, CEO, TechnoBind.
“On the positive side, our study showed signs that organisations in India are giving priority to cybersecurity – more than 92 percent of them have increased budgets dedicated to mitigating cyberthreats. However, they still seem to favour basic cybersecurity solutions: antivirus and firewall are still most popular and used by about 3 in 4 organisations. More advanced cybersecurity solutions such as anti-ransomware, two-factor authentication, and biometrics have lower adoption rates. While there is certainly a growing awareness on the importance of cybersecurity, there is still a huge gap in cybersecurity skills, not just in India but all over the world. An effective cybersecurity strategy needs the right mix of people, process and technology with the right mindset, hence the talent aspect needs to be addressed as well. Also, to ensure the success of Digital India, it is important for all stakeholders – including the Indian government, companies and individuals – to become actively involved in efforts that promote cybersecurity,” said, Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks
“ Multi-cloud environments and the increasing use of IoT and mobile devices to access mission-critical applications are drastically increasing the volume of encrypted data on enterprise edge networks. The adoption of these technologies is also increasing bandwidth, throughput, and session capacity requirements that are driving enterprises to modernize their edge networks. Additionally, the expanded digital attack surface and complex threat landscape is escalating the need for advanced security protections that can be applied with speed and scale across all connected devices. Security appliances need to be able to deliver the high performance required to protect encrypted traffic at the enterprise edge with a compact, modern interface that can seamlessly grow capacity in a smaller, efficient physical footprint,” said, Jitendra Ghughal, Director Channels, India & SAARC, Fortinet.
“An industry first for a security appliance, Fortinet’s next-generation hardware architecture leverages compact internal processing cards that are miniaturized versions of the blades typically used in cutting-edge modular security chassis. Each processing card combines multiple 12-core CPUs, Security Processing Units (SPUs), and Content and Network Processors into a discrete unit. The FortiGate 6000F series can support up to ten discrete processing cards in a 3U appliance. The innovative design enables traditionally chassis-only benefits like high resilience and session scale while also delivering advanced security capabilities at breakthrough speeds never before seen in a compact appliance form-factor. The architecture provides additional benefits like hardware load balancing using new custom Distribution Processors that intelligently assign tasks between the discrete processing cards,” he added further..
Deployment of SDN security
“It is good that many enterprises are waking to the fact their new Software Defined Networks open new vulnerabilities. However, many enterprises are taking half measures to improve their defenses. Many enterprises simply layer a few new security services over their legacy defenses, hoping to “plug the holes”. No. There are now too many security holes to just plug. Enterprises need to adopt a comprehensive new approach that rethinks their defenses from the ground up,” said, Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
“NETGEAR as an organization targets SMB/SME customers and bring Enterprise value proposition into these segments. We understand that SDN’s value proposition is going to be based around simplicity, because, in the small and mid-sized organizations, they don’t have armies of network engineers to manipulate the products one by one. So the SDN value is really going to be, not with a [command-line interface] but with something much simpler. The ProSAFE M4300 Stackable L3 Managed Switch Series come with 10G and 1G models in a variety of form factors and PoE+ full provisioning. All 10 Gigabit ports are independent and 1G backward compatible for a progressive transition to 10G speeds. The M4300 Switch Series delivers L2/L3/L4 and IPv4/IPv6 rich services for mid-enterprise edge and SMB core with unrivalled ease of use: 10 Gigabit models can seamlessly stack with 1 Gigabit models, enabling line-rate spine and leaf stacking topologies. Non-stop forwarding (NSF) virtual chassis architecture provides advanced High Availability (HA) with hitless failover across the stack. NETGEAR M4300 Switch Series is also ready for the future, with Software-defined Network (SDN) and OpenFlow 1.3 enabled for your network which is perfect for wireless access, unified communications and IP video. The M4300 offers PoE+, spine and leaf resiliency and 10G stacking in a virtual chassis footprint. NETGEAR offers a true lifetime warranty on M4300 switches,” said, Manab Mallick, Technical Head, India & SAARC NETGEAR.
