‘Cybersecurity is not high enough on the agenda of boardrooms’

A proactive approach to cybersecurity is the first step in ensuring a more secure future for enterprises, says Anil Valluri, managing director & regional vice-president, India & SAARC, Palo Alto Networks. “Modern enterprises need to think of cybersecurity as a continuously adapting wing of operations, rather than a point-in-time one,” he tells Sudhir Chowdhary in a recent interview. Excerpts:

What are the main threats companies are dealing with from a cybersecurity perspective?

While there are countless threats and tactics being deployed, two come out on top:

Ransomware: Inadequate cybersecurity coupled with low awareness within organisations has made them susceptible to ransomware attacks. As per Palo Alto Networks’ Ransomware and Extortion Report 2023, India is now the second-most targeted nation within the Asia Pacific and Japan (AP&J) region; up from number three the previous year. There has been a 20x surge in harassment within ransomware cases which shows that multi-extortion techniques are being used to maximise payout.

Also read: Two Adani firms to raise up to Rs 21k cr

Cloud threats: Hasty digital transformation has meant that while the volume of data in the cloud today has increased exponentially, the capabilities to protect against advanced threats are not upto the mark. This transition is being made in anticipation of enhanced agility, lowered costs, flexibility, and accessibility, and without a cybersecurity-first approach, a slew of cloud-vulnerabilities are quick to follow.

With reports of hacktivist groups targeting over 12,000 Indian government websites, distributed denial-of-service (DDoS) attacks are also worth keeping an eye out for.

Which industries are most susceptible to cyberattacks?

The Ransomware and Extortion Report 2023 found that manufacturing and construction accounted for almost a third of the ransomware incidents observed domestically. This may be due to an over-reliance on legacy solutions for the sake of convenience and cost. Exacerbating this are operational technology (OT) devices that are hard to secure as they often lack built-in security and are not designed to withstand advanced threats.

Rectifying it requires businesses to start taking OT security more seriously. Defending against increasingly sophisticated threats requires integrated solutions that can provide automation, context, and Zero Trust capabilities across both OT and IT networks.

What emerging threats/trends do you see in the context of artificial intelligence?

AI is widely regarded as a double-edged sword. On one hand, security practitioners use AI-powered security tools and products to tackle large volumes of cybersecurity incidents with minimum human interference. On the other hand, AI allows amateur hackers to develop intelligent malware programs and execute stealth attacks. Since the launch of ChatGPT, there have been concerns worldwide regarding its potential to democratise cybercrime. While the system technically has guardrails designed to prevent actors from using it for malicious ends, ChatGPT, with a few creative prompts, can generate a near flawless phishing email that sounds “weirdly human”.

However, it is important not to write off the technology as inherently bad. Keeping up with AI-powered cyberattacks requires AI-powered solutions. Cybersecurity experts are already significantly improving incident response by enhancing detection and prevention using AI to detect threats before they occur, and to analyse large volumes of data.

Also read: C-PACE to simplify removal of company names from register: MCA

What must companies do to ensure a cyber secure future?

Shift-left and Zero Trust: Organisations must implement Zero Trust which operates on the principle of “never trust, always verify”. It requires full commitment through shift left cybersecurity — where cybersecurity is emphasised right from the inception of even the most innocuous processes.

Consolidation: Disparate and outdated cybersecurity tools ramp up the time to respond, thus taking a breach from bad to worse. Streamlining operations through single-vendor solutions simplifies the process and gives peace of mind to CISOs who know they won’t have to coordinate with multiple vendors when a breach occurs.

AI-enabled automation: As adversaries leverage AI to automate attacks against infrastructures defended by poorly integrated security products, security operations teams are required to respond faster than ever. Manual intervention is simply not scalable to adequately protect an enterprise network against such threats. Moving to an AI-enabled automated solution that handles and takes a majority of incidents automatically is crucial.