In an interaction with NCN Magazine, Mr. Andy Garth, Director of Government Affairs, ESET shares insights on global cyber threats and India’s evolving cybersecurity landscape.
Why has threat intelligence become important in the backdrop of geopolitical tensions? Tell us about ESET Threat Intelligence.
Government and Public sector organizations at the national, regional, and local level are at risk, including the systems that support a nation’s critical national infrastructure, for example, power grids, water supplies, and healthcare units. Businesses, both large and small, and ordinary citizens are also increasingly targeted by cybercriminals. Bad actors are not bound by geography or sector; they move across continents, often trying new tools in countries that work as testing grounds before deploying them against their targets, such as in India.
ESET’s global coverage, broad customer base, and renowned capabilities are a huge advantage. Every day, ESET Threat Intelligence (ETI) processes hundreds of millions of indicators of compromise (IOCs), akin to a database of clues left by cyber-intruders while they crawl through a victim’s network. ESET has long utilised and developed emerging technologies to detect threats and protect users. No company sees everything, but ESET is recognized as a leading Cyber Threat Intelligence provider – contributing a key part of the threat landscape puzzle.
Why is there an increasing demand for an MSP to become an MSSP these days?
There is indeed a growing interest among Managed Service Providers (MSPs) to transition into a Managed Security Services Provider (MSSP), as their client organisations are quickly realising that traditional IT support services offered under the MSP model are simply inadequate to protect or safeguard their digital assets in the wake of growing cybersecurity risks.
The nature of cyberthreats and the risks of data breaches have also evolved significantly in recent years, and clients of all sizes, including small businesses, are now asking for dedicated cybersecurity services like real-time threat detection and defense, which only an MSSP is equipped to provide.
The MSP model has historically focused on managing the entire IT infrastructure, including baseline cybersecurity. MSSPs, on the other hand, offer a deeper layer of protection by offering 24/7 threat monitoring, incident response, and compliance support, often through dedicated Security Operations Centers (SOCs). As a result, MSSPs can deliver truly enterprise-scale proactive security measures to even SMBs.
We at ESET are proud to support our MSP partners in making this transition. Our XDR/EDR tools (like ESET Inspect) are MSSP-ready and designed to be integrated into broader security monitoring systems, helping our partners deliver managed detection and response (MDR) services. Our team is also working to equip our MSP partners with real-time response capabilities, allowing them to scale their cybersecurity services without the need for hiring or building extensive internal resources.
Please tell us about the dual role of AI in cybersecurity, its potential and challenges. How are you leveraging AI and ML in the detection, prevention and mitigation of cyberattacks?
AI has indeed emerged as a double-edged sword in cybersecurity. On the one hand, cybercriminals are using AI or GenAI to craft much more persuasive and targeted phishing messages. AI-generated deepfakes or disinformation campaigns are another huge risk for governments and businesses alike.
On the other hand, AI is also an immensely powerful ally in the fight against cyber threats, making it possible to detect, analyse, and respond to cyberattacks faster than ever. ESET has proudly embraced Al-based technologies since the late 1990s, beginning with the implementation of neural networks in our products.
Today, our solutions integrate the latest AI, ML, and deep learning (ML/DL) models for enhanced threat detection and prevention capabilities. Our advanced ML algorithms can quickly sift through massive volumes of data to identify and classify threats, even in offline environments. Last year, we introduced the ESET AI Advisor, an innovative, generative AI-based cybersecurity assistant that seamlessly integrates into the day-to-day operations of security analysts and provides detailed incident data and SOC team-level advisory. ESET AI Advisor is a game-changer for companies with limited IT resources who want to utilize the advantages of advanced Extended Detection and Response (XDR) solutions and threat intelligence feeds.
How would you describe the cybersecurity landscape in India?
There are five important dimensions of India’s cybersecurity landscape as of today. First, India is today the fastest growing major global economy and the third largest digitalised country, making it a natural target for cyberattacks on businesses as well as public infrastructure, and this is reflected in the numbers. From state-sponsored espionage to ransomware-as-a-service and deepfake-driven scams, India is today grappling with a wide spectrum of cyber threats that demand urgent and sustained action.
