Advertisement Advertisement

Cisco India:  Will Five Pronged Cybersecurity Strategy Work?  

To meet the objectives of Digital India, the company is focussing on a complete suite of cybersecurity solutions such as  innovations in security products and solutions, Cyber Range Lab in Gurgaon, Security Operations Centre in Pune, Security & Trust Organization in Gurgaon and acquisition of security companies    
According to NASSCOM and DSCI Cyber Security Roadmap, the Indian IT industry has charted out Vision 2025 to grow the Indian cybersecurity products and services market to reach $35 billion and create one million cybersecurity experts and 1,000 cybersecurity start-ups by 2025. On the other hand, the global security market is expected to reach approximately $190 billion by 2025 from $85 billion today and will be driven primarily by increasing digitization and smartphone penetration.    

According to industry experts, India is among the Top 5 countries in the world to be attacked by ransomware and malware. All this creates a big opportunity for companies like Cisco in the cybersecurity space, thanks to the government's Digital India programme and corporate digitization programme which is moving at a brisk pace. To encash on the opportunity, Cisco India is focussing on a five-pronged strategy laying focus on a complete suite of cybersecurity innovations, launch of Cyber Range Lab in Gurgaon, Security Operations Centre to be launched in Pune, Security & Trust Organization and security companies acquisition. This 360-degree approach by Cisco will definitely help government organizations and corporates to secure digital transactions in a seamless manner.  
For security, Cisco has invested $5 billion in the last 36 months – be it in terms of acquiring cutting-edge security companies or making foolproof security products for its customers.      

Innovations in Security Product and Solutions: For conducting innovations in the cybersecurity space, Cisco has around 5,000 engineers globally and around 1,000 engineers in India. All these engineers focus on different aspects of security – be it infrastructure security, endpoint security, application security, messaging security, web security, IoT security, transaction security, security operations and incident response, risk & compliance and threat intelligence and specialist threat analysis and protection.      

Cyber Range Lab in Gurgaon: Deepening its commitment to enhancing cybersecurity, Cisco recently inaugurated its Cyber Range Lab in Gurgaon, India. The Cyber Range Lab aims to provide highly specialized technical training workshops to help security staff build the skills and experience necessary to combat new-age threats. 

"The Cisco Cyber Range Lab is now a reality for customers looking to find an advantage against the growing legions of cybercriminals and next generation threats. The Cyber Range Lab in India underlines our commitment to secure and partner with India in its digital transformation" - Dinesh Malkani, president, Cisco India and SAARC 

The lab was recently inaugurated by Dr Gulshan Rai, National Cyber Security Coordinator, Government of India, in the presence of Dinesh Malkani, President, Cisco India and SAARC, at the Cisco India Summit 2017.

Speaking on the launch of Cyber Range Lab in India, Dr Gulshan Rai said, "With this launch, Cisco has taken a leadership step to enhance the security of India’s digital infrastructure and speed up digitalization of India.”

"With the launch of Cisco Cyber Range, we are helping our customers to be prepared to identify and mitigate a threat before it becomes a crisis. The Cisco Cyber Range Lab is now a reality for customers looking to find an advantage against the growing legions of cybercriminals and next-generation threats. The Cyber Range Lab in India underlines our commitment to secure and partner with India in its digital transformation,” commented Dinesh Malkani. 
Cisco Cyber Range Lab will use 200-500 different types of malware, ransomware and 100 attack cases to deliver realistic cyber-attack experiences which can be accessed virtually from any part of the world. As part of the Cyber Range experience, Cisco has designed real-world scenarios to help clients experience, defend against and shut down cyber-attacks. The scenarios will also help train organizations with the necessary steps required to respond quickly in the wake of an incident, right from addressing a basic threat to a highly sophisticated one, monitoring and analyzing malware infections and providing actionable information and intelligence to customers.

The Cisco Cyber Range Lab will offer a comprehensive integrated services portfolio, which includes: Workshops of 3–5 days of intensive real-life experience reacting to and defending against rudimentary and complex cyber-attacks at any location; Cyber Range subscriptions, which offer advance threat intelligence reports; Assistance in re-creating similar cyber range labs at customers’ premises and provide threat intelligence updates via subscription.
The lab will also enable customers to tap into a pool of resources such as security specialists and test engineers at Cisco. Cisco security experts will work closely with organizations to understand their business goals, and security challenges and offer test runs on the proposed cybersecurity solution/infrastructure.  
Security Operations Centre (SOC) in Pune: The company is also planning to launch Security Operations Centre in Q4 quarter of Cisco (i.e. May–July 2017) timeframe. The SOC will provide multiple services and also provide advance threat analysis (ATA). Security Operations Centre (SOC) in Pune will provide a broad range of services – from monitoring and management to comprehensive threat solutions and hosted security that can be customized to meet customer/partner needs. With India as the fourth location in addition to Poland, the U.S. and Japan, this structure allows Cisco to provide a 24-hour service for customers and partners regardless of time zone.

