Despite the increasing number of data breaches, a vast majority of IT professionals still believe perimeter security is effective at keeping unauthorized users out of their networks. However, companies are also investing in new technologies that adequately protect their business. As per Rana Gupta, Vice President – APAC Sales, Identity and Data Protection, Gemalto, “Enterprises are gradually understanding that compromising the security of their data could undermine both the system and the trust that individual citizens have in the products and services they use every day, whether it be mobile devices, communications, banking, ID documents or shopping.” As networks shift towards hybrid, elastic, and borderless ecosystems, expand across cloud environments, and become meshed with other networked environments such as OT and critical infrastructures, security will have to continue to adapt. Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet said, “Specialized firewall iterations will need to be integrated together for centralized orchestration and correlation; automation will need to compensate for the inability of human engineers to track the scope and scale of devices and data across the expanding network; and advanced analytics will need to anticipate threats in order to shorten the time to detection and response.”
[quote font=”tahoma” font_size=”13″ color=”#262626″ bgcolor=”#f2f2f2″]
“The security challenges are rising from the rapid integration of the digital and physical and it is being felt across enterprises.”
Surendra Singh
Country Director
Forcepoint
[/quote]
A Boardroom level Challenge
A recent Global Forrester survey of 342 security leaders found that the largest cybersecurity challenge for CISOs was adapting to “the rapidly evolving nature of cyber threats.” In the wake of attacks like WannaCry and Petya, enterprises are fully aware that such attacks can cripple business functioning and even bring it to a complete halt. As Forcepoint’s Surendra Singh exclaims, “The recent cyberattacks are a wake-up call for IT security teams; it is time the C-Suite took note. Conversations in the boardroom remain largely muted when it comes to cyber-security as board members largely see IT security as a mere extension of managing IT infrastructure.”
Lloyds of London recently published a report that put the economic cost of a global cyber-attack at $68billion. This clearly reiterates the fact that there is a lot at stake for enterprises if their security is breached. IDC forecasts worldwide revenues for security-related hardware, software, and services will reach $81.7 billion in 2017, an increase of 8.2% over 2016. Global spending on security solutions is expected to accelerate slightly over the next several years, achieving a compound annual growth rate (CAGR) of 8.7% through 2020 when revenues will be nearly $105 billion. Bhaskar Agastya, Country Manager, Sales- Ixia, India said, “Most enterprises today are struggling with network blind spots caused by increase in encrypted traffic on their networks and migrations to public and private cloud environments. Companies across verticals are now investing significantly in network security solutions to combat future attacks. The swift growth of digital transformation is forcing companies across all industries to proactively spend on security to shield themselves against known and unknown threats.”
With the rise of mobility, carrying traditional IT over is difficult due to the sheer diversity of devices and consumer grade technology used in most mobile devices. A Global IT Security Study from Citrix and The Ponemon Institute found 69% professionals stating that their organization’s existing security solutions are outdated and inadequate, emphasizing the need to have a holistic look at the security posture. Citrix’s Makarand Joshi adds, “Organizations are increasingly looking to shift focus on securing their most important business assets — applications and data — to both simplify and strengthen security without compromising productivity. The recent unexpected surge in cyber-attacks has compelled organizations to think beyond having a primary infrastructure and instead have layers of security. Therefore organizations are now open to devoting a certain amount of their investment to adopting software solutions that help keep their data centered, and data flow secure.” Organizations are actively looking at building an IT fortress that will not just protect them from breaches, but also guard their interests. As a result of security becoming a prominent boardroom discussion, CIOs opinions carry more weight and this is a constructive step in them getting a permanent seat in the board.
[quote font=”tahoma” font_size=”13″ color=”#262626″ bgcolor=”#f2f2f2″]
“Intent-based security that can recognize threats and understand the reason behind them will be critical to thwart automated attacks with automated security.”
Rajesh Maurya
Regional Vice President
India & SAARC, Fortinet
[/quote]
A new approach to Security Architecture
Organizations are increasingly leveraging technologies like machine learning, artificial intelligence, cloud based monitoring, and analytics to safeguard their data. According to a Global IT security study, 60% Indian respondents stated that employees and third parties bypass security policies and technologies because they are too complex. Ensuring that their employees are not only fully aware about looming security threats but also fully comprehend the measures that they must take in order to help the organization safe guard their data is critical. “A remedial measure gaining prominence is embedding security in everyday processes. This also serves the purpose of simplifying the processes for employees. By adopting solutions that are secure-by-design, organizations can safeguard their data as it flows from device to cloud,” explains Joshi.
Another important fact is that many organizations still use human workers to do security tasks that can be done better by automated, intelligent security systems. Automated systems can respond more quickly to sustained and intense attacks and can reduce costs, complexity, and errors. Networks can adapt to security demands in the blink of an eye. “Automation can help your cybersecurity team build proactive security that can respond immediately to potential threats. Intent-based security that can recognize threats or problems and can also understand the reason behind something will be critical to thwart automated attacks with automated security,” added Fortinet’s Rajesh Maurya. While some organizations fear a loss of control when they move much of their security response to an automated system, good automation gives employees visibility into the process.
[quote font=”tahoma” font_size=”13″ color=”#262626″ bgcolor=”#f2f2f2″]
“Our burgeoning economy, with an almost unparalleled growth is attracting cybercriminals and attacks from all over the world with Indian enterprises becoming victims.”
Sunil Sharma
Managing Director Sales
Sophos
[/quote]
One of the biggest issues plaguing the cybersecurity infrastructure at any organization is dozens of cybersecurity tools from as many vendors. Many enterprises have too many security point tools and not enough time. In cybersecurity, each hour’s delay extends the window of opportunity for zero-day malware to wreak havoc on your endpoints. The effectiveness of all these security tools and widgets can increase if only they could communicate with each other. Enterprises must rely on technologies such as Human-Machine learning to amplify the capabilities of the security teams.