“ A big shift is happening in the way the world is designing data centres. It is all about agility and speed to programmatically deliver an entire application environment in minutes instead of weeks, and efficiency to reduce costs and automate on the fly, changes, without human intervention. Security has to be baked in, to make such software defined trends more secure. Security is an essential enabler of this change. In the world of software-defined networking (SDN), it is important to deliver agility and efficiency, with built-in security to help optimise ROI,” said, Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks.
|Mr. Jitendra Ghughal, Director Channels, India & SAARC, Fortinet.
“Fortinet will also look to help partners improve their profit margins and the Security Fabric will help partners provide new services that build on Fortinet products. We’re also looking at ways to help more partners move from a one-time sale relationship with their customers to one that creates long-term relationships. We want to help partners to look at providing lifetime value to their customers.”
“Traditionally, to take care of security even in a virtualised data centre, traffic had to be steered to the physical security infrastructure. This had a considerable amount of cost implication and defeated the purpose of software defined architecture (SDA). To take care of security in an SDA, security had to be integrated to allow data centres and networks to be more agile. Thus, software-defined security is more commercially and operationally viable. Palo Alto Networks provides security controls for hybrid environments which could include private and public clouds and some portions of the physical infrastructure. By providing consistent, advanced security across the entire deployment we help enable customers to optimise their investments,” he added further.
“Facing the increasing access and connectivity demands of today’s digital economy, businesses are looking to SDN solutions to overcome the limited scale, higher costs and increased complexity characteristic of traditional WAN architectures. Despite these advantages, many enterprises are hesitant to adopt SDN solutions due to the security concerns of allowing direct access to sensitive SaaS services and data, along with rising threat trends like SSL encrypted malware, ransomware and an ever-increasing volume of advanced intrusion attempts,” said, Jitendra Ghughal, Director Channels, India & SAARC, Fortinet.
Vendor’s Channel Roadmap
“TechnoBind is one of the first distributors who redefined the way vendor look at the distributors. We work more as an integral part of the vendor’s go-to-market strategy to deliver results. We have a strong partnership with the right vendors in the security space. We act as a strong strategic link between the technology vendor and the reseller. We are partners for some of the cutting edge security solutions – specifically around Cloud and Mobility. Also the focus is on security solutions which solve compliance issues for customers – currently the Aadhar deployment is one such example and GST roll-out is yet another one,” said, Prashanth GJ, CEO, TechnoBind.
“The security alliances that we work with include Gemalto (Earlier Safenet) where we focus on the BFSI space in addition to the compliance driven requirements around the Aadhar and GST rollouts. We also work with Seclore which is an IRM technology which has become more prominent than ever in today’s borderless world of IT. The latest addition to the pack is Checkpoint where we are partnering to lead them into the SMB segment which is a new line of focus for them. Enterprise customers still do see a lot of value with the partners especially who are specialising in security, one of the reasons could be that the partner would be able to give a larger perspective of the available solutions in the market and help identify the best fit solution for the customer,” he added further.
“Customers are moving towards a hybrid model where some workload is in the physical infrastructure, some in private cloud and some in public cloud. This, for the time being, induces some amount of complexity and therefore needs expertise to make sure that deployment is smooth which in turn creates a massive opportunity for channel partners. Furthermore, considering the current threat landscape, security is one of the top priorities for all customers. This allows a great opportunity for channels to scale their services business. We have come up with a next wave channel program, which allows us to train and handhold over 150 partners three distributors in India to grow their businesses in collaboration with Palo Alto Networks,” said, Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks.
