In our rapidly evolving digital world, cybersecurity is paramount to safeguarding organizations against relentless cyber threats. As cyberattacks continually outpace security solutions, the need for a proactive approach has never been more pressing. Building a cyber-resilient company not only demands robust security measures but also a workforce educated about cybersecurity. This involves understanding the evolving threat landscape and implementing best practices. Cultivating a culture of cyber awareness is not just vital; it’s essential to protect businesses and preserve the integrity of the digital realm.
On the occasion of Cybersecurity Awareness Month 2023, CXOToday spoke to industry leaders to understand what they have to share with regards to the significance of digital security to #SecureOurWorld.
Let’s take a look:
“It’s that time of the year when we delve into the realm of cybersecurity awareness, encompassing the basics of data sharing and protection. Cyberattacks can significantly impact our daily lives, our economy, and national security by targeting our computer systems and networks, resulting in data destruction, corruption, or theft. To counter these, cybersecurity vigilance is imperative for both businesses and individuals. It needs to be a shared responsibility across any organization.
Businesses should enhance their security posture by first gaining visibility into potential gaps and attack paths. The earlier an organization can detect an attack, the less impact it will have on the business and the easier it will be to resolve. Then, they need to prioritise identity and cloud protection. This involves investing in agentless capabilities to protect against misconfiguration, control- plane vulnerabilities, identity-based attacks, as well as runtime security measures to protect cloud workloads. It’s also essential to understand potential adversaries by investing in comprehensive threat intelligence and regularly conducting tabletop exercises and red/blue teaming to identify gaps and eliminate weaknesses in an organisations’ security framework. Cyber-educating employees to recognize and report threats further strengthens the security fabric.
For individuals, it’s important to remain vigilant and adopt a ‘verify before trust’ mindset as the rise of generative AI introduces complexities in distinguishing real from fake content, particularly in emails. In the past, spear-phishing attempts were often riddled with spelling and grammar errors, making them relatively easy to detect. However, with ChatGPT, the quality of these malicious communications are improving, making them harder to identify. Moreover, synthetic media like DeepFakes allows adversaries to convincingly mimic trusted individuals on video calls, amplifying social engineering threats. This might contribute to heightened skepticism towards online content, impacting public trust in information from public figures.
Furthermore, individuals should exercise caution when sharing private data and consider the security measures of organizations they engage with. Using strong passwords, regularly updating passwords, multi-factor authentication, regular software updates, precaution against phishing attempts, data encryption on public networks and responsible data sharing are a few fundamental practices.” – Jhilmil Kochar, Managing Director, CrowdStrike India
‘‘As the digital world becomes a reality, the narrative for defenders worldwide has been rewritten. Security resilience has become paramount to navigate the interconnected world and counter the expanding threat landscape. While some progress has been made, not enough businesses are cybersecurity-ready to take on the challenges that our increasingly hybrid world has created. A Cisco study indicates that only 24% of organizations in India have the mature level of readiness needed to be resilient against today’s modern cybersecurity risks.
At Cisco, we strongly believe that security is a collective responsibility. By leveraging our cutting-edge technologies, industry-leading expertise, and fostering collaborative partnerships, we drive innovation and construct resilient security architectures. Additionally, we empower individuals with the knowledge and skills to safeguard themselves and their organizations from cyber risks.
As we celebrate Cybersecurity Awareness Month, cybersecurity readiness and resilience must be a priority for all. To enable effective security in a world of evolving threats, it’s vital to secure the people and devices that connect to the network. If a device is connected, it needs to be protected. Ensuring that organizations adopt an integrated platform approach to secure identity, devices, network, applications, and data with a mix of point tools and integrated platforms will help businesses achieve security resilience while reducing complexity. Together, we can build a future where trust and security thrive, empowering individuals and organizations to embrace the limitless potential of the digital era.” – Samir Kumar Mishra, Director, Security Business, Cisco India & SAARC
“In today’s digital landscape, cybersecurity forms the bedrock of organizational integrity and resilience. Safeguarding sensitive information and preserving internal and customer data are imperatives. As cyber threats continually evolve, enterprises must proactively harness cutting-edge technologies.
In this dynamic scenario, AI could be leveraged as a transformative force in combating complex Cyber attacks. Its rapid data analysis and anomaly detection provides organizations a crucial advantage. According to Markets and Markets Research, the global AI in cybersecurity market, valued at just over USD 22 billion in 2023, is projected to soar beyond USD 60 billion by 2028—a staggering increase!
