As we continue our digital transformation, cloud security remains a priority journey to ensure robust protection for our cloud environments: Sachin Kawalkar, CISO & Global Head of Information Security and Quality, Neeyamo
Sachin Kawalkar, CISO and Global Head of Information Security and Quality, Neeyamo, speaks about the fast-changing world of cybersecurity as technology shifts to the cloud and leans towards work from anywhere. Exclusively speaking to Express Computer, he talks about the repercussions of rapid digitalisation, multiple layers of data protection in place, and the need for AI-driven security measures. Kawalkar also talks about the new security initiatives of the company, and the technologies they will focus on in the future. He also shares the best practices on how to build a cyber-resilient organisation that can recover promptly in case of a breach.
Considering most organisations are now digitising their processes and shifting towards cloud technologies, what is the effect on their general overall cyber posture vis-à-vis vulnerabilities to cyber-attacks? How do you think the new normal changed the cyber strategies of companies across the globe?
The post-Covid world has brought in certain very dramatic shifts in the IT and technology environment. With work from home on, most organisations have now shifted to a hybrid workforce model, having a mix of both in-office and home-based workers. This has undeniably increased the risk and frequency of cyberattacks. Reports from sources like Gartner have shown a marked rise in cyberattacks, primarily because attackers are more aware of the vulnerabilities created during the pandemic.
When COVID-19 confined people to their homes, organisations were forced to digitalise rapidly, sometimes for the first time. Many had to answer questions around how one could safely connect with end-users and ensure business continuity. The urgent shift gave cyber attackers an opportunity to explore and exploit new vulnerabilities as most businesses were caught off-guard.
Organisations that already had such advanced cybersecurity measures in place were thus better equipped and could sustain their operations with minimal disruption. However, most small and medium enterprises that were not well prepared for these remote work challenges were easy prey due to the weakness in security practices and lack of preparation. The reliance on personal devices further grounded the risks because they are hardly as secure as corporate-issued gadgets. This resulted in the increased cases that involved incidents across different sectors: healthcare, automobiles, manufacturing, and IT. The most notable case in point is an attack on AIIMS, clearly stating how vulnerable such systems can get.
The massive customers that you serve require deployment of robust data privacy and security solutions to ensure protection of organisational and customers’ data from cyberattacks. What solutions are you using in order to ensure the safety of the data in cyber terms?
Ensuring data protection for both our customers and the organisation is a multi-layered affair. We use advanced cyber security frameworks that combine in themselves a mix of proactive threat intelligence, robust encryption techniques, and continuous monitoring systems. Our security model assimilates AI and ML to detect threats in real time, thus responding earlier to a potential breach. We have been implementing zero-trust architecture where all devices within and outside the network are continuously verified. DLP tools, endpoint security measures, protect sensitive information from threats. There’s training and simulation for my teams to know how to respond when a threat manifests.
Please outline recent security measures deployed and how those measurable benefits have affected the organisation.
In the past year, we have rolled out several significant initiatives that place us in a position to really make a meaningful improvement in our cybersecurity posture. Among the most significant activities undertaken was the integrated security platform, which represents the integration of threat detection, response, and recovery functionalities within it. This platform has not only improved our incident response times but also minimised downtime. The rise in remote work made us focus more on endpoint security. We implemented a SASE solution in this regard, one that had secured and seamless access to the setup, hence building strong resilience against cyber threats and attacks.
What are the top security focus areas and technology priorities for you over the next 2-3 years?
This is essentially where we are going to concentrate our activities over the next 2-3 years, using AI-driven security solutions more and more to stay ahead of the line of sophistication of attacks. It is a large investment into threat intelligence platforms that can analyse big datasets in real time to bring actionable insights. Cloud security continues to be important as we continue on our digital transformation journey, ensuring the robustness of protection of our cloud environments. In addition, we have to construct a cyber-resilient infrastructure, of which we are committed to enhancing our incident response capabilities through automation that can respond speedily to new challenges.
Despite the best security measures, there is a high probability every organisation will experience a breach at some point in time. What are your suggestions on a cyber-resilient strategy and tips for security leaders that will help recover from incidents quickly with minimum possible damage?
Yes, you are right on this; no system is breach-proof. The focus should be on building a holistic cyber-resilient strategy. I will recommend a shift to a defence-in-depth strategy wherein security controls are layered across the network, endpoints, and applications. Security leaders must stress regular audits and penetration testing so that vulnerabilities can be identified and mitigated proactively. Another area is the development of an efficient incident response plan that employs proper communication protocols and recovery plans. An organisation should develop data backup solutions and conduct test disaster recovery as efficiently as possible. Finally, continuous education and training for all staff levels would be required. Cyber resilience is just as much about technology as it is people prepared to respond to and mitigate potential incidents.