In 2023, over 400 million cybersecurity incident detections were recorded in India with an average detection rate of 761 per minute, a report by the Data Security Council of India (DSCI) noted. Further, last year’s ESET Small and Medium-sized Businesses (SMB) Cybersecurity Report found that 88% of Indian SMBs had experienced cybersecurity incidents in the preceding 12 months.
Second, the cybersecurity spending in India estimated to have reached approximately USD 6 billion in 2023, with annual growth of over 30% during 2019-23. India is also projected to account for 5% of the global cybersecurity market by 2028.
Third, most small and medium enterprises (SMEs) often neglect cybersecurity despite the criticality of protecting and safeguarding their data and other digital assets, especially when they are today seen as the most lucrative targets for cybercriminals. Indeed, for an SME a cybersecurity attack could be a business-ending event.
Fourth, the Indian government is aware of these risks and has taken several steps to enhance the country’s cybersecurity. The new Digital Personal Data Protection Act (DPDP) is a welcome move towards securing and safeguarding people’s data. Programs like Cyber Surakshit Bharat further aim to spread awareness and build stronger systems.
Fifth, there is a significant cybersecurity skills gap in India. Nearly, 75% of organisations surveyed by DSCI highlighted the shortage of skilled professionals.
ESET has made public some of its research documenting attacks on Indian entities and residents by CN-aligned, PK-based, and NK-aligned APT Groups. Moreover, ESET telemetry shows that India is one of the countries most targeted by ransomware gangs. The ransomware scene is a highly competitive cybercriminal environment where gangs frequently introduce sophisticated innovations and tools. For example, we observed this in India: on June 3rd, 2024, a threat actor ESET tracks as CosmicBeetle attempted to compromise a manufacturing company in the country with their own ransomware we dubbed ScRansom. After failing, they executed EDRKillShifter, an EDR killer known to be developed by the high-profile RaaS gang RansomHub.
What types of cybersecurity threats should enterprises in India look out for?
Cyber threats have become more advanced, frequent, and organised. Now, Indian enterprises are facing attacks like ransomware-as-a-service, where even inexperienced hackers can launch powerful attacks using rented tools. In 2024 alone, ransomware incidents in India rose by 53%, affecting critical sectors such as healthcare, finance, and manufacturing. Cloud is also fast emerging as a major attack surface, with 62% of all malware attacks in India detected in cloud-based environments.
Another alarming trend is the rise of AI-driven cyberattacks, particularly through deepfake technology. Cybercriminals are leveraging AI to create highly realistic fake videos, images, and audio clips, enabling large-scale impersonation scams. These deepfakes are being used to execute sophisticated Business Email Compromise (BEC) attacks and spread misinformation, posing significant challenges to organisations in maintaining digital trust.
A study by the Indian Cyber Crime Coordination Centre (I4C), under the Ministry of Home Affairs, projects that cyber fraud losses could amount to ₹1.2 lakh crore in the coming year, representing approximately 0.7% of India’s GDP.
What are the comprehensive solutions to help to safeguard against these sophisticated attacks? What role channel partners are expected to play in this regard?
Customers should ideally look for four critical features: multi-layered protection that is effective against malware, ransomware, phishing, insider threats, zero-day attacks, and other still-emerging threats; proven threat detection capabilities; cross-platform coverage; and a strong support ecosystem.
Equally important is visibility and control, especially with hybrid working models and the growing adoption of cloud-based workflows. Businesses should also look for tools that are lightweight, easy to deploy, and give clear insights into what’s happening across their network, without overwhelming their IT teams.
In regions across Asia, we’re seeing strong demand for value-added services, cybersecurity awareness training, and skill development programs. We provide our our Indian partners the right tools, training, and support to build recurring revenue models around managed security services through hands-on technical workshops, flexible licensing models, and faster onboarding paths for MSPs and MSSPs. We believe that when our partners succeed, so do the customers that they protect.
Covered By: NCN MAGAZINE / ESET
If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com , roy@roymediative.com, 9811346846/ 9625243429
