IT Voice : Could you provide an overview of the current cybersecurity threat landscape, and are there any specific trends or challenges that are particularly relevant to the Indian cybersecurity landscape?
Verma : According to an International Data Corporation’s (IDC) Future Enterprise Resiliency & Spending Survey, Wave 2 (April 2023), a staggering 74% of Indian enterprises experienced ransomware attacks in 2022. Computer Emergency Response Team of India (CERT-In) data further underscores this, showing 14.02 lakh (1,402,000) cyber incidents in 2021 and 13.9 lakh (1,390,000) in 2022.
The Digital Personal Data Protection Act that was recently passed requires companies to formulate their data strategy and build the IT infrastructure that comply with the new regulation. This will require strong groundwork albeit strengthening the IT governance framework of the nation. The growing demand for skilled cybersecurity professionals in India exceeds the current talent pool, especially in specialized areas like data privacy, cloud security, AI security, and network security.
While the adoption of emerging technologies such IoT, ML and 5G, along with the evolution of hybrid work environments have enhanced our digital surface, they have also posed new-age cyber threats. As a result, traditional security perimeter is now becoming more fluid and rendering traditional point solutions obsolete. The nature of attacks too has become more sophisticated, with data thefts and service disruption turning into financial fraud, extortion and hacktivism. In June, India saw one of the biggest cyberattacks when one of our country’s premier institutions was infiltrated and more than a terabyte of data was decrypted.
Notably, late breach detection has been a chronic issue, with malware dwelling in organizational IT systems for extended periods. The use of Artificial Intelligence (AI) is gaining prominence to address this concern and achieve faster breach detection. These trends have expanded the digital surface, rendering traditional security perimeters less effective. The Zero Trust approach, emphasizing ‘systems thinking’ and ‘default mistrust,’ is gaining traction to counteract these challenges.
IT Voice : The recent IT Risk Survey by Kyndryl highlighted the top challenges companies face in managing the impact of adverse events. Can you share some of the key findings from the survey and how these challenges impact businesses?
Verma : The latest IT Risk Survey conducted by Kyndryl uncovered key global trends and specific insights within the Indian context. Globally, 84% of respondents recognized a heavy reliance on IT assets for critical business processes. More than 90% experienced compromises in IT systems or data in the past two years, leading to operational disruptions and legal consequences, underscoring potential reputational and financial impacts. Malware events, particularly ransomware, emerged as high-risk areas, signifying the gravity of cybersecurity threats.
In India, organizations demonstrated advanced practices and a proactive approach. Of the surveyed organizations, 46.81% mentioned having strong endpoint security controls in place, surpassing the global average of 34%. Additionally, 44.68% organizations surveyed highlighted that they regularly test and update their business recovery and continuity plan, as compared to the global average at 30.67%. Moreover, the survey pointed out that 36.17% organizations in India were confident about the recovering their systems and data from disasters and security breaches to an alternate location.
IT Voice : According to the survey, what are the key steps that Chief Information Security Officers (CISOs) should consider taking to enhance their organization’s cybersecurity posture and better protect against cyber threats?
Verma : To enhance their organization’s cybersecurity posture and fortify defences against cyber threats, Chief Information Security Officers (CISOs) should proactively engage voices from outside IT, anchoring cybersecurity discussions in the organization’s mission. This integration ensures that cybersecurity becomes an intrinsic part of the organizational culture. Clear alignment on the organization’s risk tolerance, effectively communicated to teams, is paramount for guiding cybersecurity strategies.
In addition to that, it is essential to establish Minimum Viable Company that involves identifying critical organizational components essential for sustaining operations and achieving business objectives. CISOs should take inventory by actively identifying and mapping critical IT assets, prioritizing them for protection and recovery in the aftermath of an adverse event. The implementation of a Zero-Trust Framework, adopting a deny-by-default standard, controls access to systems, allowing only necessary access.
