The number and severity of security breaches aren’t expected to slow down in 2018 with advent of cloud, IoT and mobility. Sophisticated new malware will emerge on a weekly basis if not daily, their distribution methods will change and attack offerings will continue to sell on multiple platforms, says Bhaskar at Check Point. IDG India had an extensive interaction with Bhaskar Bakthavatsalu, Managing Director, Check Point, India & SAARC on the company’s tech blueprint, company focus and India GTM for 2018 and beyond.
How will the face of the enterprise security differ in the year of 2018 versus the previous year in terms of threat vectors and market trends?
2017 would go into history, in golden letters, as the year of the hacking community. They succeeded on two fronts, first in getting the world to pay them huge sums for breaches and compromises and second in helping organizations realize that fundamentals essential to comprehensive enterprise security were being ignored and needed urgent fixing.
Hackers compromised vulnerabilities, some existing for more than a decade, by targeting endpoints and servers not ready for the next wave of zero day and behavioural attacks or by going after ill-configured IOT devices beyond organizational boundaries or by comprising single factor authentication systems.
I expect 2018 to begin where 2017 left off.
Sophisticated new malware will emerge on a weekly basis if not daily, their distribution methods will change and attack offerings will continue to sell on multiple platforms.
As we look into 2018, Mobility, Industrial IoT, critical infrastructure and the cloud being key areas of focus for hackers, besides the traditional threat vectors that exist today. Enterprise breaches that originate on mobile devices will become a more significant corporate security concern. Industrial IoT will be attacked, far more regularly than ever before. Another cyber security trend in 2018 will be that Ransomware will become as frequent as DDoS attacks
As enterprises continue to put more data on the cloud, providing a backdoor for hackers to access other enterprise systems, an attack to disrupt or take down a major cloud provider will affect all of their customers’ businesses.
There will also be a rise in ransomware attacks impacting cloud-based data centers. As more organizations embrace the cloud, both public and private, these types of attacks will start finding their way into this new infrastructure.
Customers will look beyond NGFW and seek to deploy integrated threat protection with complete control & visibility at all layers including Cloud, Mobile and Networks
Any best enterprise security practices or approaches for the companies to adopt and keep the bad guys at bay?
Organizations will reassess their risk profile as there has been a radical change from perimeter led to boundary less enterprise information and data. In last few years Organizations have adopted cloud, mobile apps, social media to build competitive advantage. They will change their buying behaviour from logs and “network led” to “intel and holistic” led. We will witness less investment in SIEM based technologies and perimeter based secure infrastructure. Investments will happen on cloud, endpoints, mobility and with vendors who have strong threat intel.
Best security practices by enterprises to keep hackers away
Enterprises will look up to vendors for training, advisory services and strong skilled human capital to address their loose ends in evolving threat landscape. Enterprises will also need vendor services in knowing what the bad guys think about them through social and dark net researches.
We will witness induction of deep learning, machine learning and artificial intelligence to improve and augment fighting capability against the bad guys in terms of speed and ability to predict an attack. These newer technologies will be preferred. Finally, enterprises will work on fundamental things like patch management, identity management and deploying minimum 2 factor authentication, classification of data and applications, people awareness to name a few.
IT and IT security teams of India companies are now more tightly coupled in terms of camaraderie and interactions than in the past. What is driving this trend?
While a majority of companies still have cyber security embedded within their overall IT organization, there is a change whereby corporate boards are looking at cyber security as a separate team and not just an extended arm of their IT teams. India government has upped the ante when it comes to this topic with all the digital initiatives, and this has only rubbed off across enterprises as well, so people are beginning to sit up and take notice of the need for special treatment for cyber security in organizations.
Before security is deployed in any organization, it’s important to understand what needs security, what level of risk is associated and what kind of security needs to be deployed. Companies can’t paint the world with one colour. In last couple of years, software defined infrastructure is fast replacing “hardware” led model and thus it becomes almost a compulsion and best practice for the teams to collaborate better. Another major trend for IT and IT security teams working more closely is because of the fact that everything is app based and thus building applications with best security practice is critical for any organization to be fool proof.....else they will be soft target for hackers.
With Apps and workloads moving out of on premise environment to the cloud, mobile and IoT, what will be roadmap of Checkpoint in India?
We expect more and more attempts to penetrate an organization through the cloud, mobile and IoT. As a company, we are well prepared to already ensure our customers are protected for these environments. While our mobile security solution works either in a silo or in collaboration with major MDM players, our cloud offerings encompass the entire gamut of public and private cloud players like Microsoft, Amazon, VMWare, Cisco etcetera.
IoT is a rather challenging area to address when it comes to security. Given the mass production and proliferation of various “things” from thousands of vendors and each with their own OS, it is a challenge to secure an environment of this scale. We are in the process of building security solutions in the IoT space.
Check Point started this journey sometime back and we are already ready with the Security of the future. Our Infinity Architecture talks about Security for Cloud (Public/Private/hybrid), Mobile Security ( Threat Protection, Workspace) and we are ready with the roadmap & framework for IoT Security.
“Customers will look beyond NGFW and seek to deploy integrated threat protection with complete control and visibility at all layers including cloud, mobile and networks.”
Bhaskar Bakthavatsalu, Managing Director, Check Point, India & SAARC
The transition of physical form factors towards digital economy is a global trend. When the business managers are pushing trends with AI being business differentiator, Big Data driven business decisions, IoT as a business enabler are the key drivers that are pushing IT and Security teams to disband the differences (if any) and commit to the common cause of digital economy.
Where does Indian enterprises and their CISOs figure in the maturity curve of adopting network security? Will next gen firewalls have a different avatar in 2018?
In my opinion, it is no longer about just a firewall. The need of the hour is a comprehensive security architecture that is able to share threat intelligence across the network, endpoints, mobile, and cloud. Multi-point solutions will not help, it is all about consolidation and integration of the security systems in the landscape
The maturity of CISO and enterprises are not a linear function of geography, except for very few countries. The state of CISO by and large is same. We expect the CISOs worldwide to transition from a point product solutions approach to "Framework & Security Consolidation approach" and considering OT & IT Security Objectives in their horizon of next three years rather than just emphasising on IT Security only.
And your take on new-age security jargons like UEBA, EDR, IdA to name a few? Are they for real?
Yes they are very much real. In fact Check Point has been advocating the security controls in End Point, Behavior Analysis before the market started talking about them. We were one step ahead and ready with solutions like Sandblast Agent with Forensics (with anti-ransomware) for EDR before any other vendor.
EDR is, for sure, real. Check Point has been busy globally as well in India with a great business in EDR space (with SBA) for nearly six quarters now. In last three quarters, owing to Ransomware proliferation and our leadership position in completely preventing it, has kept us very busy. UEBA is also picking up but I see it getting consolidated with SIEM strategy sooner or later. Couple of years ahead one might not see independent UEBA customers once the hype is settled.
Your message to your well-entrenched channel ecosystem in India. What is the expectation list by CISOs and CIOs on their digital transformation journey from security vendors?
Empowering channel partners with the latest security trends and helping them migrate towards a more consultative solutions selling approach will likely increase business beyond traditional avenues. As newer technologies take center stage, the emphasis will be to train our channel continuously and work closely with them in their core sectors where they have deep inroads.
CISOs and CIOs in 2018 will prefer vendors that provide an architecture for the future and one consolidated solution that can take inputs from multiple enforcement points and deliver complete visibility. At the same time they also want an assurance from the vendor that they are completely secure and prevented from any threats. Coupled with our services in Incident Response and Threatcloud Check Point which is completely ready to fulfil the CXO's wish list.