@entitworld
@enterpriseitworld
@enterpriseitworld
R S 2 0 | PA G E S 4 4 | V O LU M E 0 4 | I S S U E 0 2
WWW.ENTERPRISEITWORLD.COM
FOR THE CIOs. BY THE CIOs. APRIL 2019
SECURITY:
THE NEVER-ENDING
BATTLE IN A CISO’S LIFE Security has become the most important aspect of an organization. From leading to a drastic financial loss, to spiralling the business down to the tunnel of customer/client mistrust, Security breaches have destroyed many successful businesses.p....20
EDITOR’S LETTER
NO ORGANIZATION ON THE EARTH IS SECURE. It is surprising and shocking to hear that Wipro employees’ accounts got hacked. It means the 4th largest IT company in India could not save itself from the hacker’s attack. To remind, Wipro is not only an Indian IT major but also one of the large IT services companies on the earth, which offers IT services to most of the large Indian and global companies including the names like Vodafone, Telenor, HSBC, Citi, Domino’s (some location), Lloyd’s, IAF, Airtel, CITI Bank, NIC, MetLife, DIAL, BHEL, Walmart, Best Buy, T-Mobile, HP, Nokia, Philips, etc. So, hacking of this nature puts every company associated with Wipro on a vulnerable point. The message to be taken away is that if Wipro can be targeted then every organization can be. The only difference is that an ethical company like Wipro went on to accept it publicly and brought everything under the control before the menace could spread to other major accounts, which was the intention of the hackers. In 2018 alone, India had seen 15,700 website hacks. Sophos’ survey had reported that 76 per cent businesses were hit by cyberattacks in 2018, while globally 68 per cent organizations had faced attacks. India was third in cyber-attacks in 2018 after Mexico and France. And the trail of the attack goes through money. So, where the money lies, attack follows it.
COVER STORY
NEXT MONTH SPECIAL
INDUSTRIAL IOT OPPORTUNITY AND GROWTH
The next issue is dedicated to Industrial IOT for the CIOs. This issue is one of the most important issues in the year as IOT is becoming centrifugal component in the entire CIO scheme of things in the manufacturing. Therefore, we would like to take feedback from the CIOs and vendors and create our judgment.
Another very surprising fact is that no IT staff including the CIO or CISO, can make any sense of what is happening until the attack surfaces. They are taken by surprise. But the fact is that the nature of the attacks is never sudden, there is always phishing or spamming before the attack happens. It indicates that there is no prediction mechanism on earth to minimize damage if not avert the attack completely. And, humanly it is also not possible to detect and prevent. No human brain can predict the unpredictable. It is only some mechanism or machine learning which can handle the situation in a better way. So the scenario is pretty clear that AI & ML becomes paramount. Only AI & ML can detect and reduce the impact of the attack and to some extent avert the attack. Today, most of the security vendors are offering solutions with AI & ML and organizations need to update their solutions. The other thing is that organizations should do periodic penetration testing of their systems and networks so that the vulnerability can be detected. This also entails the CIOs and CISOs willingness to do innovation contantly.
S A N J AY M O H A PAT R A S A N J AY @ A C C E N T I N F O M E D I A . C O M
SUPPLEMENT
AI /ML THE GAME CHANGER FOR THE CIOS The supplement story of the magazine would be around AI /ML, which is going to be a game changer for the CIOs.
PLUS
Interviews and Case Studies
Catch interviews, guest articles and case studies of recent applications from the Industry stakeholders, IT/ITES Vendors and IT leaders and CIOs from the Enterprise IT World CIO Community.
Send in your inputs to sanjay@accentinfomedia.com APRIL 2019 ENTERPRISE IT WORLD
3
CONTENTS V O L U M E 0 4 | I S S U E 0 2 | APRIL 2019 | W W W . E N T E R P R I S E I T W O R L D . C O M
FOR THE CIOs. BY THE CIOs.
Publisher: Sanjib Mohapatra Chief Editor: Sanjay Mohapatra Managing Editor: Anisha Nayar Dhawan Sub Editor: Pooja Jain / Sailza Kumari Designer: Ajay Arya Assistant Designer: Rahul Arya, Deepak kumar Web Designer: Vijay Bakshi, Sangeet Technical Writer: Manas Ranjan Lead Visualizer: DPR Choudhary MARKETING Marketing Manager: Nidhi Shail nidhi@accentinfomedia.com SALES CONTACTS Delhi 6/102, Kaushalya Park, Hauz
COVER STORY
Khas
THE NEVER-ENDING 20 SECURITY: BATTLE IN A CISO’S LIFE
Security has become the most important aspect of an organization.
New Delhi-110016 Phone: 91-11-41055458 E-mail: info@accentinfomedia.com EDITORIAL OFFICE Delhi: 6/103, (GF) Kaushalya Park, New Delhi-110016, Phone: 91-11-41657670 / 46151993 info@accentinfomedia.com
SECURITY TECH MAHINDRA /38
“Security and Technology: A CISO’s tools”
MORE INSIDE Editorial~ ~~~~~~~~~~~~~~~~~~~~~~~~~ 03 News~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 06 INTERVIEW INSTASAFE~ ~~~~~~~~~~~~ 33
16 CIO TALK
VIPUL ANAND
“Integrating Business with Technology”
4
30
30
32
SECURITY
SECURITY
“DNS Hijack – Simplifying the misroute”
“Challenges for the CISOs: Educating themselves and the employees”
ARCHIE JACKSON
ENTERPRISE IT WORLD APRIL 2019
KASPERSKY
Printed, Published and Owned by Sanjib Mohapatra Place of Publication: 6/103, (GF) Kaushalya Park, Hauz Khas New Delhi-110016
Phone: 91-11-46151993 / 41055458
Printed at Karan Printers, F-29/2, 1st floor, Okhla Industrial Area, Phase-2, New Delhi 110020, India. All rights reserved. No part of this publication can be reproduced without the prior written permission from the publisher. Subscription: Rs.200 (12 issues) All payments favouring: Accent Info Media Pvt. Ltd.