"With this launch, Cisco has taken a leadership step to enhance the security of India’s digital infrastructure and speed up digitalization of India" - Dr. Gulshan Rai, National Cybersecurity Coordinator, National Security Council, Prime Minister’s Office, Government of India

Security & Trust Organization (STO): The Cisco India Security & Trust Organization (STO) was launched in December 2016. The STO works with public and private-sector customers to help analyze their infrastructure, understand cyber risks, identify and mitigate vulnerabilities, and assist in building networks on a foundation of secure, resilient, and trustworthy products. Security & Trust organization is based in Gurgaon and will help in identifying, shaping and bridging national cybersecurity strategy initiatives for the government.  

Acquisition of Security Companies: Security, cloud and software are critical components of Cisco's strategy. During the last 12 years, the company has acquired 9 companies in the security space and is in the process of providing foolproof security to corporates and government departments. 
Network Translation, a firewall company, was acquired by Cisco in 1995 and the company also acquired IronPort in January 2007. IronPort email and web security gateway and management products, currently referred as Cisco Email Security and Cisco Web Security, has now become an integral part of the Cisco Security vision and strategy. The security products and technology from IronPort complement Cisco's threat mitigation, confidential communications, policy control, and management solutions.

Security Companies Acquisition by Cisco 

Company                 Acquisition Year       Specialisation

Network Translation    1995                   Firewall
Ironport                       2007                Email and Web Security
ScanSafe                    2009               Cloud Based Web Security
Sourcefire                  2013               Intelligent Cyber Security
Neohpasis                  2015              Security Advisory
Lancope                    2015               Security Analytics
OpenDNS                 2015               Threat Protection
CloudLOCK              2016                Cloud Security 
ThreatGrid                2016               Dynamic Malware Analysis and Threat Intelligence   


In December 2009, Cisco acquired ScanSafe and kept it as a separate business unit, but, in 2012, the service was renamed as Cisco Cloud Web Security. On October 7, 2013, Cisco completed the acquisition of Sourcefire, a leader in intelligent cybersecurity solutions. With the close of this acquisition, Cisco is providing industry's most comprehensive advanced threat protection portfolios. Cisco is also offering a broad set of enforcement and remediation options that are integrated, pervasive, continuous, and open.

On January 9, 2015, Cisco announced the acquisition of Neohapsis, a privately-held security advisory company providing security services to address customers' evolving information security, risk management, and compliance challenges. Neohapsis delivers risk management, compliance, cloud, application, mobile, and infrastructure security solutions to Fortune 500 customers. The acquisition of Neohapsis helps in reducing complexity and fragmentation while providing advanced threat protection across the entire attack continuum – before, during, and after an attack.

Cisco has also acquired Lancope, a privately-held company headquartered in Alpharetta, U.S.A. Lancope helps customers monitor, detect, analyze and respond to modern threats on enterprise networks through continuous network visibility and specialized threat analysis and protection. Lancope's StealthWatch system provides visibility into suspicious traffic patterns inside the network to quickly detect a wide range of attacks. This helps enterprises reduce time to detection, respond to incidents faster, improve forensic investigations, and reduce risks for the company.

Lancope enhances Cisco's Security Everywhere strategy, enabling the network to become a security sensor, delivering continuous visibility, and accelerating incident response across the extended enterprise. 

On August 27, 2015, Cisco announced it has completed the acquisition of OpenDNS, a privately-held company that provides advanced threat protection for any device, anywhere and anytime. Acquisition of OpenDNS' threat protection capabilities complement and enhance Cisco's current cloud security offerings across Cisco franchise. OpenDNS' Software-as-a-Service (SaaS) platform is fast and easy to deploy, accelerating time-to-value for customers as part of their defence architecture or incident response strategies.

On August 1, 2016, Cisco completed its acquisition of CloudLock, a privately-held cloud security company headquartered in Waltham, Massachusetts. CloudLock specializes in cloud access security broker (CASB) technology. CASB technology understands and monitors user behaviour and sensitive data in cloud applications. It helps secure cloud applications that customers buy – SaaS applications such as Google Drive, Salesforce, and Box – as well as the applications that they build like the IaaS and PaaS platforms. 

With these capabilities added to the Cisco security portfolio, Cisco will be able to provide customers with greater visibility, compliance and threat protection regardless of whether the applications are fully sanctioned by IT or not.

On June 2016, Cisco completed the acquisition of ThreatGRID, a New York-based company that offers dynamic malware analysis and threat intelligence technology to enable security teams to proactively defend against and to quickly respond to advanced cyber-attacks and malware outbreaks. The ThreatGRID products complement Cisco's Advanced Malware Protection (AMP) portfolio and the private-cloud products expands Cisco's ability to protect customers with stringent in-house data retention requirements.

All these strategies will really help Cisco to position itself as the leader in the security market across all customer segments – be it government or corporate. 

    Pravin Prashant