Cybercriminals have become smarter and sharper. Newer, and faster technologies open up greater opportunities for cybercriminals, posing more threats affecting individual consumers, businesses and governments alike.
“Insurgence of cloud, mobility and Internet of Things enabled devices make information security a prerequisite for businesses and make the need for a plan to combat security threats a pre-requisite,” says Shrikant Shitole, managing director – India, Symantec in an exclusive interview with TechObserver.in.
What trends did you witness in the enterprise security space?
Symantec's Internet Security Threat Report Volume 20 (ISTR.20) revealed that cyber attackers are making a tactical shift by infiltrating networks and evading detection by hijacking the infrastructure of major corporations and using it against them. They also continue to favour zero-day vulnerabilities to silently sneak onto victims' computers, and 2014 had an all-time high of 24 discovered zero-day vulnerabilities. Additionally, 317 million new pieces of malware created or close to 1 million new pieces of unique malware each day were created in 2014. Globally, five out of six large companies were targeted in 2014, a 40 percent increase over the previous year.
The India landscape is not very different. In fact 60 percent of targeted attacks were aimed at large enterprises and a third (34 percent) were targeted towards small businesses. Email remains a significant attack vector for cybercriminals, but they continue to experiment with new attack methods across mobile devices and social networks to reach more people, with less effort. Cybercriminals are also relying on lucrative and aggressive attack methods like ransomware, which rose globally by 113 percent as per ISTR Vol 20. India reported the third highest ransomware in Asia, with an average of more than seven attacks every hour. A more vicious crypto-ransomware attack style has evolved which holds a victim's files, photos and other digital content hostage without masking the attacker's intention. In India, a staggering 86 percent of all ransomware were crypto-ransomware.
What's the outlook for the enterprise security segment for 2016?
Attacks have become smarter and sharper. Newer, and faster technologies in 2016 will open up greater opportunities for cybercriminals, posing more threats affecting individual consumers, businesses and governments alike. Insurgence of cloud, mobility and Internet of Things enabled devices will make information security a prerequisite for businesses and make the need for a plan to combat security threats a pre-requisite.
Cloud Security – As companies seek to move their information to the cloud, they're looking for security providers who can keep their information protected regardless of where it resides. Data Loss Prevention (DLP) is one of the key technologies to enable anytime, anywhere, any device data protection. DLP is a foundational technology for cloud security.
Advanced threat protection with advanced Incident Response capability will be of prime importance as they will enable organization to uncover, prioritize and remediate advanced threats in this increasingly complex threat landscape.
Internet of Things (IoT) will not only become the bedrock of smart cities, but also continue to make its presence felt in our homes and enterprises, making securing them more important than ever before. The market for Internet of Things–ready devices is growing but is still very fragmented and as enterprises move farther away from traditional endpoints to IoT, the whole security framework will become increasingly important.
Mobile devices will continue to be attractive targets: With the ongoing smartphone boom, India will is expected to overtake the US as the second largest market for smartphones in the world by 2016 with 200 million smartphone users (eMarketer report). Mobile devices would continue to be the target for cyber attackers as they store personal and confidential information and are switched on all the time. As more and more companies jump on the BYOD and mobility bandwagon, mobile security and management will become critical.
Need for encryption will escalate: Mass adoption of devices will compel enterprises to embrace BYOD, further emphasizing on enterprises having to relook at the BYOD framework from just managing smartphones to securing them. Encrypt everywhere is quickly becoming the mantra of the technology industry. With so much communication and interaction between people and systems happening over insecure and vulnerable networks like the Internet, strong encryption for this data in transit has been well recognized for some time and it is generally implemented. In the light of the same, the need for encryption will escalate. Mobile OS makers continue to make improvements to the encryption of their products to fill in the gaps from the application and service makers. Building cyber security skill sets: Internet security relies on the human element as much as it does on technology. If people were more skilful, they could help reduce the risks they faced.
Building adequate cyber security skill sets- up-skilling and training to build a skilled taskforce will also be one of the key asks in the upcoming year. In this context, security gamification will be used to turn “the desires of the moment” into lasting changes of behaviour by using the psychological rewards and instant gratification of simple computer games. Security Gamification could be used, for example, to train consumers to be wary of phishing emails or to generate, remember, and use strong passwords.
What verticals are propelling the demand for enterprise security solutions?
While enterprise security has seen increased demand across all sectors, it is businesses that deal with critical infrastructure that primarily drive the demand, owing to the fact that they are constantly on the cybercriminals' radar. In fact, according to Symantec's ISTR, we saw an increase in the number of attacks on key sectors such as financial services (17.1 percent in 2014; up from 11.1 percent in 2013), transportation and communications (4.4 percent in 2014; up from .8 percent in 2013). Of these, the transportation, communications, electricity and gas industry saw a five time increase in the targeted attacks. Additionally, sectors like mining, which includes oil and gas exploration, were preferred by attackers of all types as they received the highest number of phishing mails and second highest number of virus-bearing emails in 2014.
95% of Fortune 500 companies are Symantec customers. While we continue our focus on sectors like be bfsi, Telecom, Government, IT and ITeS that have traditionally been early adopters of security solutions, we are also seeing other sectors such as manufacturing and pharmaceuticals increase their focus on information security. Due to the amount of critical data, volume of endpoints and the vastness of the operations in the companies operating in these verticals, information protection continues to play a pivotal role.
How have the technology shift such as cloud, mobility, virtualization, BYOD impacted the overall enterprise security business in India and globally?
The current threat landscape is very dynamic and the types of attacks we are seeing today are increasingly sophisticated. With increasing level of awareness, slowly but steadily, security is becoming an integral part of the overall enterprise strategy. Cybersecurity is no longer an issue that concerns IT and security professionals alone, but is also an important topic for boardroom discussions.
The IT infrastructure has become more complex and information is now dispersed across devices, apps, and locations: physical, virtual and cloud. Adversaries are targeting all control points from the gateway to email to the endpoint. This poses greater threats for organizations, who currently lack holistic security practices and technologies to combat today's advanced threats. Organizations now need to move from just keeping malware out to finding the malware in their network and responding to it quickly and efficiently. Regardless of the platform or device, it is critical for organisations to adopt advanced security measures that are different: if it's connected it must be protected. Also, advanced threats, such as ransomware, remote access trojans, advanced persistent threats (APTs) and zero day attacks, are on the rise and security professionals can no longer rely on using individual point products at each control point to stop them. While trends such as Bring Your Own Device (BYOD) provide flexibility and business profitability; it has transitioned personal security challenges into the corporate walls. The process of uncovering threat data across endpoint, network and email gateways is manual and time-consuming, which gives attackers an edge.
What are the major challenges that enterprise security face today and how they could be overcome?
Today's attackers are skilled enough and sufficiently resourced to have the persistence and patience to carry out their espionage activities over a period of months or even years. They have only to be successful once in order to breach their targets' defenses. Symantec has observed that advanced attackers are using stolen email accounts from one corporate victim to spear-phish their next corporate victim.
Also, today's businesses lack in the desired holistic IT security practices and technologies to deal with the new set of threats. Additionally, internet security relies on the human element as much as it does on technology. Unintentional causes, such as employees losing devices or accidentally exposing critical data, are still the most common causes of security breaches. The understanding of the CIOs and CXOs as to how security can be built into their IT practices to effectively manage the ecosystem is also limited in many cases.
Another challenge faced by organizations is of overworked and understaffed security teams that have so far been stitching together “good enough” security point products that were originally not designed to work together. Not only do these practices make an organization more vulnerable to breaches, but it also increases operational complexities- indicating a need to engage in unified security.