Akshat is the Chief Technology Officer and Co-founder at Cyware. A thought leader and a creative thinker, Akshat has immense expertise in bringing innovative technology solutions for tackling societal and enterprise problems. Akshat holds a Management degree from the most prestigious business school in India, IIM Lucknow, and a Master’s degree in Computer Science from the Central University of Hyderabad. Before Cyware, Akshat served as the Director of Programs at Oracle and was key to facilitating cloud ventures for Oracle Enterprise Manager. His earlier role at Adobe Systems also shaped the company’s core products to grow to a substantial scale and helped secure several patents in core technology domains.
Over the past few years, waves of data breaches and exploits have taken a toll on the world’s biggest organizations and their billions of users. India is no exception. While many countries have strengthened their cybersecurity posture, the rapid digitalization in India has not been buttressed by an upgrade in the overall cyber maturity. In fact, India is witnessing a new wave of cyberattacks. Several large and small enterprises in India from multiple critical infrastructure sectors including financial services, energy and power, retail, transportation, and consumer sectors have been attacked in the recent past.
As per the data shared by CERT-In, India witnessed a 300% increase in the number of cyberattacks in 2020 over the preceding year. The Indian cyber threat landscape has further aggravated as COVID-19 imposed lockdowns across India and companies were forced to implement remote working with little to no experience in managing cybersecurity in a remote environment. As India continues its digital growth journey, it will be faced with an increasingly sophisticated threat landscape that will need to be confronted by enterprises with a mature cybersecurity posture and cultural shift.
Threat Intelligence for Proactive Actioning
Modern cybersecurity is all about identifying and eliminating threats even before you are attacked. This requires 24×7 real-time situational awareness of the threat landscape which can be achieved only through predictive, contextual, and actionable threat intelligence. Presently, enterprises in India have largely designed their security strategies around damage control from cyberattacks with an overall focus on achieving bare-minimum compliance. Most of the security tools that are currently deployed by organizations compliment their reactive security posture which is rudimentary in nature and rife with loopholes when it comes to overcoming the tactics and techniques deployed by the highly sophisticated nation-state threat actors and organized cybercriminal groups.
To be able to effectively and proactively counter the growing spate of cyberattacks, enterprises need to start leveraging threat data to uncover their security weaknesses and hunt down the prime threats they face. If situational awareness is a jigsaw puzzle, threat intelligence insights are the pieces that help you reveal the broader picture. What enterprises in India must do is to start ingesting and analyzing threat intelligence from multiple sources to identify cyber threats that are more relevant to them. Such actionable threat intelligence will not just complement them in identifying threats that need to be proactively blocked in their operational environment but would also aid and assist their disparate security teams in making better strategic and tactical decisions.
Smarter Automation for Faster Response
Consuming threat intel is only half the work done. To proactively react to the burgeoning burden of cyber threats, organizations need a smart incident response (IR) plan which can be attained by adopting smarter security automation technologies also known as SOAR (Security Orchestration, Automation, and Response). With a cogent SOAR capability, it is possible to achieve security goals in less time, while making space for human decision-making when crucial. Furthermore, security automation capabilities enable organizations to actively force-multiply their strengths emanating from their deployed security stack. They can seamlessly merge strategic and technical threat intel feeds to rapidly enrich incident investigations and better comprehend security threats. The orchestration of security operations processes necessitates putting security analysts in the best position for analysis and response to threats.
The Pressing Need for Collective Defense
Enterprises in India continue to work out of their own silos, which essentially means that there is not enough collaboration between them. On the other hand, their western counterparts have been managing cyber risk through a collective defense strategy against adversaries through the formation of threat information sharing communities. Collective defense requires organizations from different sectors of the economy to start sharing information with each other in real-time over secure channels and platforms. An ideal collective defense unit involves close collaboration between private and public entities in which both sectors share threat intelligence with each other. Such an effective sharing of strategic and tactical threat intelligence in real-time prevents cyberattacks from spreading. Furthermore, intelligence shared over secured platforms can also be leveraged to disclose new zero-day attacks, vulnerabilities, and mitigation strategies as against disclosing them in the public which alerts attackers and motivates them to improvise and design new attack vectors.
With the expanding number of breaches, it is critical that a framework is designed in which businesses are encouraged to share information and best practices with each other and government agencies, such as CERT-In, National Critical Information Infrastructure Protection Centre (NCIIPC), and sector-specific government entities such as Institute for Development and Research in Banking Technology (IDRBT), to share threat information in ways that will keep companies and consumers protected and aware.
The Way Forward
The bottom line is that Indian enterprises should not wait for a major cyber crisis to upgrade their security infrastructure. In a world where adversarial powers are resorting to cyber warfare and hackers are targeting every industry they can get their paws on, one cannot afford to just sit back and watch. It goes without saying that Indian enterprises need to act now to up their cyber readiness by leveraging the cutting edge in threat intelligence and security automation-driven technologies. If the recent past has taught us anything, it is that the public and private sectors must come together to help build an effective cybersecurity posture through a collective defense mindset.