In this insightful conversation, Tony Anscombe shares how cloud-based security solutions enhance cyber resilience, the role of AI-driven threat detection, and why a cloud-first approach is essential for Indian businesses. Stay ahead of evolving threats with expert strategies and best practices!
Exclusive Interview With Tony Anscombe ,Chief Security Evangelist at ESET
Cloud-Based Security & Cyber Resilience
IT Voice- How do cloud-based security solutions enhance cyber resilience compared to traditional on-premise security models?
Tony Anscombe – On-premise systems rely on fixed architecture and dedicated teams to manage and maintain them. The benefits of cloud-based security solutions is the distributed architecture, often on a global basis with 24/7 monitoring by security operations center teams. The cloud-based systems have the ability to operate with real-time updates, utilization of AI, and threat intelligence to provide improved protection.
IT Voice– What are the latest advancements in AI-powered threat detection, and how do they improve incident response times?
Tony Anscombe- AI powered threat detection has been in use by ESET for nearly 30 years, with early adoption of neural networks in the late 90s. In a modern cyber security architecture using end-point detection and response solutions the volume of data and analytics required to identify threats requires AI powered systems to automatically generate incident alerts and where necessary respond without human intervention. For example, suspicious activity on an end-point device may cause an automated response to automatically isolate a device for further investigation, with this predicative action automated response time decisions are made in near real-time.
IT Voice- How can organizations balance security and performance when shifting to cloud-based cybersecurity solutions?
Tony Anscombe –The balance should not be an issue., Wwhen transitioning from on-premise to cloud based security solutions it’s important to conduct continuous monitoring, performance and efficacy testing to ensure there is no degradation in protection and efficiency. It’s important that the migration uses cloud native technologies rather than adapting existing solutions to work within the cloud.
IT Voice- What role does zero-trust architecture play in strengthening cloud security?
Tony Anscombe – A traditional security architecture is based on a model that everything inside the network is trusted, whereas a zero-trust architecture treats everything as a potential threat that requires verification and authentication. If everything needs verification then only authenticated and authoriszed users gain access, and for each asset accessed the authentication starts again, removing the ability of the attacker to move laterally through a network of assets.
IT voice- With the increasing adoption of multi-cloud environments, what are the biggest security risks businesses should be aware of?
Tony Anscombe – The biggest risk is misconfiguration, often caused by human error which often a result of human action.. With multiple cloud environments there are different security and privacy options that may all behave differently, and present different risks based on the combined configuration options. These systems may also require different security solutions to be used, removing the benefit of a single system overseeing the security and alerts generated. It’s important that businesses implement unified security tools that provide centralised visibility and governance across all cloud platforms with the adoption of multi-cloud environments.
Automation in Cybersecurity
IT Voice- How is automation transforming cybersecurity, and what are the key benefits for businesses?
Tony Anscombe – The cybersecurity industry lacks expert resource, this shortage is global and the latest estimates predict a shortage of approximately 3 million to fill positions. At the same time threats have become sophisticated, requiring deep analytics of huge amounts of data to identify potential activity that could be a threat. This perfect storm of complexity and lack of resource has pushed companies into the adoption of automated solutions to bridge this gap and to protect their business. Without automation, protection levels would decline, leaving businesses vulnerable to advanced cyberattacks., without it the protection level would be significantly reduced.
IT Voice- AI-driven security tools are evolving rapidly—how can companies ensure they are leveraging them effectively?
Tony Anscombe – AI should not be viewed as a solution on its own, but as a crucial layer within a broader security strategyit a tool used as a layer within an solution. Companies need to ensure they work with technology that presents a layered architecture of differing technologies to detect and prevent attacks, while at the same time ensuring the vendor(s) of the technology are at the forefront of research that enhances protection, whether AI or other technologies. AI is not a security silver bullet.
IT voice- Can AI and automation completely replace human intervention in cybersecurity, or do they work best as a complement?
Tony Anscombe – AI is not a replacement for human expertise,AI augments but does not replace human expertise. Tthey should complement each other to provide comprehensive protection. Machine learning models analyse data to detect anomalies, but human oversight is essential to train AI, validate alerts, and minimise false positives. A hybrid approach—AI-driven automation for efficiency, with human intervention for critical decision-making—ensures the best security outcomes AI systems today make decisions based on data, a form of machine learning, and the training of such systems requires human oversight to ensure there is a balance of security while maintaining a low false positive ratio.
IT Voice- How can businesses prevent adversarial AI threats, where cybercriminals use AI to bypass security systems?
