The worldwide pandemic has impacted all areas of businesses across the globe. The new safety norms have altered the consumer buying patterns and this will continue to be impacted in the new normal. The adoption of technologies under the stated digital transformation, Risk management, AI/ML & cloud computing solutions has ensured that businesses live to fight another day.
Video communication platforms adoptions are at spree may it be an educational institution or local communities. Companies in this domain like Zoom, Google Meet or Webex their business seems to find new heights.
While this adoption of technology helps in getting businesses back on track but it does not come without risks. No wonder, the cybersecurity landscape is the biggest concern for every business leaders globally. The rapid transition to remote working, more use of digital technology has exposed organizations to higher risks of cyberattacks.
To tackle with these attacks the company’s security teams are refocusing upon the value of cloud-delivered security and operational tools that do not require a LAN (Local Area Network) connection to function, reviewing remote access policies and tools, migrating to cloud data centres, and SaaS (Software-As-A-Service) applications, and securing new digitization efforts to minimize person-to-person interactions while ensuring the enterprise safety.
The Market Overview
The cybersecurity market was valued at USD 156.24 billion in 2020, and it is expected to reach USD 352.25 billion by 2026, registering a CAGR of 14.5% during 2021-2026. The trends for IoT, BYOD, AI, and machine learning in cybersecurity are increasing. For instance, machine learning provides advantages in outlier detection, much to the benefit of cybersecurity.
Adoption of M2M/IoT connections demands strengthened for cybersecurity in enterprises. This is driving the market, as the emerging business models and applications are coupled with the reducing device costs, which have been instrumental in driving the adoption of IoT, and consequently, the number of connected devices, such as connected cars, machines, meters, wearables, and consumer electronics.
On the other hand, several other smart city projects and initiatives are ongoing, and by 2025, it is expected that there may be around 30 global smart cities and 50% of these may be located in North America and Europe, which may demand high cybersecurity for prevention.
Given the collywobbles the cyber-sensitive world is creating, I bring along the pioneers from the cyber security sector. In this article, we strive remove the dust understanding how cybersecurity is helping in transforming businesses in the Post-Covid world. Also, how their organization is dealing with the security challenges given the thin-edging scenario in the cyber security world.
Stating how Post-Covid pereception changed about cyber security, Pankit Desai, Co-founder CEO, Sequretek cites, “Rightly or wrongly, business teams have always perceived cybersecurity as adversarial to their objectives of freedom and convenience of accessing privileged company information to meet their business goals. All this changed dramatically with COVID, where, for a change, cybersecurity has become an enabler to business transformation. The speed at which the technology, process and teams worked to ensure limited disruption to business activity while ensuring safe work from environments for organizations is something that they can take credit for. Over the past twelve months, these changes have become semi-permanent offering businesses the flexibility to take decisions on what their future work environment would look like.
Pankit further elaborates about their offerings, “At Sequretek, we were fortunate to have seen the prognosis of what was likely to happen in early March 2020 itself. This time allowed us to test out our systems and processes for an effective and safe work from home environment. Consequently, when the countrywide lockdown was announced on March 24th, we were not taken by surprise. The fact that our business is security obviously helped us in ensuring that not only did we manage the transition securely, we were also able to anticipate the kind of challenges our customers would have to undergo and be ready with advisories, best practices and special monitoring needs to be the backstop for our customers.”
Underlining on hackers new methodology of attacking in Post-Covid era, Kumar Ritesh, CEO & Founder, Cyfirma affirms, “The pandemic has pushed businesses to accelerate their digital transformation. This has presented new risks which were not seen in pre-COVID days. Our researchers have observed a change in hackers’ targets and attack methods. Hackers have always targeted vulnerabilities in systems and software to access prized data and assets. With the pandemic, threat actors have shifted their attack vectors to people and their weak IT configuration in their home environment – resulting in remote workers being tricked into releasing credentials and other sensitive information through social engineering tactics. Hackers have exploited weak systems to install malware to steal sensitive corporate information. This presents many new attack surfaces and digital risk which were never seen previously. Businesses in the post-pandemic world now face unprecedented digital and cyber risks. Businesses need to urgently modify systems and processes to address access controls, intrusion detection, data management, and bring cybersecurity awareness education to employees. This has led to an increased appreciation of data privacy and greater awareness of cyber threats and risks.”
Urging to all companies to build a basic level of cyber hygiene by focusing on 4 pillars – people, technology, process, and governance, Kumar said, “Train employees on how to recognize cyber threats and risks, particularly social engineering tactics. Incorporate layered defense approach by having data and endpoint security, and gateway-based security solution. Use reputable anti-virus, web control, data loss protection and VPN solutions. Perform threat profiling, creation of threat segmentation, zoning and risks containerization. Design data management and protection processes where critical data is encrypted and vaulted with an air-gapped solution. Ensure critical data is backed-up regularly with RTO (recovery time objective) and RPO (recovery point objective) clearly defined. Incorporate a digital risk discovery and cyber-intelligence program to identify threats early and preempt impending attacks.”
