Sundar N Balasubramanian, Managing Director, India and SAARC, Check Point Software Technologies

In an interview with tele.net, Sundar N Balasubramanian, managing director, India and SAARC, Check Point Software Technologies, sheds light on key security trends surfacing in the enterprise segment and how Covid-19 is likely to impact the cybersecurity market…

What are some of the key security related trends that have come to fore as a result of Covid-19 pandemic?

The Covid-19 pandemic has resulted in rapid and widespread changes that organisations did not expect and were largely unprepared for. With remote working models being deployed across organizations, the scope for cybersecurity widened. A survey by Check Point shows that organizations were hit by increased cyber-attacks, with 71 per cent of respondents reporting an increase in cyber-attacks during the period of February and March 2020. In addition, 95 per cent of respondents faced IT security challenges as a result of having to provide large-scale remote access for employees.

  • Cybercriminals have been quick to capitalize, exploit and target organizations across all sectors, and our ’Cyber Attack Trends: 2020 Mid-Year Report’ revealed the following trends that have arisen as a result of the pandemic.
  • Covid-19 themed attacks: COVID-19 prompted a great increase in the proliferation of malware attacks. During the pandemic, thousands of coronavirus-related domain-names were registered, many of which have been used for scamming unsuspecting victims.
  • Double-extortion attacks: Cyber attackers adopted this new form of ransomware attack, where large quantities of data are exfiltrated prior to being encrypted. Victims who refuse to pay ransom face the possibility of their data being leaked.
  • Mobile exploits: In 2020, threat actors identified new mobile infection vectors, improving their techniques to bypass security protections and place malicious apps in official application stores.
  • Zoom related phishing attacks: The pandemic resulted in a huge increase in the number of people using Zoom, and cybercriminals leveraged this to launch phishing attacks. According to Check Point’s research, Zoom-related domain registrations, and fake Zoom installation programs in particular, were behind the major increase in cyberattacks. Check Point also collaborated with Zoom earlier this year to fix a potential vulnerability that could have allowed hackers to join a meeting uninvited.

How can a multi-cloud security platform be used to secure remote working environments? 

In the early days of public cloud, businesses would use one cloud to meet all of their digital infrastructure needs. Today, most companies are relying on multi-cloud strategies. These approaches use multiple cloud computing service providers to give the organization different options and capabilities to choose from.

The right security framework will protect your business and allow it to maximize the full value of a multi-cloud environment. Here are some best practices to help you make informed choices:

  • Understand the Basics: It’s imperative to understand how the public cloud shared responsibility model works. Cloud providers maintain responsibility for the security of their own cloud infrastructure. This includes features like multi-factor authentication, encryption, and identity and access management. However, your organization is responsible for how the data, workloads and other cloud assets are secured within the cloud infrastructure.
  • Consistent Security: When performing identical operations on multiple clouds (for availability or redundancy purpose), you should implement the same security settings and policies on all clouds and ensure this is maintained to ensure continuous consistency.
  • Automate Security Everywhere: Don’t underestimate the importance of automating security tasks. And while this certainly helps save time, this isn’t the primary objective. Rather, the goal is to reduce the risk of human error.
  • Minimize “Point” Security Solutions: “Point” security solutions – distinct security tools that address distinct security needs – don’t integrate well together. Too many point solutions create manageability overhead and security gaps. For best results, minimize the number of point security solutions on hand. This significantly reduces complexity and lessens the likelihood of error.
  • Single point of control: Simplify your multi-cloud complexity by using a “single-pane-of-glass” unified management that provides cloud engineers a single point of control to manage application and data security across their multi-cloud deployments.

Check Point cloud native security, delivered through CloudGuard, provides automated security and advanced threat prevention across multi-cloud environments to protect organizations’ cloud assets and workloads. 

What are your views on Indian market’s readiness from a cybersecurity standpoint?

According to Check Point’s Threat Intelligence Report, in the last six months, an organization in India was being attacked an average of 1,189 times per week, compared to just 465 attacks per organization globally. Today, cybersecurity cannot be reactive or incident driven – rather there has to be a proactive focus towards security. Organizations in India need to close security gaps and secure their networks, from employees’ home PCs and mobiles to the enterprise data center, with a holistic, end-to-end security architecture. If we look at the overall trends, these priorities are essential for organizations across the world, not just India. Also, the big enterprises that we speak to in India are not very different from those in other parts of the world. Some are more advanced, some are behind in terms of the level of security.

What will be some of the cloud security challenges that organizations are likely to face as they recover from Covid-19 impact?

Migration to the cloud has accelerated recently due to the pandemic. Several years’ worth of IT changes were being compressed into just a few weeks. Many Infosec and DevOps teams rushing to the cloud did not scale their cloud security postures to the level of their traditional data centres.

According to the 2020 Cloud Security Report, the highest ranking threat was misconfiguration, with 68 per cent of companies citing this as their greatest concern (up from 62 per cent from the previous year). Misconfiguration takes place when a cloud-related system, tool, or asset is not configured properly, thus endangering the system and exposing it to a potential attack or data leak. This threat was followed by unauthorized access (58 per cent), insecure interfaces (52 per cent), and account hijacking (50 per cent).

The report also looked at the top cloud security concerns. Among these were data loss or leakage (69 per cent)—up 5 per cent from last year—and data privacy and confidentiality (66 per cent)—up 4 per cent. These were followed by concerns about accidental exposure of credentials and incident response (tied at 44 per cent); legal and regulatory compliance (42 per cent); and data sovereignty, residency, and control (37 per cent). Another major source of concern for executives and security experts was that of compliance, with 90 per cent of those surveyed considering continuous compliance during migration from on-premises to the cloud extremely important.

How do you see cloud security evolve in a post Covid world?

Migration to the cloud has accelerated recently, especially in light of the COVID-19 outbreak. This global shift towards a nearly 100 per cent remote workforce almost overnight has led to a spike in demand for online services, digital access, and highly available applications accessible from any location. A 2020 study found that a staggering 87 per cent of companies plan to expedite their cloud migration in the post-pandemic world, and 68 per cent of companies are using two or more cloud providers as part of their migration effort. This leap forward, however, has come at a price.

The increased use of the cloud means an increased level of security, especially in technologies that secure workloads, containers and serverless applications on multi and hybrid cloud environments.

Visibility is particularly important in cloud security, because you can’t secure what you can’t see. And cloud computing can often cause multiple visibility problems. Broad and well-integrated cloud security solutions help you to eliminate cloud blind spots.