ITWORLD
ROUND UP
New NetSuite Partner Initiative Meets Global Demand for Cloud ERP B Y S A N J AY @ A C C E N T I N FO M E D I A . C O M
To meet growing customer demand for cloud ERP systems that has seen strong growth for Oracle NetSuite in the last year, NetSuite today announced SuiteLife, a new partner engagement initiative. SuiteLife represents the largest investment NetSuite has ever made in its partner ecosystem and encompasses a number of the NetSuite Partner Programs, which include more than 550 partners in 85 countries. With SuiteLife, new partners will be able to start selling and delivering NetSuite to customers in only 90 days, while existing partners will benefit from innovative new offerings to expand their NetSuite practice and amplify their growth. 6
ENTERPRISE IT WORLD  APRIL 2019
The rate at which customers are moving ERP to the cloud is at an all-time high and our partner ecosystem plays a critical role in helping us meet this demand. By making it easier than ever for partners to join, succeed and grow in the NetSuite ecosystem, we are putting the power of the NetSuite platform into the hands of more organizations across the world. With NetSuite, organizations gain the visibility and control needed to navigate complexities and accelerate growth while NetSuite partners capitalize on the generational transition to the cloud,� said Craig West, VP of Alliances and Channels, Oracle NetSuite.
D ATA BRIEFING
India Public Cloud Services Spending to Value at $6.3 Billion by 2022 Source: IDC
ITWORLD // NEWS BRIEF
Juniper Networks’ SD-WAN as a Service reimagines the Enterprise Branch
Check Point confirms Crypto-Mining Malware as the top malware
Check Point Research, The Threat Intelligence arm of Check Point Software Technologies Ltd., has published its latest Global Threat Index for March 2019. The index reveals that while cryptomining services such as Coinhive have closed down, cryptominers are still the most prevalent malware aimed at organizations globally. As announced last month, both Coinhive and Authedmine stopped their mining services on March 8th. For the first time since December 2017, Coinhive dropped from the top position but, despite having only operated for eight days in March, it was still the 6th most prevalent malware to affect organizations during the month. At its peak, Coinhive
CIO
impacted 23% of organizations worldwide. Many websites still contain the Coinhive JavaScript code today, though with no mining activity taking place. Check Point’s researchers warn that Coinhive may well reactivate if the value of Monero increases. Alternatively, other mining services may increase their activity to take advantage of Coinhive’s absence. During March, three of the top five most prevalent malware were cryptominers – Cryptoloot, XMRig and JSEcoin. Cryptoloot headed the Threat Index for the first time, closely followed by Emotet, the modular trojan. Both had a global impact of 6%. XMRig is the third most popular malware impacting 5% of organizations worldwide.
EVENTS
22-26 APR 2019
8
25-27 APR 2019
Bengaluru The conference provides a platform for entrepreneurs to explore the standards of India’s software developer ecosystem.
Mumbai A Conference for security businesses, software to total solutions, that brings together the manufacturers and buyers.
GREAT INDIAN DEVELOPER SUMMIT
INTERNATIONAL CONFERENCE FOR INFO SECURITY, AUTOMATION, FIRE AND SAFETY
ENTERPRISE IT WORLD APRIL 2019
Juniper Networks announces a cloud-delivered version of its SD-WAN solution, the most scalable offering on the market today. Juniper’s Contrail Service Orchestration now gives enterprises a simple way to manage and secure not only the WAN infrastructure, but also branch LAN and Wi-Fi networks typically deployed alongside it. This offering provides customers a new delivery model for Juniper’s feature-rich WAN solution and includes a suite of new capabilities to support secure automation throughout the enterprise branch service deployment lifecycle. “Juniper’s SD-WAN as a service easily connects and manages the full suite of Juniper’s branch and WAN solutions, making the benefits of SDN accessible to any enterprise. This is a significant step in enabling our customers’ journey to AI for IT, extending the SDN transformation beyond cloud and data centers to the branch and the WAN. With this launch, combined with our recent Mist Systems acquisition, we are making industry-leading strides in our bid to make SDN and AI for IT a reality for companies of all sizes, ” said Manoj Leelanivas, Chief Product Officer at Juniper Networks.
26 APRIL 2019
29 APRIL 2019
Bengaluru The summit aims to discuss the potential of harnessing the power of technology in next-gen hospitalization for patient centric care.
Pune A Congress that marks the innovations that the IoT technology is bringing to the industrial ecosystem and enterprises.
FUTURISTIC HEALTHCARE SUMMIT
INDUSTRIAL IOT
ITWORLD // NEWS BRIEF
VMware Cloud Foundation on Dell EMC VxRail will enable faster adoption of hybrid cloud
Dell EMC created VxRail, a next-gen technology that provides future proofing for your infrastructure, over a period of 3 years, to improve and optimize VMware systems. Powered by VMware vSAN and Dell EMC PowerEdge servers, VxRail is the only fully integrated, pre-configured, and pre-tested VMware hyper-converged appliance in the market. The Cloud Foundation on VxRail is engineered to act as an operative nexus for all activities pertaining to the user’s hybrid cloud. This highly integrated platform is built to offer a seamless experience with respect to delivery of infrastructure. It aims to provide an “on-premise infrastructure running” experience which is set to surpass
QUICK BYTE ON
the existing systems within the Cloud Foundation. Each lifecycle is automated and punctuated with a “turnkey on-premise” experience. The end-to-end lifecycle design is built to minimize the risk and maximize efficiency. The lucid interface coupled with quick deployment greatly improves the delivery of infrastructure. Consequently, this increases the organization’s capacity to provide IaaS and PaaS. The Cloud Foundation on VxRail is designed to ensure an automated and smooth operation of the organization’s SDCC stack. It comes with features such as increased networking flexibility, thereby boosting options of deployment and networking advantages of Dell EMC..
S/HE SAID IT
ROSS MCKERCHAR
CISO, SOPHOS
“Security has to be something that’s woven in across the whole organisation. You can’t do that unless the C-suite understands the value of cybersecurity .”
“Time and again, accelerated growth of cloud has been associated with the growing number of workloads that are shifted to the cloud as well as enhancement of the total IT budget that is earmarked for cloud computing.” PRAMOD SHARDA C E O ( I N D I A & M I D D L E E A S T ) , I C E WA R P.