Accessibility is another cornerstone of cybersecurity. Tools like ChatGPT and DALL-E have democratized AI, moving it from the realm of experts to being accessible to nearly everyone.
Security is a shared responsibility. Controls like cybersecurity education, robust password policies, two-factor authentication, and up-to-date software are essential. Embracing a zero-trust policy, which prioritizes continuous validation over implicit trust, is an emerging paradigm. This approach ensures visibility and control over all traffic and users, enhancing security without compromising accessibility.
Crucially, leadership commitment, employee cyber hygiene, and interdepartmental collaboration are vital for building a cyber-resilient organization. A united front against cyber threats is far more effective than isolated efforts. By adopting these practices, organizations can fortify their defenses and navigate the evolving landscape of cybersecurity with confidence.“ – Satya Machiraju, Vice President IT & Information Security, Whatfix
- Equinix India
“In the wake of the COVID-19 pandemic’s economic turmoil and infrastructure vulnerabilities, it’s imperative for companies to embrace emerging technologies like AI and enhance their digital infrastructure for both agility and security. With cyber threats escalating in frequency and intensity, AI adoption introduces new security challenges, demanding a more complex, multi-dimensional security approach that recognizes the evolving nature of network perimeters.
To meet these challenges, forward-thinking companies rapidly upgrade their enterprise technology architecture, integrating and managing AI models while keeping security at the forefront. They understand that cybersecurity is no longer the exclusive responsibility of specialists; it’s a top priority for all digital leaders, given the sophistication and collaboration of modern threat actors.
AI and machine learning hold promise in bolstering cybersecurity. By harnessing their predictive and analytical capabilities, these technologies can swiftly detect and respond to evolving cyber threats. However, the implementation of AI-driven cybersecurity solutions raises ethical and privacy concerns. Striking a balance between security and individual privacy is crucial, ensuring responsible and transparent handling of personal data.
Continuous updates of AI and ML models are essential to stay ahead of emerging threats. Companies must invest in ongoing model refinement to enable AI systems to adapt and learn from new threats effectively. We can navigate the cybersecurity landscape more effectively and responsibly by leveraging AI’s potential while addressing ethical and technological considerations.
At Equinix, we are dedicated to addressing the challenge of delivering AI infrastructure that provides worldwide connectivity, security, and proximity for every enterprise. Our partnership with NVIDIA combines the strength of its AI capabilities with Equinix’s global reach and extensive ecosystem access, enabling us to democratize the power of AI. Platform Equinix is designed to empower our customers in various fields, from data analytics to scientific computing and AI development. This support is critical in reducing model training time and accelerating the machine learning development process, ensuring that businesses can harness AI’s full potential.” – Manoj Paul, Managing Director, Equinix India
- Trend Micro
“In this digital age where virtually every facet of our lives is online, cybersecurity and data privacy are central to any organization’s operations. With the emergence of Generative AI and the increasing sophistication of cyberattacks, organizations face an ever-growing need to reinforce their data protection measures. According to IBM Security’s Cost of a Data Breach Report the average cost of a data breach in India reached a record ₹17.9 crore in 2023, shooting up 28% since 2020. Concurrently, our own Mid-Year Cybersecurity Report 2023 also highlights how in the first half of 2023, sectors vital to the nation’s economy, including Banking, Manufacturing, and Government, went on high alert, as they grappled with a growing wave of cyber challenges. The current situation underscores the need for not only proactive cybersecurity strategies but also the reinforcement of our cybersecurity systems. Effective digital attack surface management begins with the right tool: a unified cybersecurity platform that easily integrates with your current security setup and includes a wide range of third-party options. Above all, a shift towards a unified cybersecurity approach is the key.” – Sharda Tickoo, Technical Director, India & SAARC at Trend Micro
“Cybersecurity is an ever-evolving battleground, and we cannot underestimate the power of AI and ML in cybersecurity. Qlik achieves the dual goals of data privacy and security by harnessing the transformative power of generative AI. AI and Machine Learning are invaluable for processing vast datasets to uncover hidden patterns outliers, and predict future events. The fingerprints of cyber threats are often concealed in massive data streams far beyond the reach of human analysis. Moreover, the threats themselves constitute anomalies that are hard to identify. AI can detect threats, anomalies, and emerging patterns within these data streams on a scale and speed that provides actionable windows for response. These action windows are critical for minimizing risks, exposure, and potential damage. AI systems, operating swiftly, can pre-emptively discern threat attributes, promptly alerting security teams and enhancing human response mechanisms.” – Sean Stauth, Global Director AI and Machine Learning, Qlik
7. Happiest Minds Technologies
“Cybersecurity Awareness Month serves as a critical reminder of the importance of protecting digital assets in today’s interconnected world. As the theme of this year is “Secure Our World”, Happiest Minds Technologies has integrated Gen AI and other technologies into its cybersecurity offerings to help its customers to stay ahead of the curve and protect themselves from the latest cyber threats.
