Cover Story Features News

Offensive Defence: Best Strategy to Deter Attackers

jaydeep

“We aspire to be the first choice of our customers in all the three areas of cybersecurity: offensive, defensive and compliance.”

Jaydeep Ruparelia, CEO and Co-founder, Infopercept Consulting

It is an estimation that Cybercrime will cost companies worldwide an estimated $10.5 trillion annually by 2025. According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves. It does not mean large organizations are immune. Since they carry a battery of skilled cyber security professionals, bounce back becomes less difficult. It is a fact that the consistent growth in the attack vectors, does not match proportionately with the defence strategy evolution of the organizations. Therefore, there needs to have a pragmatic approach to the defence mechanism strategy – not just adding products and services to the networks. Here is a company by the name Infopercept propagates a different approach to the entire cyber security posturing and strategy of the companies. It’s suggestion is offensive fist approach and then design a strategy around the offensive findings followed by execution of the strategy. On the other hand, most of the organizations suggest solutions first then testing and remediation.

Infopercept started its operations with offensive security offerings in 2014, then in 2015 added GRC practices. By 2020, the company had set up its SOC offering 24×7 services of detection and response and threat hunting. Its Technology Optimization Center helps organization to have all the security solutions in their landscape and Compliance Optimization Center takes care of all security compliances needed by the clients in their vertical and geography. It means the company had a pretty linear growth.

Jaydeep Ruparelia, CEO and Co-founder, Infopercept Consulting said, “Interestingly, Infopercept’s inception and the addition of our services and solutions have followed exactly the path of the cybersecurity journey, which we suggest to our customers.”  

 At a time when the company was developing its services capability, the company started developing its own platform called ‘Invinsense’. Under with Infopercept provides XDR, deception, offensive security and security compliance solutions. All these solutions comes managed services alongside and have dedicated teams to support the endeavour.

Today Infopercept covers cloud security end-to-end and has AWS’ MSSP level 1 partnership credentials. Jaydeep added, “In cloud security, we cover the entire landscape and journey of cloud security. In initial stages we help with: well architected framework, Devsecops, cloud security posture management, cloud workload protection and cloud native security. In the later stage, we help with cloud security monitoring and threat hunting with our various XDR solutions.”

Company Roadmap

Infopercept has adopted a two-fold approach to its roadmaps. First the company will go deeper in its current offering, including cloud security and achieve more and more integration, automation and human intervention.

Second, it will also expand into newer security landscapes. The company is currently developing OT security solutions, which will be out soon and will be moving into IOT security in the near future.

Finally…

With an aggressive service offering and ambition to expand in multiple verticals and geographies, it might go for an exponential growth, but it is a very difficult to tap into the market with its existing manpower. It has to bring in additional resources in house and start leveraging the channel engagement. Therefore, the company is considering strengthening a channel strategy. In addition to that the company is also leveraging alliances with other neutral cybersecurity bodies to build research and development.

 

Interview

From your learnings what are the major challenges of CISOs in the enterprises?

In the current scenario, a CISO faces major challenges on both the fronts: strategic and execution.

At the strategy level, the major problem is the inertia of organizations to develop a culture of cybersecurity right from the board level to the employee level. The board should see it as a business enabler and a CISO should be more empowered to make that difference. At the employee level, everyone should be made aware that cybersecurity is a joint responsibility of the entire organization.

At the execution level, all three pillars of cybersecurity: offensive, defensive and compliance are not done continuously. To achieve continuous improvement in cybersecurity posture, all these approaches learn from each other and contribute to the overall posture.

Do you think the solutions would alleviate pain points of the CISOs to some extend?

Only solutions cannot solve it as cybersecurity has become very comprehensive. This is the reason; we suggest a combination of our solutions and services.

Invinsense XDR with blue team, Invinsense XDR+ with purple team, Invinsense OXDR with red team and Invinsense GSOS with pink team.

We call our entire offering as ‘cybersecurity with an attacker’s mind and defender’s brain’. This helps organizations to first think and act like an attacker and then structure their defence, which becomes the brain of their cybersecurity.

We are sure that using a continuous approach with a combination of tools and people, organizations can reduce their cyber risk to a manageable level.

How do you want to differentiate yourself?

On the offerings side, we aspire to be the first choice of our customers in all the three areas of cybersecurity: offensive, defensive and compliance. All offerings are deeper and interconnected and cove all kinds of digital landscapes: On premise, cloud, mobile, OT and IOT.

At the organizational side, we are an IP led service company and that is our main differentiation. This is a kind of intersection between IP led product companies and service companies. We chose this path, as we want to solve cybersecurity problems of our customers to the deepest level, which can be solved if we have our own solutions and service offerings.

What is the manpower strength as far as services are concerned and what are your locational presence?

We have more than 150 security professionals and these are into the three pillars of cybersecurity that I mentioned before. These employees are at a different level of their expertise, and they learn from each other.

Location Presence (Domestic Market)

  • Ahmedabad
  • Bangalore
  • Chennai.

Location Presence (International Market)

  • UK
  • Middle East
Name few of your major customers?

As a cybersecurity best practice, we cannot reveal our customer names, but we have a spectrum of customers. Traditional to born in cloud companies, all are our customers. We also cater to all verticals, but BFSI, Healthcare, FinTech’s and Critical Infrastructure are our customers.

Related posts

Sachin Joins Protiviti India Member Firm

enterpriseitworld

OpenText Acquires Pillr

enterpriseitworld

Infor GenAI and ESG Reporting Capabilities launched

enterpriseitworld
x