AI enhances our capabilities by enabling rapid threat identification and precise action: Aaron Bugal, Field CTO, APJ, Sophos
In an exclusive interaction with Express Computer, Aaron Bugal, Field CTO, APJ, Sophos delves into the rapidly evolving cybersecurity landscape in India. He discusses the rising tide of advanced persistent threats (APTs), the critical role of AI in bolstering cybersecurity defences, and the importance of risk management strategies for enhancing cyber resilience. The conversation also explores the unique challenges faced by Indian enterprises and how Sophos is addressing them through its innovative technologies and strategic roadmap.
How has your experience been in India, and what are your thoughts on the cybersecurity landscape here, particularly with the increase in sophisticated cyber threats targeting key sectors?
This is my first time in Mumbai, and I’ve noticed the diversity across regions, from Delhi to Goa. The burgeoning economy here has truly proven its strength. From my perspective at Sophos, every organisation in India, regardless of its industry or size, is a potential target for cyber threats. Attackers are opportunistic, and if they find an opportunity to exploit access, they will, regardless of the organisation’s location.
What are the most significant advanced persistent threats (APTs) that Indian enterprises are currently facing, and how are these evolving?
Ransomware has been the primary threat for several years, and it remains a major issue in 2024. The real challenge extends beyond ransomware itself to the broader implications, such as data extortion. Organisations must be prepared for the consequences of such attacks and understand their impact on business operations, reputation, employees, and supply chains.
With AI becoming increasingly integrated into cybersecurity, how do you see its role evolving in combating sophisticated cyber threats against Indian enterprises?
AI has quickly become a key player in cybersecurity. While its initial hype has settled, its practical benefits are significant. At Sophos, AI enhances our capabilities by enabling rapid threat identification and precise action. This allows us to provide superior managed security services and offers insights that Indian organisations can leverage to strengthen their own cybersecurity strategies.
What are the most effective risk management strategies that organisations in India should adopt to enhance their cyber resilience against persistent and evolving threats?
Risk management strategies should be tailored to each organization. It’s essential for businesses to evaluate the potential impact of a cyber attack on their operations, reputation, and relationships. Utilising frameworks like NIST or local guidelines from MITEI can help organisations understand cyber threats and implement corrective measures. The focus should be on assessing business risks and preparing accordingly.
Which specific threat actors pose the greatest risk to India’s economy, and how can businesses best defend against these targeted attacks?
Instead of focusing on specific ransomware groups, it’s crucial to recognise that every organisation faces risks due to the interconnected nature of the global economy. The primary concern should be how businesses would respond if a cyber threat materializes. Organisations need to have robust plans in place to minimise damage and ensure cyber resilience.
How can Indian organisations stay ahead of emerging cyber threats while also meeting regulatory demands?
Organisations must stay proactive and adapt to technological advancements in cybersecurity. At Sophos, we have developed a framework to apply AI and other technologies responsibly, ensuring effective governance. It’s vital for businesses to stay informed about technological advancements and enhance their capabilities to remain resilient and compliant.
What challenges are CIOs and CISOs in India facing, especially with the rise of AI?
CIOs and CISOs in India are showing a commendable willingness to learn and adapt, especially in understanding and applying AI responsibly. This eagerness to seek knowledge and navigate AI’s complexities is essential. Discussions often emphasise the need for a structured and ethical approach to AI, ensuring it is used effectively without rushing its application.
How is Sophos planning to address the unique cybersecurity challenges faced by Indian enterprises?
Cyber threats are a global issue, and attackers target everyone opportunistically. At Sophos, we focus on helping organisations recognise and defend against these threats, whether through external risk management or responding to attacks. Our strategic roadmap and innovative technologies are designed to enhance our customers’ cyber resilience and help them stay ahead of the evolving threat landscape.