|Mr. Rohan Vaidya, Regional Director of Sales – India at CyberArk
“India is a large country with enormous diversity not only geographically and culturally but also in business maturity. Mobile internet penetration in rural India is driving transformation. Businesses are not just quick in new technology adoption but are impatient to experiment with technology to shorten the time-to-market. “
“From the beginning Fortinet has always been focused on driving business with our partners. We have a mature partner program and an experienced sales team. We are already delivering value to our partners and their business beyond just what we sell. Fortinet will work to increase this value so we can become more important to their business and enable them to expand with the Fortinet Security Fabric. We want partners to build on the Fortinet Security Fabric to deliver their own value-added services, not just implementation services, but also managed services that they can wrap around the Fabric. Fortinet will also look to help partners improve their profit margins and the Security Fabric will help partners provide new services that build on Fortinet products. We’re also looking at ways to help more partners move from a one-time sale relationship with their customers to one that creates long-term relationships. We want to help partners to look at providing lifetime value to their customers,” said, Jitendra Ghughal, Director Channels, India & SAARC, Fortinet.
“We will be launching more network security solutions to support our core firewall offerings and extend our Security Fabric. We will also update our FortiOS security operating system, and roll out new firewalls that continue to set record speeds in the industry. SD-WAN and Operational Technology (OT) security will be important areas of focus for Fortinet this year. The plan in 2018 is about aligning better our overall sales to Fortinet Security Fabric. We want to help partners look at the lifetime value of their customers and find ways to grow those relationships,” he added further.
“India is a large country with enormous diversity not only geographically and culturally but also in business maturity. Mobile internet penetration in rural India is driving transformation. Businesses are not just quick in new technology adoption but are impatient to experiment with technology to shorten the time-to-market. Go-to-market in India is a two-tier distributor and reseller model. Currently we are working to build our distributor capabilities – having them as Value Added Distributors rather than transacting partners. All our distributors have a strong cybersecurity offering and work with non-competing cyber security products. With our C 3 Alliance we work to create synergies with the other security products that our distributors carry. Security is a team game, with this approach it demonstrates CyberArk’s capabilities to integrate so our customers can achieve a better ROI on their existing cyber security investments,” said, Rohan Vaidya, Regional Director of Sales – India at CyberArk.
“On the reseller side of the business we work with various boutique partners who specialise in key industry verticals. Our 2018 focus is to build industry-based solutions in the privilege account security space, for instance a SWIFT compliance solution in the banking industry or endpoint management for IT & ITES companies. We work closely with the ‘big four’ consulting / advisory firms, especially in the application identity management and DevOps spaces. The large system integrator (regional and global) work with us a on case to case basis, often bringing us in to bids as a part of a larger project, as CyberArk are the leaders in privilege account security,” he added further.
“In 2018, we will focus on expanding and accelerating roll out of our well received AI-driven Managed Detection and Response (MDR) service. MDR service is an advanced security fabric that brings Speed, Intelligence, Analytics, and Trust together to offer unparalleled security resilience to the business. We have deployed our foundational MDR service for years, and have provided many leading companies with the world’s most comprehensive security solution. This year, our new AI platform—AI.saac—will take our security offering to the next level. AI.saac will allow us to stand up to 2018’s AI-driven cyberattacks, empowering and accelerating every stage of our full left-to-right-of-hack MDR service,” concluded, Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
Problems during deploying new technology
“Deploying any technology, irrespective whether new or traditional requires some amount of planning. If any deployment is planned properly, we don’t see any challenges. Important thing to consider is that any deployment doesn’t only include implementing the new technology in a specific environment. Deployment as includes education, which many times is not considered or not given priority. It is important to make sure that a proper understanding of the new technology is provided before the actual deployment to make sure we understand the implications of adding a new solution to any environment. Thus the formula for a successful is proper education of end users, followed by a proper deployment plan,” said, Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks.
“The common approach to network security has been to keep adding new devices to an already overburdened security closet. But as the continued increase of network compromises indicates, this approach isn’t solving the problem. The fact is that while the new devices organizations are buying and deploying are helping to decrease the time it takes to discover some new threats, data shows that threats are compromising organizations even faster. You just can’t keep up using this approach. Siloed security solutions, with separate management interfaces and no meaningful way to gather or share threat information with other devices on a network, are only marginally useful,” said, Jitendra Ghughal, Director Channels, India & SAARC, Fortinet.
