‘Cloud security will only get more important’

The India Technology Centre (ITC) in Hyderabad is the single largest research and development (R&D) facility for the $4.4 billion US-based CA Technologies, an IT management software and solutions company with expertise across all IT environments?from mainframe and distributed, to virtual and cloud. With its current headcount of 1,600 employees, the $30 million facility contributes to the development of all major CA Technologies products in the areas of IT management and security. It develops about 30% of the company?s global products. ?The ITC team plays a central role in developing innovative solutions to manage and secure IT environments for the company?s global clients,? says Sanket Atal, senior vice-president and centre head, ITC. In this role, Sanket is responsible for providing overall strategic leadership and direction to the centre. In a recent interaction with BV Mahalakshmi, he says CA Technologies is focusing on government, telecom, defence and BFSI verticals as major growth areas for the firm. Excerpts:

What is your growth strategy in India and the focus areas which could propel your businesses?

We have invested about $60 million in India. About one-third of R&D is done out of India which suffices to say that the country is an important and emerging market. Hence, we are building our growth strategy which will centre around our large systems integration play and we are investing in that area significantly. We are also stepping up our focus in certain industry verticals like telecom where CA has a vast array of industry leading IT management solutions in the areas of network fault, performance and reporting (e-health and spectrum), as well as application management. We will be increasing our investments and focus on the governments sector, particularly the e-governance and power segments where we foresee a lot of IT investment in the next few years.

How do you see the Indian market responding in terms of global trends?

In majority of companies, the overall IT spending seems to be in a forced decline. However, budgets allocated for IT security initiatives remain constant or growing. Several factors have contributed to this counter intuitive trend. First, the fear of internal threats directly resulting from spending cuts and layoffs has overtaken the fear of external threats. Second, compliance with ever-increasing industry and government regulations and satisfying auditors continue to fuel IT security investments.

It would be reasonable to expect that large organisations would have automated internal security processes and adopted technology solutions such as identity and access management to handle internal threats. Surprisingly, that is not the case, but there is increasing interest in new solutions. Data loss prevention, provisioning, log management, single sign-on and other solutions to handle currently manual tasks are top-of-mind and top-of-wallet. Despite the mandate to reduce overall spending, necessity dictates that for the foreseeable future new IT security software solutions will be broadly adopted throughout the world.

So the growth prospects for security business are bright…

Definitely. The Indian market especially in specific industry verticals such as BFSI, telecom and IT-ITeS would be aligned to global trends. In fact, various e-governance initiatives in India too have ?addressing internal security threats? on the top of their agenda. We partner with the government agencies for the e-governance initiatives and work directly with the central government, state governments and system integrators like KPMG, Capgemini, Wipro, TCS, HCL, 3i Infotech and Sify. While the government business contributes about 40% to our revenue, BFSI another 25% and IT & ITES sector about 25%. The rest 10% comes from a combination of volume business and other verticals.

Didn?t a recent CA study say that cloud providers and cloud consumers are not aligned on cloud security?

We, along with Ponemon Institute, an independent research firm specialising in privacy, data protection and information security policy, found conflicting views on focus, priority and responsibility that suggest a pending security standoff between cloud providers and cloud users. Cloud providers are more focused on delivering the benefits of cost and speed of deployment, the top two reasons cited for migrating to cloud computing. Majority of cloud providers allocate just 10% or less of IT resources to security or control-related activities. This result is consistent with the finding that less than half of the respondents agree or strongly agree that security is a priority. Cloud security is as good as or better than enterprise security.

Also, majority of cloud providers believe security is primarily the responsibility of the cloud user; this contrasts with cloud users who believe security is their responsibility. Just 16% of cloud providers feel security is a shared responsibility, compared to 33% of cloud users who believe the duty should be shared. About 32% of both cloud providers and cloud users say security is the responsibility of the provider. Cloud users and providers should consider the importance of joint responsibility to create a secure computing environment.

What is the role of CA ITC in terms of patent filing? What are your hiring strategies for the next two years?

ITC has increased invention submissions from 19 in FY08 to 38 in FY09. This is a 100% increase. The overall CA average for green light to patent application is about 50%. ITC was higher in FY08 at 63% and is on target in FY09. The majority of ITC patent applications were for service management besides patent applications in security, green technology and platform delivery. We will be recruiting over 800 employees for our India operations from the present level of 1,700 staff at the ITC. We hope to fill up the total capacity of 2,500 employees in three years.