Citing about the criticality WFH (work from home) has pinned, Sonit Jain, CEO of GajShield Infotech, said, “The WFH (work from home) culture is certainly witnessing an unprecedented rise, acceptance and adoption across many sectors amid the on-going COVID-19 crisis globally. Today, the WFH step has almost become the quintessential need for most enterprises and businesses today as part of their BCP (business continuity planning). But they still face security risks and challenges of data leaks and breaches with a large remote workforce operating in an insecure WFH setup environment. The threat landscape has changed with the adoption of modern work culture as cybercriminals find it easy to find vulnerabilities in the newly created virtual working environment. Accelerated adoption of cloud services too, has led CIOs and CISOs to change their focus from network security to data security. The threat landscape has changed with the adoption of modern work culture as cybercriminals can easily find vulnerabilities and loopholes in this modern environment.”
Data is the most critical asset for enterprises today and ensuring its safety is their priority emphasizes Sonit. He said, “The traditional security architectures are blinded by the new working normal. As an integrated security platform provider, we feel, that traditional security solutions have to not only evolve but have to go through a complete overhaul, considering the newer cloud adoption and the new normal mobile working culture. GajShield data security firewall provides complete visibility and control on each and every piece of information leaving an enterprise boundary which help enterprise to keep data at the centre of all their security measures and designs. GajShield Firewalls provide an integrated context-based network data leak prevention that helps organisations to secure data and prevent both intentional and unintentional data leak over web, cloud and SaaS applications. This solution combined with our remote working solution, enterprise cloud can allow organisations to ensure data security even with the remote and roaming users. Further to this, we give better visibility and control on the threat surface, helping enterprises to keep threats away. Our firewall stands up like a platform for enterprises to implement solution for email security, cloud security, secured branch connectivity with inbuilt SD-WAN capabilities and more to make us stand out from the crowded firewall space. They have to adopt a newer data security approach that keeps data at the centre of all security measures to prevent data exploitation.”
Starting with an evident example, Altaf Halde, Sr Vice President, Network Intelligence, elaborates, When we start an airplane journey, the cabin crew shows us the safety precautions. One of the main points they say is that “in case of an emergency, first protect yourself by wearing the oxygen mask or before putting on the float and then help others”. This same principal applies to cybersecurity companies. When the COVID situation started in March 2020 and work from home started taking steam, we at Network Intelligence, invoked our business continuity plan and first ensured that when we issues / allowed remote working for our team members, the same security policies and procedures were in place as it was before the WFH started. We ensured that there was zero impact in shifting our services to remote offerings and then we started helping our clients in their cybersecurity initiatives covering remote working to allowing access to their systems by their users. Our major focus at this point was on the SOC (Security Operations Centre) operations as these are 24/7 and are governed by strict client SLAs. One-to-one emails were now being sent to customers by our senior leadership team and a targeted outreach started to push our clients to enable WFH for our employees.
Altaf sharing an overview about their customer scenario, said, “This WFH was a new scenario for most of our customers. We conducted regular one-on-one communication with the CISO’s and also email communications with general messaging. We realised that priority of customers was to ensure that it is “business as usual”. So, a lot of security access was given to users to get the same kind of service delivery capability the way they would work while in office. We identified that many users were not used to the WFH scenario and were highly susceptible to attacks from threat actors who were making the most of this sudden opportunity. We saw a spike in attacks on remote users with phishing emails and targeted attacks. In our regular communication with customers, we made it a point to explain that the messaging for security awareness and culture has to flow from the top management. Security had to become everybody’s responsibility.
It took a good amount of time for customers getting used to this new Post-Covid world. Now, we have seen customers accepting the fact that cybersecurity can be delivered remotely without compromising on security. Today, we are helping customers get ready to the flexible “back to work” culture. Ensuring that the same level of security is provided irrespective of the users being in office or outside is the key deliverable that we are helping customers with concludes Altaf.
Starting with sharing a report, KrishnaRaj Sharma, CEO & Director, iValue InfoSolutions, noted, “Last year Gartner had predicted that 60% of digital businesses would suffer major service failures by 2020 – reason? The businesses were not capable of managing security challenges posed the by the rise in digital transformation. But businesses, to stay relevant had to move into the new era of transforming themselves. However, the pandemic that broke out pushed the companies over the edge into fast-tracking transformation in their business operation. The performance of the IT industry shows the increasing focus on the digital transformation of businesses and also the expansion of digital-driven services to cater to clients across the globe. iValue’s DNA – Data, Network and Application Management has been evolving to meet the emerging needs of our customers and partners. We can certainly say that with the increased number of cyber security threats the new age of cyber security began. From cloud-edge securities to network forensics all of these are new age cyber security technologies that are slowly catching up to the changing trends of cyber security. With the advancement in the field of cyber security to tackle threat actors, enterprises in all sectors need cyber security that will protect them from advanced threats.”
