Enterprise IT World in conversation with Sundar N Balasubramanian, Managing Director, India and SAARC, Check Point Software Technologies.
With massive digitization happening in the industry, what is the state of security and vulnerability expanding?
We find ourselves in the midst of the fifth generation of cyber- attacks known as Gen V which are attacks that are large-scale and fast-moving and can easily bypass conventional, static detection-based defences. It is not uncommon to find enterprises trying to protect their IT environments with older, detection-only technologies that only protect against viruses, application attacks, and payload delivery. This often leaves networks, virtualized data centers, cloud environments, and mobile exposed.
The following are some key trends we have observed in the industry:
- Mobile: According to industry data, India was the top country for mobile malware in 2018 (23.6 per cent), with over 3,000 Android malware being reported each day. Mobile threats are increasing in quantity and sophistication, and we are seeing a higher infection rate. Using smartphones and tablets to access critical business information on the go has many benefits, but can also expose sensitive data to risk. Enterprises today need to manage and mitigate the risks of BYOD, in order to protect employees and corporate assets from mobile cyber threats. To be effective, organizations must secure mobile devices with immediate threat removal and real-time intelligence that extends the existing security and mobility infrastructures. Mobile security must include several building blocks that address all the different aspects of the security challenge: Mobile Device Management or, Secure Containers, and Mobile Threat Prevention, protecting against unknown and zero-day threats.
- Cloud: The growing popularity of public cloud environments has led to an increase in cyber-attacks targeting enormous resources and sensitive data residing within these platforms. The lack of security practices such as misconfiguration and poor management of the cloud resources, remains the most prominent threat to the cloud ecosystem in 2019, subjecting cloud assets to a wide array of attacks. In addition, the dynamic nature of cloud-based infrastructure breaks traditional network boundaries and introduces a variety of new challenges, making traditional security approaches ineffective.
- IoT: Many IoT devices still suffer from a lack of security and contain security vulnerabilities. Default usernames and passwords, lack of software updates and lack of security awareness by the manufacturers are just some of the reasons that make IoT devices so vulnerable to attacks. Since IoT is spreading to more and more consumer products, businesses will need to think about how to protect their smart devices and prepare for the wider adoption of IoT. Wearables, for example, can be hacked to capture video or record audio. From an enterprise perspective this is another challenge to be addressed in the coming years, since attackers are aware of the fact that IoT devices are a weak spot in organizational networks, and try penetrating through them.
With so many of solution providers with millions of spend on R&D, why there is no abatement of vulnerability?
Even if an organization is leveraging the most comprehensive, state-of-the-art security products, the risk of being breached cannot be eliminated because of the ever-evolving threat landscape. In fact, Check Point’s 2020 Security Report establishes that no organization, big or small, is immune from a devastating cyber-attack. We are working with organizations and governments around the world and are sharing recommendations on cyber protection strategies, and using advanced technology with the focus on prevention, not detection or remediation.
You have solutions for end point to perimeter, what is the competition landscape? What are your competitive advantage?
Check Point leaves the patchwork, best-of-breed deployments of the past behind through Infinity, its security architecture that unifies all networks, cloud, and mobile. Check Point offers automatic and immediate threat intelligence through new techniques that analyze behavior at the OS and CPU levels to prevent malware at the exploit phase before it has an opportunity to deploy. Also, proactive file sanitation offers true, powerful prevention without processing delays.
How are you alleviating the CISO challenges? What are the real concerns of CISOs?
Since the birth of cyber security, arguably about 30 years ago, the role of cyber security within corporations has evolved. Thirty years ago, we simply needed a great technologist to install anti-virus software and a firewall. Today CISOs need to understand the entirety of what’s going on within a corporation, from how their team’s decisions will impact business, to how the decisions of other departments will impact revenue streams. The ability to articulate business risks to the organization and to the board is also imperative.
Check Point helps CISO address the challenges of today by taking away the piecemeal, detection-led approach to security strategy, replacing it instead with a prevention-focused and unified security architecture that unifies networks, cloud and mobile. Our key defining security principles are (1) real time prevention that protects assets rather than notify after the fact, (2) agility to secure new assets in seconds and (3) consolidated security for cloud, IoT, networks, workloads, mobile and endpoint.
Although board room discussion mentions security to what extent CISOs are able to convince the CFOs/CEOs about spent on security?
Increasingly, CEOs / CFOs are recognising that cybersecurity is not just an IT issue but an organisational issue. The risks of cyberattacks span functions and business units, and given the stakes, making the decisions necessary can only be achieved with active engagement from the CEO and other members of the senior-management team or even the board. The CISO’s ability to articulate business risks to the senior management team to get their buy-in is a huge factor in ensuring that the organisation’s security strategy –and the investments required – are greenlighted.
What is your product road map?
Check Point innovation begins by understanding customers and their evolving security needs. Today, our leading-edge technologies secure networks, enterprise multi-cloud environments, and endpoint and mobile devices.Check Point remains committed to providing customers with uncompromised, innovative protection against all types of threats.
How many cities are you present in India and what is your plan for expansion?
Check Point is present in India’s 8 top cities – Mumbai, Delhi, Bangalore, Pune, Ahmedabad, Kolkata, Chennai & Hyderabad. We are working with our distributors and partners to cover the next 8 cities by July 2020.