Cyber security market continues to grow with organizations continuously adopting latest technologies

As we all are aware that the adoption of digital transformation which was earlier taking shape gradually has been accelerated by the pandemic. The organizations realised the need for technology adoption almost immediately and started the implementation overnight. COVID-19 has triggered the transition to Cloud in the last one year. Also, videoconferencing and workplace collaboration apps have enabled remote work, online schooling, streaming services and videogames provided in-home entertainment. The main focus on building digital services to cope with COVID-19 has led to significant advances in key technologies - such as cloud computing, artificial intelligence and semiconductors - that will enable the next wave of innovation.

With this comes the security concern of the organizations as the majority of the workforce is working from home and exposed to vulnerability.

According to data from Computer Emergency Response Team (CERT-In), Cyber attacks amid the Covid-19 pandemic rose by almost 300% last year in the country to reach 1,158,208 compared to 394,499 in 2019.     
It continues this year as well. In February 2021, there were 377.5 million brute-force attacks-a far cry from the 93.1 million witnessed at the beginning of 2020. India alone witnessed 9.04 million attacks in February 2021. The total number of attacks recorded in India during January and February 2021 was around 15 million.  

Organizations’ profit and loss is now related to its security posture and it has become a priority for every company. It has become imperative to implement a stringent cyber security framework to avoid cyber threats.     
The complete dependency on digital transformation increases the chances of cyber attacks and this in turn is rapidly boosting the cyber security market across the globe as organizations are continuously working on their security strategy and securing the IT infrastructure. The security companies are witnessing an incessant growth and they foresee this growth to continue further.

Druva sees an affinity towards cloud-based solutions as businesses look for technology that helps to scale efficiently, minimally impact employees, improve business resilience etc 

Present IT Landscape

Cloud adoption is set to dramatically increase in the coming years, with Asia-Pacific (APJ) expected to have the highest revenue growth rate for cloud system and service management software between 2020-2024, according to a report from IDC.  The Covid-19 pandemic has led to a surge in businesses adopting cloud as it is a bridge to digitization and getting workforce, distribution, supply chain, etc. online. During this phase, years’ worth of digitization has taken place. A natural affinity to cloud-based solutions is developing as businesses look for technology that can help them scale efficiently, minimally impact employees, improve business resilience, and can be deployed easily within today’s restrictive work environment. 

Business Growth

With data being created, stored, and shared in more ways than ever before, IT leaders in India are confronted with unprecedented challenges. Of serious concern are cybersecurity threats which have escalated rapidly, as attackers have looked to exploit the new environments and ways in which people are working. Cybersecurity therefore is right at the top of mind for businesses now, and CIOs and CEOs need to have a clear and effective strategy to address those concerns. According to Druva’s Value of Data Survey approximately one third (31 percent) respondents reported an increase in ransomware attacks on the organization since the pandemic began, and overall 89 percent of respondents are concerned now with protecting their organizational data from ransomware than before the pandemic.

Best Practices

The following best practices are recommended for businesses to improve their data protection

Review existing data – Before developing a backup and recovery strategy, review the current data architecture. Knowing who owns data and applications, current backup policies, and applicable regulations and requirements positions you for success.

Follow the 3-2-1 backup rule – Don’t forget the basics. Always keep at least three copies of your data, using two different backup media, and storing one copy offsite, ideally in a separate account to isolate it from ransomware attacks.

Invest in a cloud backup solution – Since data is so distributed, investing in a cloud backup solution has become a necessary line of defence in today’s modern IT landscape. Unlike on-premises backup protection, the cloud offers connectivity to all data sources, limitless storage for backups, and significantly lower management costs.

Perform regular tests –  A backup that has not been tested is a backup that should not be trusted. The best way to ensure that your backup is tested on a regular basis is to automate such testing. Not only will this ensure it gets tested more often, it will also ensure that the team will be comfortable with running a recovery when the disaster strikes. 

Bakshish Dutta 
County Manager, India & SAARC, Druva 

“We helped customers extend their IT networks and security services into the cloud in a way that enabled employees to work securely from anywhere”

Present IT Landscape

No one ever has seen times like these. As more and more companies look at remote work strategies for the long term, distributed IT environments are onlyThe pandemic shutdown accelerated the shift to cloud-first technologies and hybrid workplaces. We at Infoblox had a special view of this transformation. We helped customers extend their IT networks and security services into the cloud in a way that enabled employees to work securely from anywhere. We grew our customer base to more than 12,000 brands, including over 70% of the Fortune 500. Looking beyond 2021, we will cement our status as the DDI market share leader and look forward to growing as more organisations modernize their networking and security foundations for hybrid work.   

