“Seven billion people cannot be trained as cyber security professionals and we need to leverage automation as much as we can,” says Sean Duca, Vice President and Regional Chief Security Officer, Asia Pacific, Palo Alto Networks, in an interaction with CRN’s Rachana Jha. Sean also spoke about the ongoing digital transformation in India and how Indian market is important for them
Some edited excerpts…
How do you see digitisation overall and in India?
Whether it is the government or private sector, everyone is looking to digitise what they do and make it easy for people to interact. People get access to different products and services in multiple ways, which brings along amazing benefits and opportunities. They can think of innovative ways to provide a centre of services. However, this brings in some potential challenges as you digitise and collect a lot of information. Hence, there is a need for precaution about what information is being collected and how they should process and protect it. In India, the government is making efforts to digitise the systems, through some large IT and ITeS organisations.
We live in a world where there is a constant fight between man and machine. Seven billion people cannot be trained as cyber security professionals; we need to leverage automation as much as we can. Dealing with automated adversaries also means controlling our digital assets.
In the case of recent breaches do you think there was lack of accountability?
Many breaches have happened due to misconfiguration or lapse in the security system. A lot of us may be using the same password for different accounts. When we have systems, where we continue to use the same password, there are chances of websites being compromised. That is how someone can get access to our environment, if we do not patch our systems and practice cyber hygiene. Malware is probably increasing at a faster rate than it has before. It is also programmed to do several things. Eighty per cent of the malwares have the capability of stealing personal and important data.
Sometimes it is not just the technology or a thought process; it comes down to the accountability of the business. Business owners, leaders, executives and board of directors need to come forward and take accountability for the same.
How much is India prone to cybersecurity attacks?
India is one of the leading markets in the world. We have seen that organisations do not take adequate steps to avoid cyber attacks. By digitising the domain, companies in India will benefit and will be able to curb such cyber attacks.
What are the steps one should take before implementing cloud or IoT?
Anything you put into the cloud is your responsibility. People tend to think that they do not have to do anything after implementing cloud. Microsoft is taking care of it with Azure and so does AWS. But, you must protect what you have put into the cloud. CISOs must protect the work and limit the access of what they want to put on the cloud. They must allow limited visibility and control Infrastructure as a Service (IaaS), and Platform as a Service (PaaS). There should always be a healthy rivalry between CIOs and CISOs regarding the cloud and they should look at doing things in a secured way.
What steps would you suggest for mitigating attacks?
There is a number of things to be kept in mind. There should be complete visibility and control of applications. Most of the organisations in India that I have dealt with, typically have about 300 different applications on their network. Only approved applications should be worked on and the rest must be prevented. The same needs to be applied when organisations go online; they must leverage some form of automation, so that it quickly turns into a known threat.
What are the major challenges in cyber security?
Phishing, by far, is the most prevalent vector that is being used to get a foothold inside an organisation. I have seen business compromise as one of the most common things that is impacting organisations. The other challenge that organisations face is credential theft: we still see massive amount of credentials that are being compromised. They are then collected and tried on multiple websites simultaneously. We need to move away from relying on just passwords and leverage multi-factor integration.
How do you ensure protection from insider theft?
We need to make sure that everyone does not have the privilege to access information. We must limit the access to the systems and make sure that we maintain the privacy and integrity. One should be able to detect and monitor in case of an attack – which can be either inside or outside. The same skillsets are used to detect and monitor outsider or insider thefts.
What, according to you, would be the top trends in cybersecurity in future?
We are going to see much more efficiency in the cloud in the coming days. We still see people being plagued with or impacted by misconfigurations in the cloud by virus. Relying simply on the native capabilities that build these cloud platforms is not good enough. The other trend is probably more towards privacy and compliance. We are also seeing regulations like GDPR coming to India and other countries. It would not be surprising that in five years from now, India will have its own version of GDPR.
What is the roadmap for Palo Alto Networks for the next five years; and how important is the Indian market?
We are readily booting out our strategy to keep on providing the capability to prevent a successful cyber attack, whether within the cloud or from the network. We have started to see a bigger shift moving towards the cloud and therefore the need to secure that. We have also started to see how security technologies can be consumed in different ways. We will help organisations manage, operate and drive all security solutions in the right way.
In terms of markets, India is a huge and an important market for us. It is one of the biggest growth areas. From a business perspective, we will continue to invest in India. We have recently acquired a company called RedLock, and we have got a number of developers in Bengaluru.