With businesses relying more and more on their IT infrastructure to grow in a competitive environment, cybercriminals have been wreaking havoc in the corporate world. Time has come for Enterprise Security to redraw the game plan.
A former director of one of the world’s apex security agencies once said, “There are only two types of companies: those that have been hacked, and those that will be.” Enterprise security today has probably reached the cusp of its most menacing age. Attack viruses have been flying out one after another, security perimeters are being breached at an unprecedented pace. As per a recent study, enterprise security teams today are facing 244 new cyber threats every minute. Each passing day in the corporate world witnesses more than 500,000 new threats daily, an unpredictably sharp rise from a meager 25 new threats per day 10 years ago.
These are indeed challenging times for security leaders in Enterprises globally. Increasing business pressures requires faster processing of more data and support for more devices than ever before. Companies are vying for tighter controls and locked down security to protect organizational IP and data which now moves across an increasingly complex ecosystem of networked environments, including IoT, cloud, mobile devices, users, and virtualized networks. According to Gartner, the rising number of cyberattacks has pushed cybersecurity spending on products and services to over $80 billion already and the figure is expected to cross a staggering $1 trillion in the next three years. Enterprise security today is no more an afterthought.
The Current security landscape
Enterprise breaches and new global threats have been on the rise due to enterprises increasingly embracing IT. These attacks can be attributed in part to the shift towards digital economies as well as the focus on digital transformation of enterprises. The surge in recent breaches can be directly linked to rise in mobility and BYOD in business, and an increased emphasis on embracing cloud and other third platforms. As Makarand Joshi, Area Vice President and Country Head, Citrix for Indian subcontinent, explains, “A majority of organizations are finding it difficult to maintain security across the network, devices and applications used in business. The fact that there is no defined location makes the danger involved manifold times more serious.”
[quote font=”tahoma” font_size=”13″ color=”#262626″ bgcolor=”#f2f2f2″]
“The recent unexpected surge in cyber-attacks has compelled organizations to think beyond having a primary infrastructure and instead have layers of security.”
Makarand Joshi
Area Vice President and Country Head
Citrix Indian subcontinent
[/quote]
Surendra Singh, Country Director, Forcepoint adds, “Both the value and the volume of data are sprawling like never before, and end points are more vulnerable than ever. The security challenges are rising from the rapid integration of the digital and physical and it is being felt across enterprises.” Securing data and strengthening the infrastructure through has becomes an area which requires cautionary as well as preventive measures from the IT department. Kamal Brar, Vice President and General Manager of APAC, Hortonworks comments, “With many more points of access, both internal and external, you get an increase in cyber-attacks, ransomware, internal threats of data leakage, or privacy breaches. This problem will only get bigger as India embarks on the path of digital transformation.”
The enterprise security scenario in India too has come to the fore like western counterparts with recent high profile breaches. Gemalto’s latest breach level index reaffirms the picture with findings revealing that around 36.6 million data records were compromised in India during 2016, an increase of 14% compared to 2015. Adding to this is the aspect of Digital India initiative which confirms the criticality of a digital infrastructure for the future growth of Indian enterprises.
The economy is growing at a GDP of 7% plus with massive projects being executed across domains. In the corporate world, cyber-attacks have been on a perpetual upward track. As per a recent Geo-malware survey conducted by Sophos Labs, India came out among the top 5 vulnerable countries in the world to malware attacks with a threat exposure rate of 16.9%, a big number compared to global levels. “This is testimony to the fact that as to how our burgeoning economy, with an almost unparalleled growth is attracting cybercriminals and attacks from all over the world. There has been no discrediting the fact that Indian enterprises are becoming victims,” adds Sunil Sharma¸ Managing Director Sales, Sophos.
The Enterprise Outlook
With the increasing barrage of threats from malware, ransomware, and hackers on a daily basis, the security landscape too has evolved. As Anand Ramamoorthy, Managing Director, South Asia, McAfee puts it, “We have witnessed a paradigm shift in the cybersecurity discourse among enterprises with major emphasis being laid upon security preparedness and correctness. Enterprises have begun consolidating the number of cybersecurity vendors and the trend is to continue and accelerate.”
[quote font=”tahoma” font_size=”13″ color=”#262626″ bgcolor=”#f2f2f2″]
“Many organizations lack a precise, strategic, automated and systematic process for prioritizing their vulnerability remediation work.”
Ravinder Arora
Head – Information Security
IRIS Software
[/quote]
The recent surge in cyberattacks has undeniably changed the outlook within organizations. Enterprises have started relying on proactive mechanisms to identify vulnerabilities and threats to fend off attacks and potential weaknesses. They are now adopting key trends in Cyber Security such as Machine Learning, Artificial Intelligence for proactive identification of vulnerabilities and pattern analysis in incident management, software defined security, ethical hacking and security event / incident management. “Organizations are ramping up security professionals with guided learning paths enabling them on newer cyber security topics and up-skilling on existing cyber security knowledge,” further adds Arun Rajamani, Country GM, Pluralsight India.