Best Practices

We recommend customers defend in depth by assuming attackers have already breached their corporate network. Our DDI and security products provide much needed visibility into network traffic and activities to help CASB, SOAR, and other tools in a customer’s security stack detect and remediate threats they could not see before. In a head-to-head match-up, our DNS security product, BloxOne Threat Defense, outperformed a leading competitor in detecting a zero-day threat and false positives.   

Rajeev Sreedhar
Managing Director, India/SAARC, Infoblox

“One way to combat attackers is to take a zero-trust approach, a framework founded on the notion “don’t trust anyone.”

Present IT Landscape

Digital Transformation has been the buzz for years, but the pace of transformation was slow and plodding. The global pandemic changed that. Three-year plans became three-week plans as companies of all types adjusted rapidly to the changes made in the way we live and work. Retailers had to figure out new ways of serving customers, food delivery services became a must, and millions of workers suddenly found themselves working from home. The IT services sector helps make it all happen.

Business Growth

We do not see the need for IT services to abate over the coming year. All that digital transformation that was accomplished still needs to be supported and iterated upon. And really, in this current climate of global competition, the need for transformation never really ends. Companies must continue to focus on agility, customer centricity, and driving actionable insights to remain successful. Those that do not innovate will have competition that does.

Best Practices

With the cost of data breach averaging 311.4 M INR ($4.24 million), it is imperative organizations do everything they can to keep their data safe. One way to combat attackers is to take a zero-trust approach, a framework founded on the notion “don’t trust anyone.”

The shift to home working has exposed the vulnerability of companies, individuals, and nations to rising levels of cybercrime. Extended Detection and Response (XDR) cyber security technology is coming to the fore. In a zero-trust world, XDR might as well mean “anywhere, everyone and everything detection response”. The point is that every system, every user, every drift “from the normal” in behaviour counts. To keep pace, harnessing automation, AI and machine learning is critical. The actionable threat intelligence provided through XDR capabilities could mean the difference between assured security levels or damaging hacks and data breaches.

Sunil Thakur
Country Director – India, BMC Software

The new Cyber security world expects products and services to be quick and easy to set up, scalable, self-learning, intelligent and collaborative 

Present IT Landscape

No one ever has seen times like these. As more and more companies look at remote work strategies for the long term, distributed IT environments are only going to continue to expand. The increasing dependency on digital transformation in turn exposed a huge rise in the number of cyberattacks which in turn led to an increase in overall cybersecurity investments. The worldwide information security market is forecast to reach $170.4 billion in 2022, according to Gartner. This is due to organisations improvising their cybersecurity strategy in the current times to safeguard the IT infrastructure. 

Business Growth

Digital adoption in the last few quarters in most of the industry verticals has been accelerated exponentially. Business leaders are driving the IT team to adopt disruptive technologies which give them a shorter time to market. Robotic Process Automation (RPA), AI & ML are been evaluated within all domains for the business to achieve competitive edge, enhanced functionalities, faster GTM, deeper customer satisfaction and so on. With these the old-school security frameworks must play a catch game as well as face lots of animosity from the business leaders. The new cyber security world expects products and services which are quick and easy to set up, scalable, self-learning, intelligent and collaborative with other technologies.

Best Practices

Today’s security and compliance environment is complex, and no single vendor can solve the entire problem. We do believe, however, that identity should be at the heart of cyber strategy, and CyberArk’s Identity Security platform is the most comprehensive security offering for any identity – human or machine – across multiple user types and IT environments.
Our services organisation offers a combination of technology and cyber security expertise to support partner implementations, and a broad set of tools and support are offered to partners to build demand and help create differentiation in the market.

Rohan Vaidya
Managing Director – India, CyberArk

“Our goal is to ensure that customers can support their business objectives in a secure way, delivering new functionality, improved processes, and better ROI” 

Present IT Landscape

While much has been said about changes wrought by the pandemic, what really happened was an acceleration of the shift that was already underway. It has fast-tracked digital adoption and transition to the cloud, while driving the development of new products and services for the Indian IT services sector.

Organisations have innovated both by choice and necessity, and adversaries have innovated just as rapidly. As organisations migrated to the cloud and leveraged the inherent scalability that the cloud has to offer, cybercriminals too turned their attention to these new applications and new access methodologies. McAfee Enterprise tracked a 54% increase in publicly reported cyber incidents targeting the technology sector during the first quarter of 2021. The increase in cloud usage and cloud threats requires security teams to be more conscious of the cloud threats.

