Nilesh Jain, Vice President, South East Asia & India, Trend Micro, in a brief conversation with Amit Singh spoke on the transformation of India cybersecurity and application development landscape over the last few years
What are the changes Indian cyber security industry has observed over the last few years?
During the last few years, there is a heavy emphasis on the use of data forensics to ferret out complex exploits hidden in the infrastructure. In addition, customers are utilizing incident response tools to detect and repair compromises as soon as possible. Moreover, enterprises have been focused on layering the security with multiple defenses such as firewalls, authentication, intrusion detection and prevention, antivirus, encryption and so on.
In fact, the last two years have been transformative for the cybersecurity industry and one of the integral challenges was to bring in a balance between protecting personal privacy interests and monetizing valuable data assets. Organizations have also taken initiatives to break down a large rigid application through microservices that lead to the formation of different components that communicated with each other through APIs.
With apps becoming one of the most popular vulnerability points for breaches, how do you see the application development landscape transforming?
Cybersecurity space is seeing DevSecOps emerging as a major trend that will enable cross-functional teams to work together. While the development approach brings new application services and increases efficiency, security processes built in DevSecOps will play a role in ensuring that continuous delivery processes follow good security practices.
Many access control systems include Attribute-Based Access Control (ABAC) which can be controlled under DevSecOps to secure access to APIs and microservices.
Companies have also adapted to the transition from Role-Based Access Control (RBAC) to ABAC as it suits the industry standards and caters to certain requirements.
With the focus on digital transformation entailing cloud, mobility, and IoT, what are the security challenges faced by CXOs in India?
The country is still reeling under the recent spate of attacks that have compromised databases of banking institutions, government email servers, and Indian enterprises at large. If recent reports are to be believed there is more in store. India’s share in ransomware attacks continues to rise and currently stands at 16.9 percent.
Several large companies today are under the purview of ransomware attacks, and the impact is only getting advanced with time. What’s alarming is the fact that while enterprises in India are spending more on cybersecurity each year, organizations are still not confident of their ability to sense, resist and respond to cyber threats.
With the number of internet of things (IoT) -enabled devices increasing, ransomware is all set to enter another revolution. Cybercriminals have already started attacking smartphones and the day is not far when wearable devices will also be on their list. In fact, Smart TVs are already under their radar.
A recent survey carried out by a leading consulting firm found that outdated information security architecture and controls is a key factor that has increased the risk exposure for India over the last 12 months. What is interesting to take cognizance of, is that vulnerabilities related to mobile computing, social media and cloud computing feature prominently as contributing to enhanced risk exposure for corporate India. Among threats, the majority believe that cyber-attacks are primarily targeted at defacing/disrupting organizations or towards stealing intellectual property or data, followed by fraud.