SECURITY
Mumbai cloud server honeypot hit with over 678,000 attempted attacks over a 30-day period: Sophos Sophos’ study, “Exposed: Cyberattacks on Cloud Honeypots” reveals that cybercriminals attacked one of the cloud server honeypots within 0:55:11 minutes of going live in Mumbai. On average, the cloud servers were hit by 13 attempted attacks per minute, per honeypot. The honeypots were set-up in 10 of the most popular AWS data centres in the world. 10 ENTERPRISE IT WORLD APRIL 2019
NEWS BRIEF // IT WORLD
Fortinet Expands its Security Fabric to Advance the Third Generation of Cybersecurity
NetApp’s Memory Accelerated Data enhances Business Performance NetApp has announced NetApp Memory Accelerated Data (MAX Data) 1.3 supporting the Intel Optane DC persistent memory. The combination of MAX Data and Intel Optane DC persistent memory enables organizations to stay competitive by doing more with their data so they can do more for their customers. Companies are challenged with using unprecedented volumes of data to achieve real business impact. Taking advantage of data is often easier said than done. New applications such as artificial intelligence, machine learning, deep learning, real-time analytics, and Internet of Things (IoT), all of which are memory hungry and fueled by massive EXECUTIVE
datasets, compound this challenge. “With NetApp MAX Data now supporting Intel Optane DC persistent memory, organizations can accelerate data pipelines across an entire enterprise to power applications such as Oracle and MongoDB with the simplicity, choice, and scale necessary for real business impact. With the volume of data generated and managed across on-premises data centers, IoT devices and sensors, as well as in hybrid cloud environments, having a Data Fabric strategy that spans edge, core, and cloud is essential to business success, ” said Joel Reich, executive vice president, Storage Systems and Software, NetApp.
Fortinet announces the release of the latest version of its flagship operating system, FortiOS 6.2, at its global customer and partner conference—Accelerate 19. This FortiOS 6.2 release continues the evolution of the Fortinet Security Fabric with over 300 new innovations that span Fortinet’s products and solutions portfolio, enabling organizations to achieve a security-driven network required for the edge and multi-cloud environments created by digital transformation. Fortinet is broadening visibility and simplifying deployment and management across the expanded Fortinet Security Fabric with deeper integrations between Fortinet solutions and over 70+ Alliance Partners. The FortiGate NGFW, best-of-breed FortiGate Secure SD-WAN solution and large portfolio of cloud-native platforms have all been enhanced with new functionality, including intentbased segmentation. Customers can maximize the new breadth of comprehensive visibility delivered in FortiOS 6.2 through Fortinet’s 360 Protection services bundles that include a wide array of professional services. Fortinet continues to lead product innovation through the active support of the latest industry standards, including integrated support of TLS 1.3 to secure internet traffic, new deception-based technologies \Applying automation and machine learning functions to reduce complexity, expand span of control and automate critical functions enable threat response at digital speeds. And continuous, AI-based threat intelligence feeds from FortiGuard Labs increase the speed and accuracy of threat detection and automated response.
MOVEMENT Dr. Ambica Rajagopal joins Sterlite Tech as the Head of Data Science.
Hiver employs Michael Benayoun as the VP of Business Development.
Manuj Desai becomes the Head of Technology Transformation of Sterlite Tech.
Deepak Kalambkar joins Safexpay as AVP Infrastructure.
Sterlite Tech appoints Anjali Byce as the Chief Human Resource Officer.
Veeam employs Belinda Jurisic as the Channel Director for Asia Pacific and Japan.
*astTECS announces the appointment of Binish VJ as the Director – Sales and Member – Board of Directors Jayati Singh joins Tally Solutions as the Global Head – Marketing.
McAfee names Sanjay Manohar as the Managing Director for India
APRIL 2019 ENTERPRISE IT WORLD
11
ITWORLD // NEWS BRIEF
BOOK
SHELF
Reclaiming Our Cyber Security in the Digital Age
GLOBAL UPDATE
CII – Tata Communications Centre for Digital Transformation launches the “Digital Maturity Appraisal”
The CII-Tata Communications Centre for Digital Transformation’s “Digital Maturity Appraisal” was recently launched at the CII Annual Session 2019. This digital transformation self-assessment tool will help Indian industries navigate today’s business landscape as it continues to undergo rapid changes, led by digital technologies which are transforming the way systems, processes and people work. This digital transformation self-assessment tool will help Indian industries navigate today’s business landscape as it continues to undergo rapid changes, led by digital technologies
which are transforming the way systems, processes and people work. “Digital Maturity Appraisal” has been created to help the Indian industries envisage their digital transformation roadmap by undergoing self-assessment against the six dimensions of digital vision and strategy1 and will provide participating organisations the ability to benchmark their current level of digital operations against the national average of their industry peers. “India is in the midst of digital transformation. Regardless of the scale, size or sector, every business is undergoing digitisation to improve business efficiencies. However, lack of access to guidelines and a clear road map remains key barriers to digital transformation. The launch of Digital Maturity Appraisal is a significant move towards bridging this gap and understanding the current level of technology adoption in India,” said Mr. Sumeet Walia, Chief Sales and Marketing Officer, Tata Communications and Chairman, CDT.
BY
MICHAEL CHERTOFF
PRICE
RS. 3,502.00 (HARDCOVER) WHERE:
AMAZON.IN
About The Book This book calls for a rewriting of the data protection policies and laws subject to strict standards to ensure protection of the society at large.
Key Feature The author identifies the loss of privacy and individual autonomy through the prism of the legalities of data collection by businesses and governments.
Citrix Delivers Next-Generation Networking Solutions on Google Cloud Platform Citrix Systems, Inc. announced that it will make Citrix SD-WAN and Citrix ADC available on Google Cloud Platform (GCP). The move will enable companies to extend their networks to the cloud and deliver applications in an agile and scalable way that gives users access to the tools they need and prefer to use and perform at their best anywhere, anytime from any device. The news came during Google Cloud Next ’19 taking place at the Moscone Center in San Francisco this week. 12 ENTERPRISE IT WORLD APRIL 2019
“Application performance and delivery is all about experience and choice. In making our networking solutions available on GCP, Citrix is providing companies with even greater cloud choice and a simple, efficient way to deploy the ever-increasing list of SaaS, cloud, virtual, web and microservices-based apps their employees need to be engaged and productive, ” said Tim Minahan, Executive Vice President of Strategy and Chief Marketing Officer, Citrix.
