Express Computer
Home  »  features  »  Making Security Intelligent

Making Security Intelligent

0 28

CIOs and CISOs are looking for comprehensive, smart solutions that can help them not only detect threats, but also analyze, correlate and respond to incidents in real time
By Heena Jhingan

The year 2013 was a testing one for the global IT security market, including India. According to Cisco’s 2014 Annual Security Report, globally, overall vulnerability and threat levels reached their highest in 2013, ever since the company began tracking the trends in May 2000.

The report reveals that 2013 was a “particularly bad year”, with the cumulative annual threat alert levels increasing by 14 per cent since 2012.

While skeletons tumbled out of whistle blower Edward Snowden’s closet, making glaring revelations to the world about the US government’s snooping tactics, one of India’s sensitive organizations — the Defense Research and Development Organization (DRDO) became a victim of security attack (perceived to be an Advanced Persistent Threat). Though it wasn’t the first time that a government agency’s IT security had been breached. It had happened in the past to Border Security Force, IRCTC and Andhra Pradesh government as well, but this time, the country’s most critical systems had been intruded.

According to the data compiled by the Indian Computer Emergency Response Team (CERT-In), more than 1,000 government websites, storing critical and sensitive data concerning national security, have been hacked by cyber criminals over the last three years. The DRDO breach was yet another evidence of the vulnerability of the country’s systems.

The Government of India later responded by announcing the National Cyber Security Policy 2013 to safeguard both physical and business assets of the country. However, the concerns around IT security do not get resolved here alone as data security threats dog the country’s public and private enterprises alike.

A recent Dell Global Security Survey finds that over 6 in 10 IT decision-makers surveyed from Indian companies, claim that security will be their top priority in the next 12 months, compared to the global average of 38%. Security has thus, emerged as a top priority for IT heads across the country.

So much so, as Tarun Kaura, Director- Technology Sales – India & SAARC, Symantec puts it, “The budget sanctions for security solutions are now coming directly from the CEOs’ offices. Despite the currency fluctuations and IT budgets being slashed by at least 30% for most enterprises, the business for the vendors like us did not take a hit as orders continued to pour in,” he says.

Jagdish Mahapatra, Managing Director, India and SAARC, McAfee quotes an industry report that estimates the total enterprise security market in India to be US $ 234 million for the year 2014, contributing the highest growth for APAC region at 16.3% CAGR. He says, “Next generation firewall, endpoint, web gateway, email gateway among others, constitute the biggest growth drivers in this market.”

Research firm Gartner finds that the three main trends shaping the security market moving forward, are mobile security, big data and advanced targeted attacks. With an increasing influence of bring your own device (BYOD) on the IT landscape, it is one of the major drivers of growth for security solutions today.

Trends presaging the security space include increased threats to the “Internet of Everything” or (IoE), more and bigger data breaches, and law enforcement challenges.

Gartner predicts that security of embedded technologies that organizations have right now, may be the most important operational responsibility for them in 2020. The firm says digitalization will create new infrastructures and new vulnerabilities to these infrastructures. It recommends that enterprises build a portfolio of security vendors because no single vendor addresses more than a fraction of the problem, and establish more agile security processes.

Over the last couple of years, business needs  have evolved, companies seeking greater flexibility and agility are embracing mobility, virtualization and cloud computing. The nature of threats has evolved as well, taking advantage of more open networks with targeted and persistent attacks. Security companies must also respond with flexible, adaptable data and threat protection that follows the data wherever it goes, as in the era of the cloud, the enterprise data could be residing anywhere.

Besides, these changes are a sign of the tectonic shift that has happened in mindset and the focus from just infrastructure to information or data. Market analysts say data is the most valuable asset in the entire ecosystem. 64% of India organizations responded to Dell’s Global Security Survey saying losing critical business data is the greatest concern for them.

The new threat scape
If an enterprise today thinks it is fairly secured, Surendra Singh, Regional Director – SAARC at Websense says its time to rethink as the attackers are also in investing in ways to outsmart these solutions.    

The enterprise security invasion game has changed from script kiddies (unskilled individuals, who use scripts or programs developed by others to attack computer systems and networks), hacktivist groups, organized groups to nation states being involved.

“Cyber criminals today use the advanced targeted attacks (ATA), also called Advanced Persistent Threats (APT), methods to breach security controls of large networks that usually focuses on penetrating commonly deployed security controls such as signature-based antivirus and signature-based intrusion prevention. Once they successfully breach security controls  on an organization’s network, they constantly try to target the organization’s internal network using secondary attack strategies. To mitigate such threats, enterprises need strong defense strategy across multiple security controls,” says Govind Rammurthy, MD & CEO, eScan.