Tony Anscombe – Cybercriminals currently use AI as a tool to assist attacks, as opposed to an attack being generated by AI. Examples of AI assistance can be seen in the obfuscation of malicious code and in the crafting of content used in social engineering attacks. To counter this, businesses must adopt advanced detection methods that analyse behavior rather than code structure. AI-powered security tools can sandbox suspicious code and detect malicious intent, even when disguised. Staying ahead requires continuous updates and adoption of evolving security features. Advanced detection methods have the ability to sandbox code and examine its actions, and whether its intent is malicious, regardless of obfuscation. Companies must adopt and keep pace with cybersecurity product evolution in order to keep pace with the changing threat landscape, this may not mean changing products, but adopting new features within existing solutions.
India’s Cybersecurity Landscape & Cloud-First Approach
IT voice- How do you assess the current state of India’s cybersecurity readiness?
Tony Anscombe – India has made significant strides in enhancing its cybersecurity posture, reflecting a robust commitment to safeguarding its digital infrastructure. The enactment of the Digital Personal Data Protection Act (DPDPA) in 2023 marked a pivotal step toward strengthening data protection and privacy regulations. This legislative framework aligns with international best practices, underscoring India’s dedication to creating a secure digital environment.
In 2024, India’s cybersecurity landscape evolved notably, with the country achieving Tier 1 status in the Global Cybersecurity Index. This achievement reflects India’s strong commitment to establishing robust cybersecurity practices and its recognition as a role-modelling nation in this domain.
While these achievements highlight India’s positive trajectory, the rapidly evolving threat landscape requires continuous adaptation and innovation to stay ahead of emerging cyber risks.
However, the rapid pace of digital transformation presents ongoing challenges. The proliferation of digital transactions has been accompanied by a surge in cyber fraud cases, necessitating continuous efforts to enhance cybersecurity measures.
IT Voice- What are the most pressing cybersecurity threats facing Indian businesses today?
Tony Anscombe – Indian businesses face a dynamic threat landscape characteriszed by increasingly sophisticated cyberattacks. The rise of Ransomware-as-a-Service (RaaS) platforms has democratiszed access to ransomware tools, enabling cybercriminals with limited technical expertise to execute complex attacks. This trend poses significant risks to sectors such as healthcare, finance, and government. Our ESET Threat Report H2 2024 highlighted the prevalence of RaaS in India, where an attack popped up on our radar during an attack on an Indian manufacturing company.
Additionally, the widespread adoption of digital payments has led to a corresponding increase in digital financial crimes. Scammers are leveraging advanced technologies, including artificial intelligence, to execute sophisticated schemes such as deepfake technology and spoofing. This underscores the need for businesses to implement robust cybersecurity measures to protect against evolving threats.
IT Voice- Why is a cloud-first approach critical for Indian organizations in combating cyber threats?
Tony Anscombe – A cloud-first security strategy is no longer optional – it’s essential. With businesses shifting to hybrid and remote work, securing traditional on-premise infrastructure has become increasingly challenging. Cloud-based security solutions provide real-time threat intelligence, automated patching, and a centraliszed security management, ensuring faster detection and response to cyber threats.
Additionally, cloud-first security platforms leverage AI and machine learning to analysze vast datasets and proactively identify anomalies before they become major breaches. They also enable businesses to scale security measures efficiently, reducing operational costs while maintaining strong defences.
For Indian organizations, where cyber threats and regulatory requirements are evolving rapidly, cloud security offers the agility needed to stay compliant and protected against sophisticated attacks.
IT Voice- How can Indian enterprises address regulatory and compliance challenges while adopting cloud-based security solutions?
Tony Anscombe – Regulatory compliance is a growing concern for Indian enterprises, especially with the introduction of DPDPA 2023, which mandates stricter data protection measures. Businesses must ensure their cloud security strategies align with these regulations by implementing data encryption, role-based access controls, and secure cloud storage policies.
Additionally, organiszations should choose cloud security providers that offer compliance-ready solutions tailored to Indian regulatory requirements. Security frameworks such as Zero Trust, multi-cloud governance, and automated compliance monitoring help businesses maintain regulatory adherence while minimiszing risks.
Regular security audits, real-time monitoring, and employee cybersecurity training further strengthen compliance efforts, ensuring organiszations stay ahead of evolving legal and cybersecurity challenges.
IT voice- What cybersecurity best practices should Indian businesses follow to stay resilient against evolving threats?
Tony Anscombe – Cyber threats are becoming more sophisticated, and Indian businesses must adopt a proactive security approach to stay resilient. To strengthen their cybersecurity posture, Indian businesses should:
- Adopt Zero Trust Security—ensuring all access requires verification
- Use AI-driven threat detection to neutralise risks in real time
- Implement multi-factor authentication (MFA) to prevent unauthorised access
- Prioritise cloud security and encryption to protect sensitive data
- Conduct regular cybersecurity training to counter phishing and social engineering attacks
- Develop a robust incident response plan for quick recovery from breaches
- Perform continuous security audits to identify vulnerabilities before exploitation