McAfee Enterprise provides cybersecurity from device to the cloud with visibility and control across all threat vectors – endpoints, network, and cloud. Our goal is to ensure that customers can support their business objectives in a secure way, delivering new functionality, improved processes, and better ROI without either security getting in the way, or security being breached.

Best Practices

Cyberattacks are not only complex and constantly evolving but also have the potential to wreak substantial financial and reputational damage. These threats targeting organisations are increasing in volume and sophistication, while rapidly pursuing new vulnerabilities. With employees and enterprises adhering to a few simple, yet critical steps they can together work towards keeping valued information safe –

•    Differentiate personal and corporate devices: Avoid sharing corporate devices with family members who are unaware of optimal security practices, to prevent leaks through any personal channels.
•    Complex passwords and multi-factor authentication: Strong, complex passwords are the first line of defence in protecting against cyber threats. Take this one level further, by implementing multi-factor authentication when trying to access sensitive network areas.
•    Connect to secure Wi-Fi and use a VPN: Wi-Fi networks must be secure, encrypted, and best if hidden. Using public and unsecured Wi-Fi networks can potentially put personal and corporate data at risk. A strongly encrypted VPN can cloak your connection and keep sensitive data away from prying eyes.
•    Train to track – Conduct security awareness training inclusive of phishing simulations that use real-world tactics and allow one to identify employee and departments that are most at risk. Enable employees training to identify attacks across email, texts, and social media.
•    EDM and RDM to the rescue - Implement endpoint detection and response (EDM) and mobile device management (MDM) platforms to mitigate security risks with mobile devices, laptops, and workstations. 
•    Security software solutions: Adding an extra layer of security with comprehensive security solutions can help protect your devices and networks from potential cyberthreats. Further, updating devices’ software helps the device mount an effective protection against persistent threats. 
•    Implement CASB: Application of technologies such as CASB (Cloud Access Security Broker) cement organisational attempts in enabling data loss prevention, access control, and user behaviour analytics. Establish a comprehensive approach that is all-encompassing, yet flexible enough to rapidly respond to incoming threats. 

Sanjay Manohar 
Managing Director, McAfee Enterprise India

Cybersecurity teams must deploy new secure access approach to prevent data breaches and increase user productivity 

Present IT Landscape

The pandemic has changed how many of us do things. In a short time, companies had to increase their capacity and capabilities for remote working to keep their critical business activities going. Unfortunately, security was not always a key priority in the fast deployment of remote working capabilities. As such, we have seen an uptick in security breaches and stolen credentials in the last 18 months.

With the rise of applications being deployed in multi-clouds and the growing mobile workforce, cybersecurity teams must deploy a new secure access approach to prevent data breaches and increase user productivity.    

Dhananjay Ganjoo 
Managing Director - India & SAARC - F5

“Cyber resilience offers 360-degree threat protection and drives agile development, robust and flexible platforms”  

Present IT Landscape

The pandemic has brought in a wave of opportunities to businesses globally. Digital adoption has introduced data-driven business models and strategies to accelerate growth and increase return on investment. In the new normal where the entire workforce has shifted its base to remote, cloud capabilities have become one of the topmost priorities for organizations. This digital empowerment has played a major role in helping businesses stay relevant and drive growth since last year. Amidst the demands of the shifting market, ensuring a focused and strong IT team has become critical for business continuity and maintaining agility in operations. IT teams equipped with the necessary infrastructure can deploy solutions best suited to the customer demands thus, aiding revenue and success. In this digital economy, organizations having a flexible mindset to leverage niche technologies will stay ahead of the curve.

As we move ahead with digitization, attacks become sophisticated, and businesses face a higher risk of potential cyber breaches. According to the Indian Union home ministry, cyberattacks in India increased by almost 300% last year due to the pandemic. Thus, the integration of cyber resilience into the business framework has become the survival imperative. Cybersecurity needs to be incorporated throughout the business lifecycle to protect identity, data, and applications. Businesses must deploy an intelligent cyber resilience strategy to safeguard assets, detect changing risk surfaces, and evolve their approach towards risk mitigation. Cyber resilience offers 360-degree threat protection and drives agile development, robust and flexible platforms. It has become critical to remain ahead of the breacher’s exploitation and be quick to evaluate threats, automate actions and escalate high-risk alerts to the SOCs. At Micro Focus, we provide a vast portfolio of security solutions like Fortify, ArcSight, and Voltage SecureData Enterprise to enable our customers to integrate resiliency into their framework and mitigate breaches successfully.  