Therefore, says Dhanya Thakkar, Managing Director, India & SAARC, Trend Micro, “An optimum IT security should encompass effective solutions to protect the business, a complete solution that enables enterprises to detect, analyze, adapt, and respond to targeted attacks against the organizations.”

“Although organizations often focus on protecting against existing threats and  known vulnerabilities, the next generation threats have become more sophisticated and are previously undetected, resulting from mega trends and behaviors as organizations deal with BYOD, big data, cloud, mobile computing, Internet of Things, and mobile apps. Today, organizations need to be well-equipped to ensure protection from both existing and previously undetected threats and a predictive and context aware security fabric that will evolve and adapt to business needs,” adds Murli Mohan, General Manager, Dell Software Group, India.

Of mobile and cloud
India’s security understandings and needs are maturing at a rapid pace. Rammurthy of eScan observes while a couple of years back, BYOD had absolutely no or a miniscule influence on the security landscape, 2013 has witnessed a sudden increase when it comes to large scale tablet and smartphone deployment.

Going by IDC estimates, India will emerge as a very strategic market for smartphone shipment in the next couple of years. While the unit shipment was expected to reach 155.6 million in 2013, which is a phenomenal increase the research firm believes, last year, the smartphone sales in India surged almost three-fold.

Rammurthy points out that though till recently, Linux was touted to be the next best thing, to save on license and deployment costs, but that OS has now been relegated to the back bench, with Android and Chrome taking over Linux’s place.

A trend that Trend Micro observes to have kept security experts on heels, was an increase in mobile threats, something that is expected to continue in 2014. Thakkar notes, “Among the familiar threats, an increasing sophistication in attacks against mobile banking, mobile malware was noticed and is expected to cross the 3 million mark for Android in 2014. And the expiration of support for both Windows XP and Java 6 together will create an unprecedented pool of vulnerable users for attackers. Therefore, the security piece has become utmost important in the mobile device management (MDM), extending not to just device, but application as well”

Another technology trend that has been making waves across the world and in India is cloud. While cloud impresses, CIOs from a TCO optimization perspective, it is a platform where they resist putting their business-critical data.

Dell Global Security Survey finds that many organizations today use cloud computing, potentially introducing unknown security threats that lead to targeted attacks on organizational data and applications. The report finds that

73 % of respondents in India currently use cloud and of which, 21% said cloud apps or service usage were the root cause of their security breaches.

Jayantha Prabhu, Group CTO, Essar, explains that both virtualization and cloud are kind of platforms that offer substantial ‘sharing’ solutions which is quite far from the legacy isolated and dedicated in- house host-based environment. This adds up more concern about the applicability of security measures.

He says, “At Essar, a simple but robust policy for virtualized environment provided a solid base for a secured environment. In case of public cloud, a detailed assessment of selecting applications based on their criticality was done before hosting them in the 3rd party environment. Low critical applications were hosted out in public cloud and security related to that environment has been dealt with accordingly.”

He feels that the new IT and threat environments have led the CIOs  to revisit their security strategies and adopt solutions that are smarter, more comprehensive and offer greater control.

Advanced and persistent
So, the vendors are now thinking beyond the traditional anti-virus solutions, sprucing up their offerings to include anti-advance persistent threats solutions, next generation firewalls, application security solutions, privilege password management solutions and DDoS and data leakage protection solutions. These solutions protect organizations against the advanced threats that are proliferating in the network, points out Amal Bhattacharya, General Manager & Head – Presales and Strategic Opportunities (ITS – GIS), Wipro Ltd.

Organizations have recognized the importance of securing the endpoint and have upgraded the anti virus at the endpoint to endpoint security solutions, covering anti-virus, host-based firewall, and host-based IPS. Additionally, encryption for endpoints has also been a key focus for organizations to protect the data at the endpoints.

With security breaches in large organizations causing monetary damages and loss of brand reputation, organizations have started focusing on security with greater caution. Additionally, regulations in verticals like Banking and Telecom have necessitated organizations to focus on security compliance and invest to ensure that they are secure and meet the regulations.

“In 2013, we picked up some of the major deal security solutions deals from state governments and some large deployments with telcos to meet advance security threats were also taken up this year,” he says.

However, Singh of Websense says, not all segments of security solutions grew. In fact it has been a mixed bag .

Venkatesh Swaminathan, Country Head, The Attachmate (Novell, NetIQ, Suse, Attachmate ) Group India agrees, saying that there has been an increase focus on identity and access  management and end point security.

