Targus Technologies plans to work closely with its OEMs (such as Juniper, Fortinet, etc) to provide high levels of hardware and advanced threat protection. Raunaq Singh, CEO & Director, Targus Technologies, shares his insights on India’s cyber security space and how his company plans to approach the market
What are the key drivers of cyber security growth in India? Do you think companies are spending more on cyber security?
The information security market in India is expected to grow by 50 per cent in the next three years, according to KPMG. The market, including hardware, software and services, will be nearly Rs 1,200 crore this year. Financial services (FS) and technology information, communication and entertainment (TICE) are two sectors that are reporting a continuing focus on IT security. The growth in cyber security is primarily driven by the necessary measures needed to counteract the increasing number of cyber crimes that people, businesses, and governments face on a daily basis.
Aside from the growing number of targeted attacks that is driving the growth in cyber security, the number of cyber security venture deals also highlights the growth in this space. The increasing number of targeted attacks and cyber crimes is driving the growth in cyber security and is continuing to augment the demand for these services, as venture capital firms have continued to pour money into this space. The increasing cyber security measures taken by governments, organisations, and corporations bode well for the cyber security industry from an investment perspective.
In addition to the increasing cyber attacks that are driving the growth in cyber security, the overall industry outlook for cyber security from an investment perspective is also positive. The increasing number of targeted attacks is driving the growth in cyber security services as major governments and venture capital firms have continued to invest money into cyber security companies. In addition to the high projected growth rates by various industry research firms and analysts, IoT security, cloud security, and increasing cyber crime costs are going to continue to drive the spending in this industry moving forward.
Being a security partner, what are the opportunities and challenges you see in this business?
Opportunities: The banking and financial sectors have led the way as top targets for cyber attacks in the last five years, with IT and telecom, defense, and the oil and gas sectors following behind. The threats are many and varied, but so are the opportunities – technology constantly teases us with new ideas, products, and ways of living our lives. It also presents new economic opportunities, new ways of doing business, and new ways to make a difference.
If there’s one prediction we can make about the next decade it is this: data will be king. The opportunities for products and services involving data are going to increase exponentially. Combined with the Internet of Things (IoT), there is tremendous economic opportunity for companies to innovate and produce products for the global stage; but all of these will also require cybersecurity as a fundamental building block. There is an inherent interest for companies to implement good cyber security strategies to ensure their profitability is protected, and this in turn will require cyber security products and skilled cyber security professionals in the workforce.
Challenges: While the opportunities are clear, there are a number of challenges we need to address. Ideally, all sectors from government and industry, to enterprise and education, need to play a part in the development and promotion of cyber education, skills and products.
If there’s one lesson to learn from cybercriminals, it is the collaboration and practice sharing. Knowledge is power, as we know, and so keeping a breach secret only helps the attackers – if an exploit isn’t made public, it can be used on the next company, and the next. In order to stop it, free sharing of information among business and enterprise, cyber security professionals, and security software vendors is essential.
It’s interesting to note that professionals like lawyers and doctors are seen as prestigious, yet the skills and knowledge required to be a cyber security professional doesn’t demand quite the same esteem. However, we are already at a stage where skilled cyber security professionals are essential to the operation of most industries in India.
Finally, perhaps the biggest hurdle here is educating the sector, particularly among CEOs and boards. There is a dearth of knowledge among decision makers on cyber security risks and the investment required to manage them.
Do you think security as services, especially IT outsourcing, consulting and implementation services are more lucrative than hardware support services? Can you share few recent wins in security-as-a-service model?
Security services will continue to be the fastest growing segment, especially IT outsourcing, consulting and implementation services. However, hardware support services will see growth slowing, due to the adoption of virtual appliances, public cloud and software-as-a-service (SaaS) editions of security solutions, which reduces the need for attached hardware support overall.
How digital transformation is proving to be a big game changer for security partners; how are you helping your customers?
Customers’ networks are rapidly evolving to keep pace with new innovations and consumer demands. Digital transformation is now integral to remaining competitive in any space. This means that enterprises have to constantly introduce increased access and functionality to their networks via applications, connected devices, and more to meet shifting consumer and employee demand.
Today, consumers want greater access to the data and information stored by organisations in order to more efficiently navigate their digital lives. At the same time, employees want access to applications and services that can automate tasks and optimise operational efficiency. Across industries, customers have been quick to comply with these requests due to the distinct competitive advantages they offer, often without taking related security issues into enough account.
As digital adoption increases and network perimeters continue to erode, cyber security is a growing concern. Organisations taking action on their digital transformation plans have to be aware of and plan for the security implications that go along with those plans, and act accordingly to ensure security at each layer and segment of their expanding attack surface.
Could you share some of the best practices you follow or advise to your customers?
Firms can mitigate the risk of cyber attacks with few best practices:
- Threat Assessment: A cyber threat assessment (CTA) can help your customers mitigate the risks brought on by specific technology adoptions, as well as across their entire network security infrastructure. A CTA ensures they have the necessary security measures in place, as well as locating security gaps that have to be fortified
- Cyber security training: Employees are the biggest risk for firms. Training needs to be conducted regularly, not just once a year. It also needs to be varied, both in method (such as in-person, email, blogs) and with different topics (such as passwords or visitor access) to engage your employees. Tailor the training by staff role, make training practical and relevant, show employees what good cyber hygiene looks like so they may bring those practices home with them to protect their families and home systems
- Access management: Companies need to monitor on an ongoing basis how people get granted access to systems and data. When employees change jobs, how quickly is their access changed? What are the processes? Whether they are using multifactor authentication from outside, or even internally. The absolute best practice is any remote access to your core network should be protected by two-factor authentication
How can organisations improve their security postures?
Improving security is not just about spending on new technologies. As seen in the recent spate of global security incidents, doing the basics right has never been more important. Organisations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralised log management, internal network segmentation, backups and system hardening.
What are the new areas you are looking for security space, and how are you building the capabilities and skills for the same?
We are looking to focus more on security since this is going to be the biggest growth driver in the next decade. With Artificial Intelligence (AI), IoT, Business Analytics and Robotics taking centre stage in the next decade, it is imperative that we give security the attention that is required to make businesses safe. Targus plans to work closely with its OEMs (such as Juniper, Fortinet, etc) to provide high levels of hardware and advanced threat protection. However, this is not enough, as we are also investing in skilled resources to use the SDKs provided by OEMs and build our own layer of security on top on that. We intend to secure all seven layers of our customers’ network and business place.