NEWS BRIEF // IT WORLD
Avaya Extends AI and Cloud Integration with Google Cloud to Provide Flexible Solutions Avaya is furthering its integration with Google Cloud to fully leverage the AI and cloud capabilities of both companies, providing Avaya clients with new capabilities to enhance their customer experience and achieve desired business outcomes. Avaya is embedding Google Cloud’s machine learning technology within Avaya conversation services powering the contact center, enabling easy integration of digital AI capabilities for a consistent and intelligent customer experience. With the help of Google Cloud, Avaya provides increased flexibility, efficiency and scalability in deploying powerful and simple communication and collaboration solutions
that improve the customer journey and increase workforce engagement with more personalized, intelligent and insightful interactions. Avaya’s expanding partnership with Google Cloud promises exciting developments across multiple facets of Avaya’s portfolio. From a contact center perspective, new AI-driven intelligent conversation experiences will soon be available to customers who chose to remain on premises solutions, those that are transitioning to a hybrid cloud environment and those that choose to fully embrace the cloud,” said Sheila McGee-Smith, President & Principal Analyst, McGee-Smith Analytics.
Capgemini to partner with Autodesk to deploy ReflectIoD CAPGEMINI WILL ENTER INTO A NEW PARTNERSHIP agreement with Autodesk to deploy ReflectIoD, a new cloud-enabled and secure digital twin platform. The new Building Information Modelling (BIM) platform for building and infrastructure operators integrates natively 1D to 3D, point cloud, geographical information, and IOT data while offering value added services to improve operations and maintenance. This agreement is a step towards meeting the ever growing needs of enterprises for standardized brownfields management along their entire lifecycle.
Infor Rebrands GT Nexus Digital Network as Infor Nexus Infor has announced that it is rebranding its GT Nexus supply chain network as Infor Nexus, as it digitally reinvents the way supply chains execute and use data and intelligence to be more customer-centric. Infor Nexus combines the power of GT Nexus, IoT and Infor Coleman AI to deliver an intelligent supply chain network with a path to the autonomous supply chain. Infor Nexus is the first solution of its kind to combine AI, IoT and advanced visualization through an end-to-end collaborative network, providing real-time visibility and predictive intelligence.
The new Infor Nexus brand culminates the past three years we’ve spent transforming GT Nexus – leveraging digital technologies such as IoT, in-memory processing, mobile, advanced visualization and AI. Today, we’re delivering a next-generation supply chain network that is real-time, intelligent and self-orchestrating. Our customers are empowered to optimize service levels, costs and inventory through a digital environment that is hyperconnected and datadriven, with a path to the autonomous supply chain,” said Rod Johnson, EVP of Manufacturing & Supply Chain at Infor.
DIGEST LTI & VJTI’S IIOT LABS DEVELOP MULTIPLE INNOVATIONS SOLVING SOCIAL PROBLEMS Larsen & Toubro Infotech Ltd and Veermata Jijabai Technological Institute (VJTI), has showcased the projects implemented by the alliance’s unique IIoT test bed, which was launched three years ago as a part of LTI’s CSR focus to support education of students from marginalized backgrounds. The stateof-the-art lab established at VJTI Mumbai focuses on technologies such as artificial intelligence, machine learning, IoT, deep learning, cyber security to solve for society. With the setting up of the IIoT lab, the LTI-VJTI tie-up aims to enhance awareness and generate interest in putting into use advanced and emerging technologies for solving social problems. FSS LAUNCHES ‘FSS VOICE COMMERCE’: THE NEXT WAVE OF FRICTIONLESS BANKING FSS (Financial Software and Systems) has launched FSS Voice Commerce, a real-time voice banking platform that offers customers, meaningful, contextual and personalized banking interactions. Enabling banks to deepen customer engagement via conversation-led banking and deliver interactive service experiences to its customers, FSS Voice Commerce is set to take frictionless banking to the next level. FSS Voice Commerce uses machinelearning language processing techniques for analysis and synthesis of language and speech to deliver personalized service experiences. SEVEN IN TEN CONSUMERS IN INDIA WILLING TO SHARE SIGNIFICANT PERSONAL DATA WITH BANKS AND INSURERS Seven in ten consumers in India would be willing to share significant personal information, such as location data and lifestyle information, with their bank and insurer in exchange for lower pricing on products and services, according to a new report from Accenture. The data is part of Accenture’s global Financial Services Consumer Study, which was based on a survey of 47,000 consumers in 28 markets, including 2,000 consumers in India, and found that more than two-thirds of Indian consumers would share that data for benefits including more-rapid loan approvals, discounts on gym memberships and personalized offers based on current location.
APRIL 2019 ENTERPRISE IT WORLD
13
ITWORLD // NEWS BRIEF
MANAGEMENT
MANTRA
“As a leader, it is important to not just see your own success. But focus on the success of others.” — Sundar Pichai, CEO, Google
CleverTap Announces $26 Million Series B Funding
Global Survey Reveals Telecommunications Providers Lag in Use of Applied AI and ML
FICO announced results of a global survey with TM Forum, the global not-for-profit association focused on digital transformation. They survey shows that telecommunications providers worldwide are lagging in their use of predictive models, machine learning and artificial intelligence. However, communications service providers (CSPs) are increasingly recognizing the need to become more data-driven in order to improve their decision-making and profitability. Improved customer experience is central to both, and it was cited as the number one driver for analytic investment in the survey. “With CSPs under pressure to increase
profitability, they are turning to datadriven, predictive models in all stages of the customer lifecycle. As they start to explore artificial intelligence and machine learning, CSPs need to take a holistic approach and find opportunities and use cases across the customer lifecycle. This is how the battle for customer loyalty will be waged,” said Mark Newman, chief analyst at TM Forum. Advanced analytics including AI and ML can enable CSPs to gain a greater understanding of customer expectations and experiences across the customer lifecycle, but few have yet to implement technology solutions.
