We must have a cyber resilience plan post a breach, says Fortinet VP


The global cyber threat continues to evolve at a rapid pace, with a rising number of data breaches being reported each year.


According to reports, cybercrime cases have witnessed a steady spike in India since 2018. The country reported 2,08,456 data breach incidents in 2018; 3,94,499 cases in 2019; 11,58,208 cases in 2020; 14,02,809 cases in 2021; and 2,12,485 incidents in the first two months of 2022, with the recent ransomware attack on the AIIMS server being a case in point.


 


Against this backdrop, the role of top cybersecurity corporation, the US-headquartered Fortinet, which is the leading service provider in India and the Southeast Asian region, becomes all the more important.


 


Speaking exclusively to IANS on the sidelines of the Fortinet SAARC Partner SYNC-2022 held in Cairo recently, Vishak Raman, Vice President of Sales, India, SAARC and Southeast Asia, at Fortinet, spoke on a range issues, from emerging cybersecurity threats to convergence and consolidation of the cybersecurity industry, among others.


 


Here are some excerpts from the interview:


 


IANS: How can healthcare organisations prepare themselves to ward off growing ransomware attacks as we saw in the case of AIIMS Delhi?


 


Raman: The pace of digitisation has broadened a lot, and hackers now do not differentiate between high-value assets and low-value assets. For them, it’s just an asset. They just look at what’s the most valuable record. It’s no more a credit card or a CVV number, because today we have daily caps on them.


 


So, they are going after patient records, as they are far more valuable than a CVV number, because they offer a patient’s health report, his insurance details and his medical history, and there is more value in the underground of a person’s health data for marketing and rating points.


 


And we presume it’s a state-sponsored attack by one of our hostile neighbours, which wants to send out a message for its own geo-political reasons… To show that in the heart of the national capital, India’s most premier healthcare institute can be brought down.


 


Cyberattacks will continue. What we need to prepare for is how do we build cyber resilience post a breach. We need to make sure that the attack time is longer for the hacker, because planting a ransomware doesn’t happen in one day, and then launch the malware. So, the better preventive technologies that we deploy will reduce the risks.


 


The second part is after getting breached, what is the next step, how well is our back-up? How well is the communication with the rest of the process? After the attack, everything went back to the ‘parchi’ system at AIIMS, which was the first hospital that advertised that it is going digital.


 


So, I think the first step is to understand the motive, second, look at the correct preventive controls, and then make sure that we have a cyber resiliency plan post the breach.


 


IANS: Why do you think that the public sector vertical has a big potential in the cybersecurity space?


 


Raman: The rate of digitisation within the public sector is quite high, and the government spending is also quite on the higher side. What an NPCI (National Payments Corporation of India) or Rupay has done to the economy is phenomenal. The next space that is going to come about is logistics.


 


And when we look at 5G as an option, we must look at how we deliver better citizen services. And that’s what the government is looking at. If citizen services are not secured properly, it will have a national economic impact.


 


The cost of cybercrime is roughly about $7 trillion, which is expected to go up to $10 trillion by 2025. So, it’s bigger than the entire narcotics business. But are we paying good enough attention to cyber security in the public sector?


 


We can do better as the government has come up with great policies. So, what we are adding is how do we make sure that we build a digital infrastructure for citizens in a proper way.


 


IANS: What is Fortinet’s India growth plan going into 2023?


 


Raman: Well, quite a lot. If you look at the India base, we have been in this market for 20 years and we are going strong. We have expanded our footprint in terms of coverage and we have added our engineering bases here.


 


We had the R&D team coming in here, and our entire threat intelligence team is now built out of India. We have a 650-member strong team in the country. In the future, we are going to deliver global services out of India, as our delivery cost is far better.


 


IANS: What are the emerging cybersecurity threats?


 


Raman: First and foremost is what we saw as ransomware as a service, and the second is emergence of data wipers because both Ukraine and Russia are attacking each other and these are destructive malwares, which are like detonators that just wipe out the data. Also, cyber threats are emerging a lot on the operational technology (OT) side.


 


IANS: How prepared are you to tackle these threats?


 


Raman: On our product side, we have built on our OT capabilities. I think today we are well-prepared with an end-to-end portfolio across the four pillars — one is from the network side, and then the end point, Cloud and then securing the applications, all the four big domains.


 


IANS: How can the Indian firms, especially in the fields of defence, energy and manufacturing, guard against rising cyberattacks?


 


Raman: I think it’s not just about the product game, it’s about the people as well. They are about people, process and technology. The human elements of risk need to be mitigated by constant training and awareness.


 


We need to have a cybersecurity process in place. Fortinet has a great portfolio of private on-premise security solutions as well. But on process and people, definitely the customer’s onus is to get more people trained, and consume threat intelligence because intelligence-led cybersecurity is far more important.


 


What is happening as attacks across the globe can come and hit you as well. This is something Covid has taught us … Until everybody is safe, nobody is safe.


 


Even in the cybersecurity space, we have seen live examples of data wipers where Ukraine and Russia are attacking each other but the bullets don’t just land within the battlefield, they land in Singapore, they land in India because we are inter-connected. The data wipers come and hit us as well.


 


If you look at the nature of attacks, it is not just between two states. So it needs a combined global threat intelligence approach to mitigate the risks.


 


IANS: When it comes to awareness about cybersecurity threats, what is your view about the scene in India?


 


Raman: I think that the National Cybersecurity Day, which was announced recently, gave us a great amount of awareness, and we partnered with some of the premier institutes to launch webinars, and present real-life cases that IT security is not just an IT problem.


 


It’s a broader problem, it’s a technology issue. The amount of prominence cybersecurity is getting at the board level now is more than what it got a few years back.


 


IANS: What’s your take on the convergence and consolidation of the cybersecurity industry?


 


Raman: Twenty years back, cybersecurity was looked at as like ‘I have a I point product, because I wanted to address a point problem. I had an e-mail spamming issue, so I bought email security. I had an end-point laptop malware problem or an anti-virus issue, so I wanted an anti-virus solution’ … But all these bespoke products, they didn’t talk to each other.


 


So the customers are now actually myred with huge amounts of alerts coming from these point products. They don’t know which ones to investigate. Large IT service companies will get 50,000 alerts a day. How do you look at out of these 50,000 alerts, those 10 alerts are the valid ones and then you investigate them?


 


The complexity of security is about alert fatigue, second is the console opaque, You want to know something about it, you have to log-in to your anti-virus console, you want to know something about your DNS security, you have to log in.


 


This simplification of security into multiple consoles to a minimum of three to four consoles, that’s what is the actual consolidation that we are talking about.


 


–IANS


arm/ksk/

(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)

Originally appeared on: TheSpuzz

Scoophot
Logo