As a digital transformation and IT Solutions Company, recognizing the significance of roles like the Chief Zero Trust Officer (CZTO) ensures that security remains a top priority, instilling trust among stakeholders and customers alike. A CZTO will safeguard reputation, enhance resilience, and foster a cybersecurity awareness culture. They will oversee the implementation and maintenance of the zero trust framework within an organization
At Happiest Minds Technologies, we believe that cybersecurity is not just a one-time event. It is an ongoing process that requires continuous vigilance and education. We are committed to helping our customers and employees build a safer digital future. During this Cybersecurity Awareness month, let’s collectively renew our dedication to cybersecurity. By embracing robust security practices and recognizing the pivotal role of the CZTO, we can create a safer digital environment that empowers businesses to thrive amid ever-evolving cyber threats.” – Vijay Bharti, Chief Information Security Officer (CISO) and Senior Vice President of Cyber Security practice, Happiest Minds Technologies
“Data is the most valuable (and hence vulnerable) asset for businesses today. Advanced technologies like AI and ML will help drive data-driven decisions , further accelerating business growth. That said, both end users and technology providers will need to exercise caution and look at the vulnerabilities that come with the use of these technologies.
The use of emerging technologies can be akin to two sides of the same coin. While technology providers leverage it to thwart attacks, attackers use AI to launch attacks that are harder to detect.
Today ransomware is one of the biggest threats to data security, with attacks and attackers getting more sophisticated. Recent data by SonicWall shows a 133% rise in ransomware along with a 311% increase in IoT attacks in India alone. As solution providers, we need to fortify the landscape as much as possible, and be able to anticipate evolving threats, and test our resilience against them.
Gartner predicts that by 2024, organisations adopting a robust cybersecurity architecture will reduce the financial impact of security incidents by an average of 90%. As a means of addressing such challenges, we recommend monitoring for abnormalities in the storage solutions, post which its access to the main network can be cut off while taking remedial measures.” – Puneet Gupta, Vice President & Managing Director, NetApp
“This month marks the 20th annual Cybersecurity Awareness Month with governments and industries worldwide coming together to increase awareness for cybersecurity challenges and threats. The 2023 theme for Cybersecurity Awareness Month is “Secure Our World” – emphasizing how individuals, families and small- to-medium-sized businesses can bolster cybersecurity through simple, but critical, measures. These include setting stronger passwords, activating multi-factor authentication, recognizing and reporting phishing attacks, and regularly updating software.
The digital transformation sweeping every facet of our lives is mirrored by an ever-evolving online threat landscape. The Sophos The State of Ransomware report for 2023 reveals that 73% of organizations in India that responded to our survey have reported being hit by ransomware in 2022. Therefore, it is critical for all businesses to implement robust cybersecurity solutions capable of detecting and responding to threats in real-time. It is also incumbent on each and every individual, in their personal and professional capacities, to maintain constant vigilance and to take precautionary measures to safeguard our collective digital sphere against malicious” actors. Together, we can secure our world. – Sunil Sharma, Vice President, Sales, Sophos India & SAARC
10. Veeam Software.
“With another Cybersecurity Awareness Month upon us, it’s a timely reminder of how important ongoing education and upskilling in the sector is – across all levels. We’ve seen several major cybersecurity incidents make waves across APJ, such as the Latitude and MOVEit data breaches, fueling ongoing conversations around how data is stored. The conversation is shifting from how a hack happened, to how organisations are protecting data, particularly how they are storing it. Data breaches are not only a threat towards reputation, attackers can also encrypt data, making it unrecoverable. Businesses should no longer think “if we get hacked” but rather, “when we get hacked, what is our recovery plan?”. By ensuring data recoverability, businesses can ensure business continuity in the case of a cyberattack.
Veeam’s 2023 Ransomware Trends Report revealed an overall increase in cybersecurity investment from organisations across Asia Pacific, with cyber prevention and backup budgets increasing by 5.4% and 5.6% respectively. For organisations to fully benefit from this increased investment, it is essential that they maintain strong communication across teams within the business, such as between IT and senior management. This ensures there is a clear and consistent cyber strategy in place with a business continuity plan to ensure efficient recovery in the case of an attack.