CISOs should also establish a continuous modernization of the cyber resilience strategy is essential, ensuring it stays abreast of evolving business pursuits, IT landscapes, and external forces such as regulations. Building awareness at the board level is a critical step, keeping the board informed about IT risks and plans to mitigate them. This fosters top-down organizational alignment, garnering support for necessary changes to ensure the operational resilience of cyber-enabled systems during adverse events.
IT Voice : Can you elaborate on the concept of cyber resiliency and why it is becoming increasingly important for enterprises? What distinguishes cyber resiliency from traditional cybersecurity approaches?
Verma : According to Kyndryl IT Risk survey, while organizations believe they are well-prepared to manage and recover from adverse conditions, the reality is that a significant number of organizations have experienced adverse events in the past two years. This highlights the need for organizations to focus on cyber resilience strategies.
Cyber resilience is a modern approach to safeguarding an organization’s data and assets in the face of cyber-attacks and breaches. It focuses on the ability to defend against attacks while ensuring business continuity. Unlike traditional cybersecurity, which primarily focuses on preventing breaches, cyber resilience goes beyond that to include strategies for dealing with breaches when they occur. It encompasses technology, people, and processes, and involves mitigating risks within business processes and workflows.
Cyber resilience is a broader strategy that encompasses cybersecurity as a component. It focuses on defending against attacks while maintaining business continuity and mitigating risks. It is important for enterprises as it reduces financial loss, reputational damage, and increases value creation and trust. It distinguishes itself from traditional cybersecurity approaches by emphasizing strategies for dealing with breaches rather than solely focusing on prevention.
IT Voice : The cybersecurity industry is grappling with a significant skill gap. What are your thoughts on the challenges posed by this skill gap and the potential consequences for organizations? How is Kyndryl addressing this issue?
Verma : The cybersecurity skill gap poses significant challenges for organizations, including delays in completing digital projects and weaker security measures. The shortage of cybersecurity talent can be attributed to several factors, such as a lack of diversity in the talent pool, unrealistic expectations from employers, employees not keeping up with new skills, and experienced professionals leaving the field.
To tackle this issue, organizations can take proactive steps. Firstly, they can tap into underrepresented communities and provide opportunities for individuals from diverse backgrounds to enter the field. Secondly, upskilling current employees to bridge the skills gap is crucial. Organizations can invest in training programs and certifications to enhance their workforce’s cybersecurity knowledge.
Additionally, making job descriptions more inclusive and focusing on skills rather than specific qualifications can help attract a wider pool of candidates. This approach allows organizations to identify individuals with potential and provide them with the necessary training and support.
Kyndryl, for example, is aiming to bring cybersecurity awareness and training to India’s grassroot level through its collaboration with Common Services Centres (CSC). Together, they have launched the Cyber Rakshak program, which aims to empower women in rural and remote areas by equipping them with essential technology skills. These women will become Cybersecurity Ambassadors, promoting cybersecurity education and economic empowerment in their communities. The program aims to train over 100,000 women within three years, significantly contributing to bridging the cybersecurity skill gap.
IT Voice : Can you tell us about Kyndryl’s cybersecurity practice? How is Kyndryl catering to the modern security requirements of enterprises?
Verma : Kyndryl’s cybersecurity practice is strategically designed to meet modern security challenges by integrating Artificial Intelligence (AI) for swift breach detection. We proactively embrace the Zero Trust approach to cybersecurity, adapting seamlessly to the dynamic digital landscape shaped by IoT, 5G, and hybrid work environments.
Our Next Gen Detection and Response (ngXDR) strategy, encompassing Managed Detection and Response (MDR), SIEM, EDR, and Vulnerability Management, offers a versatile solution tailored to evolving security needs. The integration of cyber resilience with Business Continuity and Disaster Recovery strengthens our comprehensive security approach.
Additionally, Kyndryl’s Security Operations as a platform is built for adaptability, utilizing hybrid teams and adjusting to changing threat landscapes. In India, our collaboration with Common Services Centres for Cyber Rakshak aims to address the increasing demand for cybersecurity professionals.