Praveen Patil Kulkarni
Country Manager - Security Risk & Governance, Micro Focus

“With the need and demand for cybersecurity products and solutions on the rise, we foresee a double-digit growth for the segment we are operating in”   

Present IT Landscape

The rapid acceleration of digitalization, which was made necessary by the outbreak of the pandemic and shift to remote working, is one of the key reasons for the strong showing by the IT services sector. The demand has generally grown and the segment has handled the chaos caused by COVID-19 in a much efficient manner.

Now, as things slowly become normal - on the back of a robust vaccination drive - employees will start getting back to office. That can stimulate other growth drivers, providing a further boost.

These are surely interesting and exciting times for the sector.

Business Growth

The pandemic has caused a massive rise in cyber threats and attacks. The latest data from CERT-In shows that India registered a total of 6,07,220 cyber security incidents in the first six months of 2021. The number was 11,58,208 for the entire 2020.

Cybersecurity has, therefore, become extremely critical for organizations as they look to safeguard their data and resources. With the need and demand for cybersecurity products and solutions on the rise, we foresee a double-digit growth for the segment we are operating in.

Best Practices

The most important thing is to follow the fundamental cyber hygiene methods. At the same time, the following aspects can help attain strong network security:

a. Zero-trust approach with strict access control based on authentication, authorization, and accounting.
b. Comprehensive visibility and zero network blind spots.
c. Implementation of automated Network Detection and Response (NDR) solution.
d. Securing the company's data and applications on a cloud network, using cloud security solutions.
e. Training the employees to make them aware of the threats and dangers.

Praveen Jaiswal
Founder and Chief Strategy Officer, Vehere

Fortinet customers sees value in its holistic platform approach  

Present IT Landscape

Fortinet delivered its highest quarterly billings growth in over five years while continuing to invest across our product portfolio. Fortinet’s customers are seeing the value in our holistic platform approach, which delivers integrated and automated security across a company’s on-premises network, endpoints, and cloud edges. We are pleased with our strong business momentum heading into the second half of the year.

Business Growth

Fortinet’s total global revenue was $801.1 million for the second quarter of 2021, an increase of 29.7% compared to $617.6 million for the same quarter of 2020.

Fortinet has over 3300 registered partners in India and we are a 100% channel business driven company. The Fortinet Engage Partner Program helps partners develop the expertise needed to deliver digital transformation through customizable programs with business opportunity as well as the programs and infrastructure in place to accelerate their growth.

Best Practices 

Shifting workforces from largely on-location to mostly or fully remote changed how companies do business. Even as organizations begin to look at bringing employees back to the office, many plan to maintain a remote or hybrid work model. With this in mind, CISOs must carefully consider the following three strategies when they secure these new hybrid environments.

1. Establish Zero Trust Access (ZTA): ZTA limits user and device access to networks, ultimately providing additional identity assurance. In addition, ZTNA works to limit user and device access to the applications needed to complete work functions. Combining these two approaches strengthens the company’s security posture. Most importantly, organizations must do this strategically by focusing on what is most important: the actual users and applications. So, user identification, authentication, authorization, and access permissions have become critical. This is what Zero Trust is all about: never assume anything can be trusted simply because it is ‘inside the perimeter’. ZTNA enables organizations to focus on access to the applications that users need, thereby creating this robust zero trust architecture.

2. Converge Security and Networking: By taking a security-driven networking approach, organizations can secure both their on-premises data centers and cloud deployments. Security-driven networking brings together SD-WAN, next-generation firewalls (NGFW), and advanced routing capabilities. Embracing the convergence of security and networking removes silos that lead to security weaknesses. With security-driven networking, the organization can design a holistic approach to cybersecurity. CISOs need to embrace the three critical layers of security: network, platform, and application. Application is the era of email security, sandboxing, and web traffic controller. At the platform level, you need Cloud Access Security Broker (CASB) and Cloud Workload Protection (CWP). And finally, the network level requires Secure SD-WAN, micro-segmentation and virtual machine security.

3. Consider Future Needs: Connectivity goes beyond application adoption. Security must be considered an extension of connectivity because it should be integrated into every technology decision. The connectivity that gives employees the ability to work from anywhere means that companies need a security model rooted in connectivity. However, this must be done in a way that makes sense for the organization’s future business plans. It is critical for CISOs to ensure that workforce mobilization technologies are scalable and eliminate security blind spots to enable greater protections for the remote workforce. 