“But what if the data and security elements across all of an organization’s various environments could be well-integrated, cohesive, and coherent, like a seamlessly woven fabric? Such an approach would allow companies to see, control, integrate, and manage the security of their data across their entire organization, even into the cloud, enabling a secure digital business model. Such an approach would also allow security to dynamically expand and adapt as more and more workloads and data are added, and at the same time, seamlessly follow and protect data, users, and applications as they move back and forth between IoT and smart devices, borderless networks, and cloud-based environments. The Fortinet Security Fabric is an intelligent framework designed around scalable, interconnected security combined with high awareness, actionable threat intelligence, and open API standards for maximum flexibility and integration to protect even the most demanding enterprise environments. Fortinet’s security technologies have earned the most independent certifications for security effectiveness and performance in the industry. When woven together, the Fortinet Security Fabric closes gaps left by legacy point products and platforms by providing the broad, powerful, and automated protections today’s organizations require across their physical and virtual environments, and from endpoint to the cloud,” he added further.
“Our primary challenge deploying AI.saac is education. AI is a hot topic in the cybersecurity world. There is a lot of misinformation connected to it. Some of this misinformation comes from a general confusion regarding what AI technology is and is not. Much of this misinformation is produced by unscrupulous cybersecurity vendors overselling their capabilities. We always have to give our clients a primer on what AI can, and cannot, offer their cyber defenses. Clients also look for faster “Time to Value” with implementation of a new service, and with 18 years of experience in implementing robust cyber security programs swiftly, our teams apply the same speed and efficiency while deploying our AI-Driven MDR service,” said, Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
|Mr.Prashanth GJ, CEO, TechnoBind
“ Most of the Indian SMBs are still reluctant to focus on networking security. They don’t consider opting for the proper and updated security program and hence putting the company’s confidential information at risk. The other challenges enterprises facing are skill shortage, complex nature of security policies and a massive increase in malware volume. Apart from external threats, the growth in IoT has contributed significantly to the rise of internal threats. The lack of awareness among employees and IT managers is another reason to consider security as a priority for the organizations. “
“What we sometimes see in practice amongst end users is a rush to invest in ‘latest-and-greatest’ new security technology, where security spends is focused on acquisition rather than implementation. Not only does this approach generally lack the necessary focus on what is truly important to manage and secure, it is also a way of working that can result in disrupted business operations because the overriding priority was not necessarily to effectively protect the company from financial harm and reputational damage. Locking down privileged accounts is critical to keeping pace with today’s highly skilled threat actors. Focused spend and talent acquisition to support this objective is key in order to avoid affecting the wider business,” said, Rohan Vaidya, Regional Director of Sales – India at CyberArk.
“We are upbeat and well positioned to manage IT security expectations for businesses of all sizes effectively leveraging the cloud. In fact Sophos has been an early cloud adopter and our cloud management platform Sophos Central is one of the fastest growing products. It is a key differentiator, and a catalyst to help our partners more easily drive new customer growth as well as cross-sell and upsell, ” said, Sunil Sharma, Managing Director Sales for Sophos India & SAARC.
“They expect a true partner in their defense. Cybersecurity can no longer be handled effectively by an organization’s internal security team alone. It is prohibitively expensive to develop a technology platform capable of continuously analyzing terabytes of threat data. The cybersecurity skills shortage will reach 3.5 million unfilled jobs by 2021. Organizations need a partner who brings skilled and specialist staff and robust platforms to their defense in a cost-effective manner. Paladion strives to offer both,” said, Sunil Gupta, COO, Paladion Networks Pvt. Ltd.
