Cyber attacks are more prevalent, creative and faster than ever. Protecting sensitive data and systems against unauthorised access, loss and compromise is the need of the hour. Therefore, businesses must build robust data security frameworks, said Viswanath Ramaswamy, vice-president, Technology, IBM India & South Asia. In a recent interview, he spoke to Sudhir Chowdhary on how IBM is helping companies to become cyber-resilient. Excerpts:
What are the key factors driving adoption of enterprise cloud security in India?
In recent years, most organisations have accelerated their digital transformation journeys to stay ahead of the various micro and macro-economic disruptions, as well as competition. While businesses have also attempted to secure their hybrid cloud environments via a host of platforms and tools, there is a need to integrate these solutions to ensure there are no weak spots that may be exploited, internally or externally.
Further, as revealed by the IBM Security X-Force Threat Intelligence Index 2023, there has been a 94% reduction in the time it takes for cyber attacks to occur — attacks that used to take months can now be accomplished in mere days. Therefore, speed to identify vulnerabilities, to respond and to ensure these breaches don’t recur is becoming a top priority for enterprises.
As India gets ready for a new era in data protection with the introduction of the Digital Personal Data Protection Act, 2023, organisations must immediately deploy robust security measures to ensure compliance with new regulations.
What are some of the immediate cloud security challenges Indian enterprises need to overcome?
Owing to the rampant adoption of hybrid cloud models and the data explosion resulting from digital transformation efforts, organisations are struggling to protect structured and unstructured data that are multiplying across public clouds, data warehouses, and popular SaaS applications. As organisations deal with high levels of shadow data (any data not available to the centralised data management framework) that is retained in their system but never even used, the risks of sensitive data being exposed are getting compounded. Unmanaged data, especially if it contains sensitive or personally identifiable information (PII) of customers, poses significant risks for businesses.
IBM’s Cost of a Data Breach Report 2023 revealed that 28% of data breaches in India resulted in data loss spanning multiple environments, indicating that attackers were able to compromise multiple environments while avoiding detection. Protecting sensitive data and systems against unauthorised access, loss and compromise is thus critical.
How can businesses build cyber resilience and safeguard customer data?
Businesses must build robust data security frameworks. As customers digitally interact with an organisation’s products and services daily, it is important for businesses to understand the lifecycle of their data and how such data evolves over the course of its journey, to be able to implement robust controls for data security and privacy. Organisations need to invest in comprehensive, end-to-end data security platforms that help unlock the benefits of a preventative, proactive security posture by accelerating discovery, protection, and response to threats.
How is IBM helping enterprises in their journey to become cyber-resilient?
IBM’s contribution to enhancing cyber resilience encompasses a holistic strategy that integrates cutting-edge technologies, industry insights, and a proactive stance in the face of evolving threats. Our contribution can be broadly categorised into three areas. The first is attack surface management, where IBM Security Randori, a cloud-native offering, helps SecOps teams continuously monitor the attack surface to discover assets exposed to attackers and prioritise them based on adversarial temptation. Second, we are increasingly focusing on the use of AI and automation in cybersecurity with offerings like IBM Security QRadar — to help businesses save time, empower their security teams and equip them with speed to close the gap with the attackers. Finally, with solutions like IBM Security Guardium, we empower organisations to enjoy wide visibility and ensure compliance and protection throughout the data security lifecycle.
