'As long as businesses do not consider cyber recovery an integral part of their enterprise IT, they remain greatly vulnerable.'
Even as Indian organisations -- from start-ups to large corporations -- are cashing in on digitisation, cloud adoption and work-from-anywhere culture, experts warn that negligence of cybersecurity and risk management may spoil the party.
A recent report from Gartner has forecast end-user spending on security and risk management in India, ranging from infrastructure protection and identity access management to application security, at $2.65 billion in 2023 -- up by 8.3 per cent over the previous year.
As in 2022, security services will remain the segment with the highest levels of end-user spending in India in 2023, predicts the technology research and consulting firm.
"Many organisations in India lack in-house security capabilities, and as a result, they engage security consulting and IT outsourcing companies to meet their requirements," says Rustam Malik, senior principal analyst at Gartner.
The rising number of ransomware attacks, coupled with stringent government measures on digital-data protection and security-breach reporting, is pressing chief information security officers to increase their security and risk management spending for 2023, he adds.
Rajeev Chandrasekhar, the minister of state for electronics and information technology, recently informed Parliament that India witnessed 1.39 million cyber security incidents in 2022.
Over 4.5 million cases were reported and tracked in the country in the last five years, he added.
During the pandemic, a great many businesses shifted their data and workloads to the cloud for business continuity.
Some went a step further, to multi-cloud systems, distributing cloud assets, software and applications across several cloud-hosting environments to improve infrastructure capabilities and reduce costs.
This shift created new challenges in limiting user access to crucial levels in the hierarchy of an IT system.
"Previously, with the on-premise situation, only IT people had access to privileged accounts. Now, standard business users have also become privileged users in the cloud.
"An individual using a CRM tool has some privileges available, which allows them to download the customer list or certain leads, which puts us in a different situation than before the pandemic," says Rohan Vaidya, regional director for India and Saarc at CyberArk, an identity security company.
Vaidya reckons that privileged access management (PAM) has become more decisive than ever after the shift to the cloud environment.
PAM is an identity-security solution that helps protect organisations against cyber threats by monitoring, detecting, and preventing unauthorised privileged access to critical resources.
"There is a limited chance that your antivirus, XDRs or EDRs would be able to restrict a day-zero attack. If that event has never happened in the world, there is no way artificial intelligence would have learnt it," says Vaidya.
"Thus, providing the least privileges restricted to the role a user has to play in the system becomes crucial," he explains.
In recent years, CyberArk has witnessed greater adoption of PAM from the IT/ITeS sector, as it deals with offshoring business both from a compliance and a trust-building perspective.
Large manufacturing companies' IT automation plans show that they too have followed the trend.
Remote working, says Vaidya, needs companies to treat a standard user similar to a privileged user, making identity security a new parameter.
"Every person on the Internet, as either a customer, user, vendor, or employee, has an identity which needs to be protected. When an attack is in progress, the hacker's primary aim is to be able to take over the administrator account and eventually move up the hierarchy within the IT enterprise system, to reach the domain access to control it as an administrator," says Vaidya.
"Once you can do that, you can control the entire enterprise IT landscape."
Another potential measure could be assigning "just-in-time" privilege, which can be taken away either on a time-based or task-based case.
In 2022 Kaspersky, a Russian cybersecurity firm, noted that an almost two-fold (181 per cent) increase in ransomware was encountered daily, which translates to 9,500 encrypted files per day globally.
Cloud vulnerability remains one of the most prominent cybersecurity industry trends, says the company.
Experts at Kaspersky predict a shift in advanced persistent threat activity against industrial organisations and operational technology in new industries and locations.
"The pandemic has significantly boosted the need for cloud-based services and infrastructure for organisations.
"The region's public and business sectors are investing in cloud computing to improve their infrastructure and services.
"Misconfigured cloud settings are a significant cause of data breaches, unauthorised access, insecure interfaces, and account hijacking," the company told Business Standard.
In 2022, digital security in the business-to-business market remained a top commercial priority for Kaspersky, second only to the need to establish resilient security infrastructures in the face of increasing cyber-attacks.
Rising concerns have also prompted cloud solution players to upgrade the level of infrastructure security on a priority basis.
"As long as businesses do not consider cyber recovery an integral part of their enterprise IT, they remain greatly vulnerable," says Ripu Bajwa, director and general manager, data protection solutions, Dell Technologies India.
"Even if they choose the software-as-a-service model, their cybersecurity plan needs to ensure that their protection is not only limited to their cloud infrastructure, but is extended to their applications and data."
Per Dell Technologies' Global Data Protection Index 2022, with the growing incidence of employees working from home, 70 per cent of employees surveyed globally agreed that their organisation has increased exposure to data loss from cyber threats.
"Data centres, colocation facilities, public clouds and edge locations have complicated the IT landscape for businesses," says Bajwa.
"With major business processes turning digital, organisations across India have started adopting IT strategies to achieve efficiency in operations," says Bajwa. "This coupled with the rise in remote or hybrid working has led to the rise in cybersecurity incidents on the cloud."
Firms need to develop cybersecurity and data protection strategies, he adds, with embedded security features designed into the hardware, firmware and security control points.
"We believe that a holistic approach to cloud and data protection strategies will help organisations achieve Zero Trust architectures and strengthen cyber resiliency, while also reducing security complexity."
Feature Presentation: Ashish Narsale/Rediff.com