Rajesh Maurya 
Regional Vice President, India & SAARC, Fortinet

Virsec foresees the growth to continue as digitization becomes the new normal  

Present IT Landscape

Over the past 18 months, the COVID-19 pandemic has accelerated digital transformation and driven enterprises globally to introduce new cloud-enabled products/services and minimize spends on legacy services. The Indian IT services sector is certainly witnessing unprecedented golden times during the pandemic by helping to create cloud-based service delivery, automation as well as analytics for global enterprises.

Business Growth

Certain sectors like Technology-enabled businesses, IT Services etc. will continue to grow well over 8-9% whereas other sectors like Hospitality, Aviation etc. that have suffered severe downturns during the pandemic have sharply cut their IT spends. As digitization becomes the new normal, this growth could continue for the next 2-3 years, to say the least.

Best Practices

Digitization has significantly increased the attackable surface area and there is a sudden need for connected systems. Hence, the need of the hour is a higher degree of Security Automation as it is practically impossible to keep pace with labor-intensive tuning and policy updates. Enterprises need to strengthen their cybersecurity posture with Application-aware Server Workload Protection that can protect against highly sophisticated file-less, memory and 0-day attacks right at the very first step of the attack kill-chain before any financial and/or reputation impairment can be done. 

Puneet Gupta 
Executive Director and Country Head – India, Virsec

Organizations must focus on securing accounts, the access and permissions across systems

Present IT Landscape

Events from last year have forced organizations to rethink and redesign existing business models. The global remote-work experiment has accelerated trends that already existed in the world of IT and brought both the physical and digital worlds closer for efficiency and efficacy. At the same time, this convergence has also expanded the attack surface, especially in the industrial sector. The same bad actors that were going after our computers, phones and tablets now have a way of reaching mission and safety-critical environments by targeting industrial control systems. This complex, sensitive and expanded attack surface is what more and more security teams and CISOs are tasked with managing.

IT and OT teams must find common ground that together eliminates the substantial risk factors which planned or unintended IT/OT convergence heralds. This means that a great deal of effort needs to be expended towards tracking assets and monitoring the network for indicators of compromise and vulnerabilities. Stopping this type of attack requires the ability to understand the complete attack surface and 'see' the attack.

Best Practices

Cyber risk is a business risk in that cyber threats have the potential to cost organizations millions of dollars in cleanup, lost business and reputational damage. To stay a step ahead, organizations need to get the basics of cyber hygiene right. They need to take a holistic view of their infrastructure by identifying assets and systems critical to the business, determining which vulnerabilities exist within these core areas that are being actively exploited and updating these systems to fix those flaws first. In tandem, the focus must also be placed on securing accounts -- employees, service contractors, temporary workers, systems accounts and others -- and their access to and permissions across systems.   

Kartik Shahani
Country Manager, Tenable India

“Skybox models each customers’ unique threat landscape to understand how they could get breached”

Present IT Landscape

Cybersecurity has entered the forefront of the global public conversation. With the new normal and WFH culture that many global organizations have adopted, cybersecurity is of utmost importance for the CEOs and board. Cybersecurity is also no longer confined to enterprise IT networks. New threats are now targeting critical infrastructure, including water, food, and energy supply chains, forcing business and government leaders alike to adopt a more comprehensive and proactive approach to security posture management. This is also opening doors for a more optimized and improvised approach to overall security management.

Business Growth

Skybox Security increased new subscription-led customer business by 86% in the first half of 2021. During the same timeframe, the company achieved 30% growth in key industries, including government, healthcare, manufacturing, and financial services. Skybox Security has accelerated global expansion throughout Europe, the Middle East, and Africa (EMEA), as well as new headcount planned for the Asia Pacific and Japan (APJ) regions. Skybox Security’s accelerated expansion comes on the heels of high-profile cyberattacks that put the spotlight on why a data-driven, risk-based approach to Vulnerability Management is mission-critical.

Best Practices

There are two critical questions that every CISO must be able to answer to their board: Can you prevent a ransomware attack? And can your company recover quickly? To answer those questions with confidence, leaders need full visibility and understanding of their attack surface. Insights can highlight the right exposures to take action on – which is only possible through a multi-dimensional network model. With Skybox Security, CISOs can confidently prove they closed the most dangerous exposed vulnerabilities and gained visibility of traffic traversing using network segmentation principles, ultimately preventing cyberattacks from damaging the business. Skybox models each customers’ unique threat landscape to understand how they could get breached. The best breach is one that never happens. 

David Joseph
Regional Sales Director - India & Bangladesh, 
Skybox Security