Customer lifecycle management platform, CleverTap, has announced a $26 million Series B funding round, led by Sequoia India with participation from new investor, Tiger Global Management, and existing investor Accel. The funds will be used to accelerate CleverTap’s data science-driven product capabilities and scale to meet fast-growing demand for its customer lifecycle management platform. The new funding brings the company’s valuation to more than $150 million. CleverTap’s revenue has been growing at 250% year-over-year since 2015, driving over $2 billion in incremental revenue for its customers. “We’re building CleverTap for the long term. The addition of Tiger Global to CleverTap’s existing investors, Sequoia India, Accel and Recruit Holdings, is a tremendous endorsement of our innovation and success. At the core, we believe that every business will benefit from the investments we continue to make in our platform, ” said Sunil Thomas, CleverTap’s CEO and Co-founder.
Accenture and Google Cloud bring New Enterprise Solutions in Customer Experience Transformation Expanding the scope of the Accenture Google Cloud Business Group, Accenture and Google Cloud, part of Alphabet Inc., has announced the companies are collaborating on solutions to help enterprises modernize and improve their customers’ experiences in three main areas: enabling multi-channel customer interactions, improving data management, and creating services for hyper-personalization in marketing, sales and services. The first priority area of focus is to help clients enable multi-channel customer interactions and improve access to self-service and issue resolution capabilities, while decreasing the cost to service each customer. The effort 14 ENTERPRISE IT WORLD APRIL 2019
will leverage Google Cloud’s data and AI capabilities, specifically the Contact Center AI (CCAI) solution, which enables end-to-end customer interaction across voice and digital channels. There is a tremendous opportunity for Fortune 2000 customers to modernize their customer engagement models. Combining Google Cloud’s leading AI and ML capabilities with Accenture’s trusted enterprise transformation capability enables us to develop real, actionable solutions that enterprise customers can start building on today, ” said Thomas Kurian, CEO at Google Cloud.
NEWS BRIEF // IT WORLD
Airtel and Cisco’s strategic alliance to bring advanced connectivity solutions to enterprise and SMB customers Bharti Airtel and Cisco have announced an alliance to offer advanced networking and connectivity solutions to enterprise and SMB customers in India. India is seeing strong growth in demand for next-generation connectivity solutions. As businesses tap digitization for enhanced agility and growth, this partnership will leverage Airtel’s deep customer relationships and network to offer highly secure and cutting-edge digitization technology from Cisco in India. As part of the partnership, Airtel will offer Managed Software-Defined Wide Area Network (SD-WAN) services in collaboration with Cisco. Built on the Cisco-Viptela platform, Airtel’s Managed SD-WAN service
will provide real-time analytics and in-built security. This solution will also have a centralized policy, and a management controller that will provide customers with a clear view of data flows across their networks and enable them to optimize data traffic to suit their business needs. “Airtel is well positioned to offer next-gen digitization solutions to enterprise customers in India and meet the quality of service expectations. We are excited to partner with Airtel; this not only reinforces our existing relationship but also highlights Airtel’s commitment to offering a flexible, highly secure and reliable digitization and collaboration solutions to their customers,” said Sameer Garde, President, Cisco India & SAARC.
Fortinet to Close the Cyber Skills Gap through its NSE Institute Training and Certification Program Fortinet has announced that it continues to lead the way on training and education in the company’s ongoing efforts to close the cyber security skills gap by rolling out even further expanded training and education initiatives. Recent additions to the company’s education and training programming includes additional Fortinet Network Security Expert (NSE) Institute cloud certifications and the offering of its ¬¬cyber security awareness training – at no cost – for individuals or organizations seeking to deploy a cyber security awareness training program. “This unprecedented shortage in the cyber security workforce has resulted in security operations teams who are over worked and understaffed and it continues to benefit our cyber adversaries. Fortinet is more than a technology company; we’re also a learning organization. Fortinet is dedicated to closing the cyber skills gap and goes well beyond providing training on products and solutions,” said Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet.
BT India Research Centre (BTIRC) aiding research activities at IIIT Delhi Continuing with their culture of empowering Information Technology (IT) innovations and ideas for the holistic growth of society, Indraprastha Institute of Information¬¬ Technology Delhi (IIIT-D) is collaborating with BT (British Telecommunications PLC). Together they will work to develop next generation broadband optical networks and quantum security solutions to help sustain the growth of high data rate telecom services towards 5G. BTIRC is focused on the development of cutting-edge next generation ICT solutions and networks research in collaboration with Indian academic institutions. More specifically, IIIT Delhi will work towards development of Elastic Optical Networks and Quantum Key
Distribution (¬Inter-city Backbone and Metro Networks). On this strategic partnership, Prof. Ranjan Bose, Director, IIIT-D said, “IIIT-D is a researchlead teaching Institute, where our faculty members continuously work on cutting-edge technologies. Being industry-facing, we have always been in favour of getting an increasing number of students, professionals and businesses to be a part of the technological revolution. With collaborations like BTIRC, we are able to successfully create new technologies that interface with highly efficient business modules leading to the improved living standards of the users of technology and the revenue scales of the company.” APRIL 2019 ENTERPRISE IT WORLD
15
INTERVIEW // CIO TALK
INTEGRATING BUSINESS WITH TECHNOLOGY At a time when there are multiple technologies and their diverse applications available in the market, how do you strategize an integration program that assists the business in their operations?
VIPUL ANAND
SENIOR VP – IT HINDWARE INDUSTRY, SANITARYWARE
“The mantra to being a successful CIO is to stay connected to the business.”
