Cyber threats are evolving rapidly and leveraging real-world events to deceive victims. Cloud adoption has surged since Covid-19 and added more strain to threats originating from the cloud to its users.
Security now needs to work at the speed of the cloud, and any organisation that is slow to recognise this will see vulnerabilities multiply exponentially, says Anil Valluri, regional vice-president, India & Saarc, Palo Alto Networks. “Times like these call for CISOs to make a shift in how firms previously sought to strengthen their cybersecurity posture by plugging the gaps,” he tells Sudhir Chowdhary in a recent interview. Excerpts:
How has the pandemic impacted the security landscape in India?
Covid-19 has transformed the cybersecurity landscape like never before. Organisations across the globe are looking at the future of work to include telecommuting on a global scale. Digital transformation accelerated and pushed organisations to adopt automated transactions and in turn created a repository of data. These new entryways into corporate networks have opened up opportunities for the new attack vectors for threat actors.
Cyber threats are evolving rapidly and leveraging real-world events to deceive victims. Cloud adoption has surged since Covid-19 and added more strain to threats originating from the cloud to its users. With thousands of malicious domains coming online every day, it is imperative to protect every endpoint with continuous monitoring and automatic threat prevention tools because cloud-hosted applications and services are exposed to the same threats as non-cloud endpoints. Due to the complexity of cloud management, user-induced misconfigurations are the leading cause of security incidents. Cloud Native Security Platforms (CNSPs) help organisations monitor and secure resources across multiple cloud providers, workloads and hybrid cloud environments.
How is the significance of endpoint security increasing in the current scenario?
Given the current scenario, the cybersecurity market has sought to meet the need for tools that can identify advanced, sophisticated attacks, allowing enterprises to investigate what occurred, track and get to the root cause, and remediate affected endpoints. Legacy antivirus burdens local systems and simply can’t outpace advanced threats. Relying on signatures to identify attacks, outdated antivirus isn’t equipped to block sophisticated new adversaries.
No longer relying solely on malware, adversary strategies have evolved to include a broad set of automated, targeted and sophisticated attacks that can bypass traditional endpoint protection. WastedLocker, Samsa and other ransomware use targeted attack techniques to rapidly infect hosts. To stop ransomware, you need to block every step of an attack, including hard-to-detect lateral movement, and quickly restore compromised hosts if needed. Enterprises need new strategies and more intelligent investments to holistically protect their valuable data from adversaries today and in the future.
How are companies ensuring data security across multiple environments, in the absence of a data protection law in India?
As uncertainty over Covid-19 is in India, much of the workforce will continue tapping into their home networks to ensure business continuity, which also raises serious data security issues. Organisations are looking at automating processes to ensure data security.
In order to combat a situation like this, we are leveraging our own cloud-delivered network security product, Prisma Cloud, which uses Palo Alto Networks powerful Enterprise DLP to categorise sensitive and regulated data, such as PII, protected health information (PHI), customer records, financial data and intellectual property.
How has the cloud security space evolved in the last one year and what does the future of cloud security look like in the next few years?
Complexities within the cloud environment have grown extensively as organisations add more cloud providers, users, applications and resources. Most security solutions lack end-to-end visibility needed to accurately assess risks and alert security teams of advanced attacks, leaving them to deal with both unsecured cloud resources and the cacophony of false-positive alerts.
We recently launched Prisma Cloud ML-Powered Next-Generation Cloud Security Posture Management Capabilities to help organisations accelerate cloud adoption. These new updates minimise false network alerts, detect data exfiltration and provide comprehensive coverage of IaaS/PaaS services.
Looking at the year ahead and beyond, we’ll begin to see the rise of cloud native security platforms (CNSPs). These platforms will enable security teams to manage all their security across public, private and hybrid clouds from a single console.