Extending words about their offerings, KrishnaRaj, concludes, “iValue’s internal IT architecture model is based on hybrid cloud architecture allowing safe and secure access to all the applications from anywhere on any device at any time zone. Even before Covid-19, we used extensive collaboration tools covering video, audio with file sharing for our internal reviews and training regularly. We have extended the same for our vendor and partner teams to enable WFM collaboration for all stakeholders. We leverage on best of breed offerings in each of these areas for ensuring quality engagements at all times. Being a solution provider in this area, the teams are well equipped. Our UTM, Multi-factor Authentication, Mobile Security, Endpoint Security are a few of the solutions that iValue provides to help in keeping enterprises safe from threat actors.”
Commenting on the current scenario, Praveen Jaiswal, Founder & Director, Vehere says, “Covid-19 has brought about a massive transformation in our lives and also the working mode and environment. In order to adapt to the pandemic, many companies have resorted to a remote structure and hybrid working model. It comes with its own challenges and the primary concern for organizations is to provide secure network access to all employees who are operating from different locations.
Thus, cybersecurity matters more than ever for enterprises, because remote working has led to an increase in the number of cyberattacks. The situation also offers an opportunity for organizations to explore newer ways to increase communication. One of the most valuable lessons learnt during the pandemic is that no matter what the obstacles are, people need connections. For every company, it quite essentially means staying connected to their employees and assets virtually.
More and more companies have now started to realize the benefits of maintaining visibility on their network and to also have an automated network detection and response solution installed. Considering the risks associated with an unsecured network, it is important to add measures to monitor the security infrastructure in real-time and, at the same time, keep a vigil on assets on-the-move.
Our solutions continue to work as business enablers, allowing the enterprises to leverage data-driven insights to not only detect security risks but also guide people to deliver an effective response to any potential security breach.”
Shikhil Sharma, CEO and Founder, Astra Security Says, “The pandemic has simply accelerated the cybersecurity programs of businesses by at least 10 years. The world was waking up to the need of cyber security in 2019, however, in the post-pandemic world not only cyber security is at the forefront of developer’s worry points but also has made it to boardroom discussions.
Post pandemic, the issue of cyber-attacks has increased manifolds with at least one big attack reported every other week. Each new hack is bigger than the last one. CEO’s now have started asking their CISO’s or CTO’s questions around the organization’s security posture, which is a great move towards ensuring cyber hygiene. When the discussion over security starts from the bottom-up in an organization, then budgets are not that big a problem and the entire organization starts becoming a security conscious organization.
Also, with customers being more vigilant and asking if their data is safe with a company, cyber security has become a factor for choosing business partners. We’ve been tracking a high rise in various businesses wanting regular security scans and penetration tests for their applications. This demand has directly been sparked from their own customers. So much so that we’re planning to launch a vulnerability management system for businesses in the coming weeks.”
Concluding on the scenario, Nikhil S. Mahadeshwar, Co-founder & CTO, Skynet Softtech Pvt. Ltd. added, “The Pandemic has made businesses even more digitally acquired. As of now, businesses rely on digital services like never before, this has manifested as a great opportunity for hackers. Hence, businesses have become even more cautious and have started taking Cyber Security seriously. Using anti-phishing solutions and threat intelligence data analysis will decrease the risk of businesses becoming victims of cyber-attacks. Creating robust monitoring policies for tracking threats and establishing comprehensive threat intelligence management policies will go a long way towards helping organizations protect their critical data. Large businesses may already be doing some of these exercises, but small and medium-sized companies must start practicing this as well since they have more to lose and have limited resources to fight this threat. But now gradually, businesses are becoming digitally secured and digitally aware and are slowly moving towards digitally secured India especially now given the current scenario.
We as an organization consist of cyber security experts who have decades of practical experience in dealing with spies and hackers. We have also worked with various governments in tackling the menace of cyber-crimes. With such extensive experience in hand, we have been researching and analyzing attacks to develop a total cybersecurity solution that is robust enough to tackle various cyber-threats in one go. Apart from creating our multi-dimensional product HackShield, we conduct a training session regularly to educate our Government officials, law enforcement officers, and local communities on how to deal with cyber-attackers. We aim to create responsible netizens who know the basics of cybersecurity and the steps to secure their digital privacy.”