By Anisha Nayar Dhawan / Pooja Jain pooja@accentinfomedia.com Which business opportunities do you think you can get the most value for your investment by applying Digital Transformation Technologies? Hindware is a 58 years old organization. Apart from the popular Sanitaryware business, Hindware has seven other businesses under its group. The company has been investing in technology for many years. The management has now realised that this is the time to synergize the entire IT investments that we have made and to integrate everything. My role here is to integrate all the eight businesses using the best of the Technologies. When it comes to Technology, we have the SAP system in place for our transactions. But over 16 ENTERPRISE IT WORLD APRIL 2019
and above we have also built up a lot of Analytics there. So, the business decision making across the Globe is actually happening based on the transactions which are coming from SAP and on the Analytics form the online dashboards. So, we have gone on to enable all these dashboards on mobile devices, so that the business owners are able to take a quick decision. We have also moved on to Hybrid Cloud. So, in addition to having our own in-house data centres, we also have a cloud body. The Hybrid model has enabled us to be faster in our operations. Specifically in the areas of Sales, Marketing and Logistics, we have been able to bring out new systems using latest Automation tools and Cloud solutions.
What is the need for this Integration? How has Technology been helping you in the process? The need for Integration is present everywhere. Right from the top management, the board of directors, to our customers, dealers and distributors - everyone wants an integrated approach because as a company we are perceived as a group, Hindware. Under our new business, Consumer Product Division, we are coming up with a lot of IoT enabled devices for our end customers. There is a huge chunk of Technology Integration that is coming into these products. By integrating our businesses, we have been able to have a better control of our inventories,
CIO TALK // INTERVIEW
Who are the vendors or your partners in this Digital Transformation journey? We work with all major OEMs. One of my strategies after joining this group is to strengthen our relationship and rapport with the OEMs, be it Microsoft, Google, Dell, HP or IBM. We want to work with the best of the people. When it comes to new-age technologies, there is a huge ¬¬¬¬¬opportunity and scope of inducting newage vendors. This is what we call as Startups. We have been fairly successful because we operate from cities of Hyderabad, Delhi NCR and other metros. We have been fortunate to get the grip of new Startup organizations which have actually helped us to bring in results at a low cost and a high speed. Our teams are working very closely with the Startups to bring up results within the current financial year.
any organization can have are the people. And providing the best of the Technology to these people can actually bring wonderful results. And keeping this in mind we work very closely with the HR team and we are now coming out with an online HRM for our group. This allows the employees, whether at worker level or staff level, will not only be able to see his own HR related information – reimbursement, attendance, payroll, but will also have lots of self-service modules. For example, if an employee across the country is to apply for a home loan, he can dig out a certificate on his own using this app. Or if the employee is taking a transfer within the group, all this is automated - the recruitment, transfer, performance appraisal and payroll. Also the budgeting, which is the biggest exercise for the manpower. How do you manage your budget, in terms of linking it with the productivity, working hours and so on and so forth. In the area of Master Data Management, the ethic is the efficacy of transactions, whether it is SAP transaction or non-SAP transaction, largely depends on the Master Data and efficacy of Master Data. In an old organization like ours, we have a lot of old Master Data which we continue to use. But there are a lot of new government directives and compliances which we need to enable with all this Master Data. For example, the Vendor Master. We need to have control of all the KYC documents of the vendors stored in our system. Recently there is a government ruling where we need to pay the MSME vendors in a stipulated time period. So, how do you identify from the thousand of the vendors defined in your system, how many of them are MSMEs. So, we have created an app through which we have sent the online link to all of the vendors, where they can do the KYC on their own. And they can also upload all their compliance documents. This then gets sorted through internal approval hierarchies, and it goes to our SAP system automatically. There are many new initiatives that are on their way to faster execution and we feel that while we conclude the current financial year, we will be able to bring out an improved IT setup and an improved customer delight to our internal and external stakeholders for the organization.
When it comes to your employees are there any plans to bring out a new app or a new strategy so that they may be more closely integrated with the company and its policies? The initiative that we are taking on the people’s front is that we feel that apart from the process and the technologies, the biggest asset that
Can you tell us about the top three initiatives that you would want to undertake over the next few years? The first is that I want to enable all my businesses with the best of Technology. Saying this is simple, while doing this is quite complex, because you already have a lot of investments. How do you review those investments and support those
working capital, and give a better response time to our customers, dealers and distributors. We are also able to use our products to the best of their performance abilities. What are the other areas where the application of digital technologies is bringing you better efficiency? Even after being a 58 years old company, our Automation levels are high. Our transaction and reporting layers are totally automated. Our focus now is to quickly integrate our external entities. We are doing this at a very high speed of execution in providing all these applications to our external entities. Also, we are ensuring a secured platform. When the entities are scattered across the country, how do we secure ourselves. Also, we are ensuring that the capital assets of people and processes are complemented by apt adaption of Technologies. We are providing an architecture of people, processes and technology to our stakeholders. We have been able to come out with a lot of solutions to our businesses. We are also bringing out RFID, CCTV and QR code based solutions to better control our inventories. We are basically revisiting our investment in all the areas and bringing up the right technology to cater to our business needs.
investments, make new investments and then continue to serve the business with these new technologies. The second is that we are scattered across the country and we are also in the remotest parts of the country. So, therefore servicing our customers, whether it is internal or external customers, in the minimum possible time is of immense importance. So, we want to have the best of the teams, whether it is in-house team or outsource team, to complement the technological investments that we already have. The third is that we want to synergize all our group level strength that we have. We have a very strong relationship with the OEMs. We have a long term strategy on the products and services which we subscribe from them. So that it is not an everyday decision which we take, it is a relationship and we continue to order and re-order and execute those things. What is your advice to other CIOs? My advice to the CIOs is that if you feel relaxed and are comfortable, this is the time for you to come out and take the new journey. Many CIOs have been able to do that. And many CIOs do not do this. And if they don’t do this at the right time, then they have to repent at a later stage. There is no end to getting new knowledge and new experience. And this is the time when you should gain new knowledge and new experience in this new age of technologies. The mantra to being a successful CIO is to stay connected to the business. Many times we stay connected with the technology, which is expected as being a technology person you have to be hands-on with technology, whether it is hardware, communication, network, application, SAP. The management, users and the business expects the CIO to be the best in the organization. But how do you bring this best to the result of the user delight? By staying connected. So, you understand the business requirements of your stakeholders and then link it with your technology, knowledge and experience and go back to them with a solution. And then not only convincing them to accept the solution, but to implement that solution in a time-bound manner. And then to sustain and maintain the entire life-cycle journey of the technology innovation that you are bringing in. Unless you do this, nobody is going to smile at you. Today the youngsters that come into the organizations come with latest mindset and knowledge. So, the third important thing is that you have to keep inducting young workforce. And work along with this workforce because they are the future. APRIL 2019 ENTERPRISE IT WORLD
17
INTERVIEW // CIO TALK
SANDEEP SHAH TALKS ABOUT THE MARKET GROWTH OF HELSINKI BUSINESS HUB Helsinki Business Hub’s Senior Business Advisor talks about the need for technological collaborations in the enterprise markets of India and Finland.
