With organizations transitioning to the cloud, the necessity for advanced threat detection tools becomes paramount. Commvault advocates for a multi-layered approach utilizing AI and ML for early threat detection, offering a holistic view of an enterprise’s cyber threat landscape. This proactive stance is crucial to prevent threats before they materialize and safeguard data from sophisticated attacks like ransomware, opines Balaji Rao, Area Vice President, India & SAARC, Commvault
Some edited excerpts from the interview:
What are the gaps that leave customers vulnerable during a potential data breach?
According to CERT- in, ransomware attacks in India soared by 53% in 2022, over the incidents reported in 2021. Successful data breaches and cyber-attacks occur because attackers can easily exploit security gaps.
There are mainly three major pervasive security gaps that we are observing across the board, irrespective on the sector the organizations are operating in:
Technological: The surge in public cloud adoption is leaving customers vulnerable to data breaches due to misconfigurations, shared responsibility misunderstandings, and inadequate identity management. Lack of visibility and control, encryption lapses, and dependency on cloud providers without putting additional security measures in place often heightens the risks. Compliance challenges and supply chain vulnerabilities further contribute to potential security gaps in a hybrid cloud environment.
Procedural: Weak access controls and excessive user privileges have led to most common attacks that have resulted in massive data breaches and outages including phishing, the use of stolen credentials, advanced malware such as ransomware.
Human: Human error in cybersecurity breaches has been a long-standing problem. Weak password security, shadow IT, neglecting software updates, and improper management of personal data are some of the most common human errors that lead to cybersecurity breaches.
How has cyber defense technology evolved over time? Which technologies ensure breach containment in a ransomware-hit world?
The cybersecurity paradigm has gained greater importance in the post-COVID era. The techniques and prevalence of ransomware attacks has evolved significantly as organizations made their move to the cloud, seeking to benefit from the flexibility, speed, and potential cost savings.
As methods to attack digital assets become more refined over time, the risk mitigation strategies and threat detection tools also need to be evaluated and addressed. According to a recent IDC-Commvault study, 59% respondents anticipate that the recovery process from a cyber incident may extend over days or weeks. Such prolonged recovery periods are deemed unacceptable in the effort to ensure the uninterrupted continuity of business operations.
Fortunately, enterprises are shifting from a reactive to a proactive approach towards modern cyber resilience. Early threat detection strategies like cyber deception gives a holistic view of an enterprise’s cyberthreat landscape, helping prevent threats before they happen and defend data. It is a strong step toward building a multi-layered approach, harnessing the capabilities of AI and ML to help identify vulnerabilities and detect patterns and anomalies in data.
How often should companies revise their security and resilience framework?
In today’s dynamic business landscape, leaders should shift their focus towards cyber resilience as the primary goal of data security. The negative forces present difficult challenges to navigate, and organizations must take a big leap in the coming year to better plan, invest, and mature their cybersecurity disciplines.
Additionally, many enterprises review their security postures for application development and deployment every 5 to 10 years. Given the increased exposure to attacks, companies cannot sustain the same security posture for five years. Ideally, they need to reassess their cybersecurity strategies every two years.
CIOs must actively collaborate with the security team to evaluate products and platforms and ensure secure technology adoption and insertion of security processes into the workflow. Organizations must also increase the decibel levels on malware scanning and the use of AI- threat scan. Furthermore, the board need to be actively involved enterprises bolster organization’s cyber resiliency and chalk out a blueprint for data resilience that extends to the edge of their environments.
What changes has the cyber landscape encountered in 2023? How has Commvault helped its customers mitigate risks?
In 2023, cybercriminals delivered a wave of highly coordinated attacks far more advanced than ever. To battle the worsening ransomware attacks, CIOs shifted their focus to determine what can be done to mitigate threats and enhance resiliency and recovery. AI and ML have become welcome allies, aiding data-driven organizations to decipher the torrent of incoming threats.
To address the growing concerns in the ransomware age, Commvault recently launched Commvault Cloud – a revolutionary hybrid enterprise solution powered by our Metallic AI, unifying data protection, security, and AI-driven cyber resilience.
Beyond mere consolidation, Commvault Cloud is purpose-built for cyber resilience, empowering users to anticipate threats more efficiently, execute clean recoveries, and expedite response times to threats—all while maintaining the lowest total cost of ownership (TCO).
Going forward, what should CIOs expect from the cyber threat landscape?
2023 has been a year of drastic changes in the cybersecurity industry. Attackers are using new-age technologies like ChatGPT to refine malware, personalize phishing emails, and fine-tune algorithms designed to steal privileged access credentials. According to Cybersecurity Ventures, the cost of cybercrime will hit $8 trillion in 2023 and grow to $10.5 trillion by 2025. These threats are only expected to rise as attackers use less familiar attack methods to infiltrate global organizations.
As we look ahead at 2024, these are the top three cybersecurity threat trends that security professionals must be preparing to repel –
• Living Off the Land (LOL) techniques– It is a form of highly organized and targeted hacking where threat actors leverage utilities readily available within the target organization’s digital environment. If network hygiene isn’t followed, it can even lead to disabling security services. To evade this threat, organizations need to change their defenses, introducing realist decoys to trick bad actors into engaging with false resources.
• Artificial Intelligence (AI)- With the introduction of generative AI, organizations have witnessed an uptick in attacks. Hackers are utilizing AI to understand the defense mechanisms of organizations to prevent attackers from penetrating their environments. Organizations must strengthen their defensive AI capabilities to meet threats head-on with real-time visibility and early warnings that support a proactive defense posture.
• Ransomware-as-a-Service- The rise of RaaS is a dark trend, making it easier for ransomware developers to wreak havoc on organizations worldwide. In this perilous digital landscape, organizations must double down on their cybersecurity activities. A robust cybersecurity strategy with modern and up-to-date security technology like cyber deception is the key to survival in this ever-shifting world of cybercrime. To be prepared for what’s to come, organizations must break the silos between security and IT operations and shift their thinking towards a collaborative resilience strategy and IT infrastructure that fights through cyber-attacks.