“Enterprises demand solutions that can help them collate logs and do intelligent reporting, including behavioral patterns. The new RBI guidelines around access, authentication and self service passwords have generated interest in advanced solutions.”

According to Mahapatra, SIEM (Security Information and Event Management) is no longer a viable solution, unless it provides the ability for real time incident analysis, compliance and response taking into consideration every device connecting and communication within an organization. The requirement is to bring together event, threat, and risk data with security intelligence which will facilitate rapid incident response and the ability to make real-time decisions as to the security posture of the organization and how to make better informed decisions on how to protect the organization.

Swaminathan cites the example of a mutual fund company that uses their solution for about 15 lakh users and the concurrency rate there, is about 200,000 users. For this, the company uses their single sign-on solution. Similarly, he adds that a large government client (power sector) uses its identity access management solution for its 40,000 employees.

Interestingly, it is not just the telcos and BSFI users that are aggressively investing in security, verticals like Pharma are showing amazing pace of adoption of security solutions. Another FMCG client uses their privilege management solution for 200 servers and the system is managed by the administrator.

Kaura of Symantec says that the industry now expects management of entire life cycle of security. He picks up another example of an insurance company that claims to close all insurance buying processes with the help of their field staff on the move.

“The staff has tablets and they key in all the customer information on the device. In such cases, securing the information processing is a challenging task. In all verticals like BPO where the attrition rate is high, securing information at each level is critical,” he says.

For this, the enterprises need to have a well defined policy to guard the C-level information. The IT head must have a control over who and what devices have what information. While formulating security policies, enterprises should focus on development of local and external threat intelligence, testing and educating employees against social engineering attacks, formulate mitigation and cleanup strategies in case of an attack, deploy custom defense solutions to protect against APTs and protect company data through data protection and management solutions.

An area where most Indian enterprises lack, is management of these security solution. Data centers hosted in India are becoming increasingly common, security for data centers by managed security service providers (MSSP) is a big trend. As per CERT-In reports, India faces a shortage of about four lakh trained cyber security professionals, and therefore, enterprises are increasingly relying on managed security services.

While most most systems and CIOs are reactive to security threats, very few have the capability to simulate threats.

Dhiraj Gaur, Senior Engineer- IT, Power Grid Corporation of India, feels that the organizations need to be proactive and must test their preparedness to deal with threats from time to time.

He says that at government agencies like theirs, the critical infrastructure is always air-gapped and no confidential data is shared on Internet-connected machines, and even on the employee side, several checks and balances have to be put in place. They have IPS firewall solutions and then they run correlation on logs. “We have DLP (data leakage prevention) solutions in place. Security has become so important that we think of it even while procuring non-IT infrastructure, checking the source of codes, etc. so that there is no back door control, especially by hostile companies like China.”

“One of the easiest ways of testing one’s security strength is by participating in the mock drills conducted by CERT, where virtual machines run in parallel, and the agency poses various threats. The organizations are later rated on the basis of their responsiveness and ability to deal with the attacks,” Gaur explains.

In an era when almost every component of IT is available as a service, security too is available on demand.

Buy SaaS with care
With cloud-based security, eliminating the cost and hassle of provisioning, managing, and scaling security hardware and software is an easy route for the enterprises. However, as of now, it is a phenomenon among the small and medium enterprises.

As per management consulting firm Zinnov, Indian SMBs have adopted SaaS at par or more than the rest of the world, may be more because many Indian organizations are not limited by regulatory or compliance requirements compared to their western counterparts, therefore giving them freedom to choose and adopt cloud more quickly. As a result, the market is ripe for more widespread adoption of SaaS to help SMBs reach greater levels of profitability in India. Security SaaS allows SMBs to focus on their business while leaving the security of their endpoints, email, web, and vulnerability management to the security experts

Bhattacharya explains, “Major offerings today in security as a service are in content security space – to getting secure emails before it hits organization’s email servers and also securing the employee Internet access. With cloud adoption picking up pace, going forward there shall be more focus on identity and authentication and how this can be used to secure access to applications.” In any case, the enterprises will have to choose their solution provider with caution.

While 2013 has been a challenging year and full of threats, 2014 holds a bigger challenge, with mobility penetrating further into enterprises. CIOs will have to watch out for more sophisticated models of attacks and developing skills around security management. And not to forget that yesterday’s viruses and malware are still lurking out there, requiring vigilant updating of traditional defenses. In this backdrop, CIOs need to develop new immunities, and keep updating the traditional shields.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image