How has your journey been in supporting Indian businesses expand into the Helsinki market? We at Helsinki Business Hub have been working towards making Finland a conducive ecosystem that strikes the right balance between availability of technology, supportive legislation, funding sources and talent. Leveraging Finland’s robust business and innovation environment is an opportunity available to Indian companies across verticals and sizes and our aim is to introduce them to it. Our Business Platform Development team has been instrumental in helping Indian companies find unique piloting opportunities in Greater Helsinki, as well as solutions and partners. India, one of the fastest technologically advancing countries, is home to entrepreneurs and innovators who are looking for more than just resources and land. We understand the value of a holistic business space and our aim is to help businesses scale to Finland such that their end-toend needs are met – investor, legislative, product development platform, talent, etc. Working alongside our India partner PrEver, we have been able to help Indian technology companies explore and identify what’s best for their venture and accordingly trace a path that leads them to their goals. The deepening of relations between the Indian and Finnish Embassies is also an encouraging reflection of the possibilities present. Having said that, our work with Indian companies like Inteliment, a technology company specializing in data science and business analytics, DEFTeam and SRKay Consulting Group, has given us valuable experience in their industries and we are glad to have been a part of their 18 ENTERPRISE IT WORLD APRIL 2019
journey to the European market. We remain committed to collaboratively working with Indian technology companies and hand-holding their leap to an ecosystem brimming with prospects. How successful was Slush 2018 in pushing forward your mission? Slush embodies the spirit of innovation and entrepreneurship and much like us, provides a platform for entrepreneurs world-over to exhibit their ideas and an opportunity to bring it fruition. This year, Slush hosted some of the best Indian start-ups - Stumagz’s solutions, Forbes recognised Edtech solution of India, Zunik Energies, a start-up focused on inverter topology, Reckon Green, manufacturer of LED lamps that offer 800% longer life, Interview buddy, a cloud-based video interviewing platform, to name a few. The event has also flourished over the years due to the governmental support provided. This year, Embassy of India in Helsinki, in association with the Department of Industrial Policy and Promotion (DIPP) set-up a “Start-Up Pavillion” which facilitated about 30 start-ups and Nasscom’s business delegation. World’s biggest start-up event, Slush, has gained recognition for the influx of innovation and talent, and it has steadily matured into a platform for business collaboration, investments, networking and partnership. Helsinki Business Hub is dedicated to bringing perks of Finland’s business ecosystem to the foray and Slush enables the exchange of dialogue in an organic, natural setting. That, we believe, is the essence of Slush and our convergence point.
Why is growth of technology collaboration between India and Finland enterprises important? What are the benefits for both the nations? India and Finland enjoy a dynamic commercial relationship with exports and imports showing significant annual gains. Finnish companies are also participating in the rapidly growing Indian economy while Indian Information Technology concerns are establishing their presence in Finland. While the two nations differ in their developmental stage and size of economies, their
CIO TALK // INTERVIEW
nature is complementary, and both nations stand to gain from the association. Benefits include increased knowledge sharing, technology transfer, innovation collaboration, business interactions and substantial increase in volumes of trade. Finland is known in India for its education system, especially K12. Exchange of best practises such as curriculum, pedagogy, teachers’ training, and edutech, will drive India’s efforts to refine and elevate the quality of education. Aside from this, India and Finland’s start-up ecosystem collaboration could help each country understand product requirements of the other economy. Biotechnology, as a sector, has seen India and Finland collaborate for R&D and academic programmes. While innovation, knowledge sharing, and technology partnership rank the highest, both countries’ deepening relationship is expected to encourage tourism and strengthen cultural ties. What are the challenges in the Finnish ecosystem which you help Indian enterprises overcome when establishing presence in Finland? At Helsinki Business Hub, we go out of our way to make the path of an Indian company coming to Finland as smooth as possible. Our services are designed to achieve that. This involves all the possible practical considerations in helping companies to set up here. In addition, we provide a comprehensive view of the Helsinki business ecosystem and its opportunities and help Indian client companies successfully navigate within the local culture with many characteristics unique to Finland and its people. For companies looking to expand to Finland, remember – • Every country brings its own code of conduct
and it is imperative to pay heed to it • Finns are modest but take pride in their history and culture, including technological and athletic achievements. They value trust and honesty and appreciate punctuality • Finns value their reputation of living in an egalitarian country and hence, discriminatory or racist jokes are frowned upon What are some success stories and use cases that stem out of your work helping businesses establish presence in Finland? We have had a mutually beneficial working relationship with Indian technology companies and are grateful for the opportunity to be a part of their business scaling endeavour. A few companies’ accounts are listed below to shed more light on our services’ scope – • DEFTeam sets up its European home base in Finland DEFTeam is a Red Herring Global 100 company (2011), a Silicon India 100 company (2013) and a CIO Review BI-20 company (2018). Its customers work in fields like banking, financial services, insurance, logistics, technology, supply chain management and retail. DEFTeam provides them with big data, business intelligence and predictive analytics solutions – both on-cloud and on-premise. The company currently operates in the United States, several Middle Eastern countries, and APAC countries like Singapore, Australia and India. “We were so very well looked after. Helsinki Business Hub introduced us to various people in the business and offered us access to networking events. The visit was an important factor in our decision to set up a unit in Finland because we saw that the country and the Finnish government
SANDEEP SHAH
SENIOR BUSINESS ADVISOR, HELSINKI BUSINESS HUB
“India, one of the fastest technologically advancing countries, is home to entrepreneurs and innovators who are looking for more than just resources and land. We understand the value of a holistic
business space and our aim is to help businesses scale to Finland such that their end-to-end needs are met – investor, legislative, product development platform, talent, etc.”