According to Jitendra Ghughal, Director Channels, India & SAARC, Fortinet, Organizations are rapidly adopting mobility, IoT, smart devices, and multi-cloud computing to meet new networking requirements. These changes are increasing the speed and the volume of the data and traffic that networks need to process. These network resources are also being constantly added, removed, or connected to each other, keeping the network’s attack surface constantly changing. The result is we are also creating complex networks that are difficult to track and secure. Data and applications travel between many different users and devices, and span multiple borderless networks. This makes visibility and control more difficult. Cyber criminals are also targeting the expanded attack surface with faster and smarter cyber threats. Security needs to automatically adapt to changing network demands and configurations. Unfortunately, most legacy security systems simply can’t do this. Instead, organizations require a new generation of security designed to protect their hyper connected, digital transformation networks.
|Mr. Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks
“While there is certainly a growing awareness on the importance of cybersecurity, there is still a huge gap in cybersecurity skills, not just in India but all over the world. An effective cybersecurity strategy needs the right mix of people, process and technology with the right mindset, hence the talent aspect needs to be addressed as well.”
“The majority of data no longer stays inside company networks where it can be easily protected. Multi-cloud environments, smart devices, elastic networks, and borderless networks have made first and even some second-generation security strategies obsolete. That’s because security needs to follow data and workloads as they move across interconnected networks. Siloed security devices just can’t do this. Organizations need a third generation of security tools to see and secure the entire network. This includes endpoint and IoT devices, physical and virtual systems, and complex multi-cloud ecosystems,” he added further.
“Our customers expect CyberArk to help them build awareness of modern cyber security and privacy threats, processes and technologies as the first step toward an active defence – and also to help the wider business understands how critical this is. Companies must show greater urgency to enable cyber security resilience by prioritising cyber security risk at the same level as wider business and financial risks. It’s our job to help them understand how new technologies – like cloud and DevOps – affect the attack surface and to promote a ‘think like an attacker’ mind-set, which is the most effective start point to better overall security,” said, Rohan Vaidya, Regional Director of Sales – India at CyberArk.
|Mr. Manab Mallick, Technical Head, India & SAARC NETGEAR.
“ NETGEAR as an organization targets SMB/SME customers and bring Enterprise value proposition into these segments. We understand that SDN’s value proposition is going to be based around simplicity, because, in the small and mid-sized organizations, they don’t have armies of network engineers to manipulate the products one by one. So the SDN value is really going to be, not with a [command-line interface] but with something much simpler.”
“What security teams need from vendors today are end-to-end solutions that are able to protect their important assets across different touch points – from network to endpoint to cloud – while providing a single unified view of the threat situation for security teams to manage and control. There are many security vendors out there in the market, with each with its own suite of solutions. This overwhelming availability of options is both a boon and bane for businesses – our study found that organisations in Asia-Pacific are now struggling to keep up with the increasingly sophisticated cyberthreats and finding the appropriate solutions to combat them,” said, Riyaz Tambe, Head – Systems Engineering, India & SAARC, Palo Alto Networks
“It is now more important than ever that vendors are able to act as partners to organisations, who are able to not just provide software and solutions, but also other essential services such as training for teams to best leverage their products, or educational resources for employees to learn more about security best practices. In addition, it is important for vendors to be doing more in the industry as well, such as actively sharing threat intelligence, or working closely with government stakeholders to shape public policy that deters cybercrime. Last year, Palo Alto Networks became the first cybersecurity company to formalise a Data Exchange Agreement with the INTERPOL Global Complex for Innovation, sharing threat intelligence generated by Palo Alto Networks Unit 42. Separately, Palo Alto Networks is also among the founding members of the Cyber Threat Alliance, which brings together competitors in good faith to share threat information and improve defences against advanced cyber adversaries,” he added further.
Awareness and preparedness of these cyber risks have become a priority for consumers, suppliers and manufacturers. While every sector is fast embracing the ‘Internet of things’, they are forced to challenge the existence of cyber threats, risks and malwares; there is thus an increase in focus among regulators. The market shows promise in the Cloud-based hybrid security, Mobile security, and Bring your own device (BYOD) technology. The current demand for integrated security solutions is also an aspect that is widely getting attention today.