IT leaders need to prepare their businesses for any attack. Finding the right backup solution and storing data smartly are precautions that businesses should take in addition to ongoing education and upskilling of employees on how to evaluate new technologies. Regularly maintaining the security of users, networks and data can reduce the chances of getting hacked and minimise data recovery time in the case of a breach.” – Mr Sandeep Bhambure, Managing Director and Vice President -India & SAARC, Veeam Software.
11. Dell Technologies
“In this age of connectivity, where the internet has become an integral part of our daily existence, protecting our online privacy is paramount. As a country progressing rapidly towards a digital future, we need to respect and understand the significance of preserving the privacy and security of our personal data.
At Dell Technologies, we realize the importance of privacy in driving progress in the digital era. As we navigate the digital landscape, Dell Technologies remains committed to empowering individuals and businesses with the tools and knowledge to ensure their online privacy remains inviolate. Our mission is to provide industry leading solutions and spread awareness to not only enhance digital experience for businesses and individuals, but also, fortify everybody’s online privacy. Together, we can create a safer and more secure digital world for ourselves and future generations.” – Ripu Bajwa, Director and General Manager, Data Protection Solutions, Dell Technologies India
Cybersecurity and data privacy are of paramount importance for every organization in today’s digital landscape. Protecting sensitive information, both customer and internal, is not just a legal requirement but a fundamental trust-building measure. Data breaches and cyberattacks can result in severe financial losses, damage to reputation, and legal consequences. Moreover, safeguarding data is crucial to maintain the trust of customers and business partners. Ensuring robust cybersecurity measures not only guards against data breaches but also preserves the integrity and confidentiality of an organization’s operations.
In FY23, the total amount of fraud in the digital payment category was INR 276 crore in India. Investing now can save millions. Encryption, multi-factor authentication, frequent security audits, and extensive employee training programmes to raise cybersecurity awareness are essential for preventing data breaches. Working together with cybersecurity specialists, remaining up to date on new threats, and following industry best practices are also crucial. 51% of organizations are planning to increase security investments as a result of a breach, including incident response (IR) planning and testing, employee training, and threat detection and response tools, according to an IBM study.
Mastercard recognizes the significant and growing impact of data breaches on corporations, both in terms of financial losses and reputational damage. We place a strong emphasis on cybersecurity and data protection as a core part of the business strategy. Through our products such as Ethoca, Ekata and RiskRecon, we have taken a significant step towards addressing any security breaches swiftly and effectively to make the business ecosystem safer. Our holistic approach reflects a steadfast commitment to cybersecurity, ensuring safety and trust of customers in an ever-evolving digital landscape. – Mr. Joy Sekhri, Vice President Cyber & Intelligence Solutions, South Asia, Mastercard
“In an era defined by digital transformation, India stands at the cusp of unprecedented technological growth. The proliferation of the internet has brought immense opportunities and conveniences, but it has also ushered in an era of heightened cyber threats. At Digicert, we recognize the imperative for increased awareness surrounding internet security in India. The threat landscape in India is evolving at an alarming rate. With the rapid digitization of services, businesses, and personal data, cybercriminals are becoming increasingly sophisticated. Phishing attacks, ransomware, data breaches, and other malicious activities are on the rise. India has witnessed a surge in cybercrimes, affecting individuals, organizations, and even government bodies.
It is crucial for all stakeholders to acknowledge the gravity of this situation and take proactive measures. Awareness is the first line of defense. By educating individuals and organizations about the importance of internet security, we can mitigate the risks and build a resilient digital ecosystem. This includes implementing robust encryption, strong authentication measures, and keeping software and systems up to date.
Digicert is committed to advancing internet security in India. The underpinning of Digital Security is Digital Trust. From securing online communications, to keeping software safe, to safeguarding connected devices ,to certifying the security of digital documents, Digicert provides cutting-edge solutions across the trust lifecycle, including SSL certificates that are invaluable to establishing Digital Trust, and thereby Digital Privacy. However, our mission goes beyond technology. We actively promote awareness, empowering Indians to make informed choices and safeguard their digital lives.
In this interconnected world, collective vigilance is paramount. Together, we can navigate the complex threat landscape and create a safer, more secure digital environment for India’s future.” – Mr. Anant Deshpande, DigiCert Regional Vice President, India & ASEAN