Amit Hooja, the CEO of NetGraph, speaks about the security challenges faced by companies in the region
How has the security threat landscape evolved over the past few months?
It is evident that the brains behind cyber attacks seem to be in overdrive in the last few years. We can expect the number of released vulnerabilities to be almost double compared to the previous years. Also, given the current environment with more people working from home, the organizational permitters have changed and we are witnessing a huge surge in events at individual workstations which are mostly neutralized by our security ops. But what is now emerging and we are experiencing, is that the number of security events with our customers has almost quadrupled each month.
What sort of security challenges are people facing when working from home and how is your company equipped to handle those challenges?
In forced circumstances, and since people are working from homes, dorms, shared rooms, etc, there are attacks on enterprise hardware that are otherwise secured by enterprise firewalls. This has given the opportunity to hop into the scene and break into other targets within organizations. Under normal circumstances, this hardware within physical security would be more trusted and have privileges that would be better than any other network.
Most of what is currently happening are due to connections via VPN into organizations. Also, the large amount of data being exposed on these machines can be further explored for further attacks. Companies should focus on a lot of endpoint security and deploying Extended Detection and Response (XDR) on user machines. This enables a great amount of behavioral analysis on user machines and protects the machines as well as the network.
How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
We are seeing much more advanced ways being evolved in the delivery of ransomware, where the vehicles are getting much more innovative and intelligent and are able to detect the environment and inject appropriate payloads. We are also seeing advancements in how the payloads are delivered and hence staying invisible from most of the otherwise known techniques to detect ransomware. NetGraph initiates a lot of deep ransomware analysis.
How can companies overcome digital security and privacy challenges?
As a Managed Security Service Provider, what we enforce and educate our clients is that the first step is self-realization in the company’s need to lay adequate stress on the organizations’ security. Especially at a time when most companies both the larger enterprise as well as small and medium-size businesses are dealing with a huge amount of employee as well as customer data that are prone to threats. Having an in-house CISO or appointing external security operators is important to ensure a healthy security outlook and approach.
They help in analyzing the threat surface, taking corrective action, and future-proofing the organization’s security. Companies must be more responsible while dealing with data. We also see is that a lot of startups functioning in a highly competitive environment are in an eternal race to keep customers engaged with new features and implementing new ways of approaching things. All of it is prone to new threats and they need to have firm policies to make security review a part of the process from the very beginning. For this, we advocate that it is important to have the right people and policies in place who can ensure a secure environment.
Do you believe companies today have accelerated their digital transformation initiatives?
While the world is hit by the COVID crisis there is a big shift in the way business is being conducted. Organizations are leaning more and more towards digital and on internet-facing platforms. Most traditional businesses had to rush into making quick changes to continue to do business and had to find alternative ways to stay afloat and were in a scramble to recoup revenue losses.
What is clearly evident is that most companies are now focusing on strengthening and implementing cloud technologies to accelerate their digital transformation. This is mainly to enable remote working conditions as well as to have better processes and systems which will allow them to reap major benefits.
What are the cybersecurity trends for 2021?
Extended Detection and Response (XDR) is the big one as endpoint security has become one of the biggest challenges with increased numbers of people working from home. It is not just that the number of incidents that have grown exponentially, but customers are seeing more advanced attacks and hacks aimed at devices that are connecting to the enterprise via VPN. What XDR allows is a platform to consolidate multiple products and deliver unified security and this form of endpoint security is crucial currently. It tackles a very large number of security services that focus on advanced threat detection and response.
What are the key factors to consider to make sure the digital economies of today are secured?
Two of the key areas that need to be in place to ensure strong security are responsibility and agility. Responsibility is not just about having someone in place to tackle the security needs in a digital economy, but more focused on nurturing and guiding both employees and end customers on the importance of security alertness. It is always important to assume networks are compromised and probe deeper rather than proving that the network is hacked. In today’s fast-paced world where technological advancements are happening on a daily basis, it is critical to upgrade and not hold on to legacy systems.
On the other hand, security agility includes a 360-degree approach that takes into consideration maintenance, upgrades, legacy code, feature removal, etc. It is also important to avoid being perimeter obsesses, when, at this point employees are constantly on the move and accessing company data from personal devices which are prone to attacks. Another key point to consider is that the CISO or the IT teams, in general, are made a part of the decision-making processes where security is factored from the very start and is able to benefit with adequate budgets. All this is possible when there is a cultural shift that understands the intrinsic value of technology and security.