On an average, it takes teams six days to address a security alert whereas attackers require only hours to exploit newfound vulnerabilities. “Manually responding to each one is impossible,” says Anil Valluri, MD & VP – India & Saarc, Palo Alto Networks. “Automation is critical in any organisation’s cybersecurity armour. Our research finds that 95% of businesses in India are moving to an increasingly automated security stack, showing the collective emphasis on this shift,” he tells in a recent interview with Sudhir Chowdhary.
What capabilities must organisations develop to stay ahead of modern-day cyber threats? Where do organisations fall short?
While there’s no silver bullet to immediately solve modern cybersecurity challenges, adopting a holistic approach to cybersecurity is essential. Cybersecurity consolidation and automation go a long way in ensuring better results. When responding to threats or assessing organisational cybersecurity posture, chief information security officers (CISOs) can avoid unnecessary complexity. It’s not just a user experience (UX) problem; it hinders visibility across the organisation and hampers mean time-to-respond/detect. Automation helps organisations keep up with the onslaught of modern threats. Cloud-delivered security ensures your stack is always updated with the latest intelligence. This ensures organisations are 100% secure against legacy threats and, at the very least, delay any breach that may occur due to a novel threat.
What are the most common threats plaguing both organisations and individuals today?
In India, organisations are most concerned about the threat of malware. While the malicious payload deals the actual damage, social engineering is often the enabler. Thus, identifying these social engineering tactics through proactive monitoring with enhanced cyber-literacy is critical. This is particularly relevant in India, where organisations express greater apprehension about social engineering attacks compared to the APAC-average. In 2024, operational technology (OT)-supported critical infrastructure will remain a prime-target. Exacerbating it is the shortage of specialised OT solutions and skilled personnel. Given the high stakes and limited OT-security measures, cybercriminals will continue exploiting this goldmine.
To what extent can automation help quell cybersecurity concerns?
Through XSIAM (an AI-driven security operations platform), our analysts handle 36 billion security alerts daily, of which, most are automated. But without such a high degree of automation, our teams would be inundated with security alerts, leading to fatigue, increasing the chances of a cyberattack. In 2024, the truly automated security operations centre (SOC) continues to be an aspiration for the industry. Our State of Cybersecurity survey found that 95% of businesses in India are actively moving to an increasingly automated security stack, showing the collective emphasis on this shift.
What are the tangible benefits organisations can expect when consolidating their stack?
The modern enterprise, on an average, deploys 31 security tools – each having its own procurement, implementation and upkeep requirements. This introduces various gaps where human error can creep-in and overextend cybersecurity teams. Consolidation removes these blind-spots and reduces the time to respond. Shared intel across the cybersecurity stack means teams can maximise the use of automation and AI/ML, while being a more cost-effective solution. Vendor sprawl during times of crises is not even a consideration for organisations with consolidated security stacks.
What are the cyber-security trends to watch out for in 2024?
As organisations become more comfortable with deploying the technology at scale, Gen AI will stay in the limelight. We will see AI’s role evolve for the good and bad, calling for more protection on enterprise-level use of Gen AI. Separately, operational technology will continue to be the low hanging fruit. Organisations are under the false notion that OT environments are protected by an air gap, but IT/OT convergence means OT is more connected than ever, in some cases, even to the cloud. A breach in this area results in lost revenue at best, and injuries or loss of life at worst. This year will see organisations invest in OT cybersecurity in a bid to protect the most crucial business systems and manage increased risks. Lastly, we continue to see tremendous value in consolidating security to a single vendor. Disparate security tools add complexity and make it tough to respond to threats in time. Put simply, a single point of contact is way easier to manage when a crisis strikes.