provided a very friendly and helpful business ecosystem,” says CEO Gurpreet Singh from DEFTeam. “Helsinki Business Hub helped us at each step of setting up the new unit. They introduced us to the Finnish business ecosystem and their wide partner network, offered consulting and advice, and connected us with various service providers, such as accounting and legal services.” DEFTeam’s Finnish unit is now up and looking for sales personnel to launch its business. The new unit will continue to serve DEFTeam’s clients with big data, business intelligence and analytics needs, and the company is also planning to market its IP-based platforms UPRAiZAL, myLOGISTICZ and Data2Mobility in Finland. Furthermore, the Finnish unit will offer DEFTeam easy access to other European countries. “We plan to hire about 10 people in Finland in the next two years. The new unit will also help us access the wider European market. We plan to cover the entire Nordic area to start with and will then look at the UK and Irish markets. In the future, we are looking forward to making Finland the home base for all our European operations,” Gurpreet Singh says. SRKay Consulting Group makes Helsinki its home in the Nordics - Helsinki offers a valuable innovation ecosystem SRKay Consulting Group, an Indian company that focuses on investing in and accelerating promising tech startups, has set up its Nordic headquarters and R&D unit in Helsinki. Helsinki Business Hub hosted SRKay’s introductory visits to Finland, acquainting the company with the Finnish technology and R&D ecosystem. SRKay plans to use its Helsinki base to access other European markets and is looking forward to investing in Finnish startups. “Setting up the Finnish unit has been very smooth, and Helsinki Business Hub has offered us excellent support. Investing in a distant country like Finland would have been a challenge, had it not been for Helsinki Business Hub. They showed us Finland’s strengths and opportunities and helped us make highly useful connections. They were also instrumental in setting us up with Arctic Startup and the Arctic15 event, which we then co-sponsored to announce our launch in Finland and which turned out to be very useful, ” says Alok Kumar, CEO, SRKay. “We see SRKay as a global company with Finland as a strategic location. Our global vision is to be one of the most successful private equity and acceleration firms, generating a high success rate for every venture we accelerate, anywhere in the world. Finland will play a key role as a unique hub of innovation and R&D as well as in developing our business in the Nordic region,” Kumar says.
APRIL 2019 ENTERPRISE IT WORLD
19
COVER STORY
20 ENTERPRISE IT WORLD APRIL 2019
COVER STORY
SECURITY:
THE NEVER-ENDING
BATTLE IN A CISO’S LIFE
Security has become the most important aspect of an organization. From leading to a drastic financial loss, to spiralling the business down to the tunnel of customer/client mistrust, Security breaches have destroyed many successful businesses. This demands a constant reworking of the Security Framework by the CISO to stay a step ahead of the hackers.
I
BY POOJA JAIN POOJA@ACCENTINFOMEDIA.COM
n 2006 when Clive Humby coined the phrase, ‘Data is the new oil’, he couldn’t possibly have imagined the turn Security would take in the second decade of the twenty first century. From being the by-product of business, Data has gone on to become the cornerstone of an organization. With the evolution of Internet, there has been a substantial shift in not just the idea of a business, but also the way APRIL 2019 ENTERPRISE IT WORLD
21
COVER STORY
AMIT DHAWAN CISO, BIRLASOFT
S SRIDHARAN VP & CISO, NCDEX
“While we improve technology, the threat persists due to intelligent hackers. Therefore, my focus will be more on identifying the probable or possible data leakage avenues like mobile phones, social networking websites, app security
“As a CISO, I look for the tools being configurable enough to meet my particular requirements and give me the advantage to modify the data collected. I feel the customer has the right to use the data collected for customizable dashboards and even interfacing with other tools for a collective analysis, if required.”
and dark web besides creating more awareness among my employees.”
quantifiable parameters, it becomes impossible for the CISO to present a convincing case to the Finance department. business is undertaken. So much so, that it has simultaneously allowed the emergence of a village in Romania, notoriously called Hackerville.
CISOs to protect the organization from the same Technology that has allowed it to thrive in the enterprise market.
HOW HAS INTERNET MADE DATA THE MOST VALUABLE ASSET OF AN ORGANIZATION?
THE CISO’S STRUGGLE IN THE MODERN ENTERPRISE
Businesses in 2019 are fundamentally dependent on the Data that they collect and collate through their operations. Customer information, employee details, internal business formulas, there is no end to the confidential information that the business needs to keep secure. This information if leaked, will not only lead to the loss of personal and professional data, huge financial risks, but can also potentially wreak havoc on the market reputation of the brand. How many of us would dare to get into a business relationship with a company that has had its security breached in the past? Yes, Technology has been incredibly conducive to the modern marketplace. It has revolutionized all industries beyond recognition. But it has also led to a very real, exponential increase in the risks faced by a business. It has fallen on to the 22 ENTERPRISE IT WORLD APRIL 2019
The fact that makes Technology hard to keep up with, is that it evolves at a rate faster than the human understanding. So, by the time the CISOs wrap their heads around a potential security threat, and begin planning protection against it, the hackers are well on their way to breaching the barriers through a more evolved technology. This means that the CISOs are stuck in a loop and can never really achieve absolute security. It will always be subject to technological advancement. The CISO’s struggle then is not just to stay updated and constantly vigilant, but also to ensure the flow of funds for making this vigilance practically possible. Budgetary Concerns
Due to the impossibility of tracing the performance of the Security department in
Add to this, the fact that Security as a business operation does not productively contribute to the company’s ROI. It fundamentally works on hypothetical grounds. Its success is not measured in terms of the revenue that it has generated or how useful the security department has proven to be by streamlining the operations of other departments. As the CISOs and their teams are not directly responsible for generating income for their organizations, they tend to lose their fair share of the budget to other departments that bring in quantifiable profits. Addressing this complexity Rick Howard, CSO, Palo Alto Networks, says, “The core objective of the CSO/CISO is to prevent material impact to the organization. You can’t define that in terms of ROI because protecting the enterprise isn’t going to bring in any money. Rather, I would advise CSO/CISOs to calculate and present the potential cost of a hypothetical breach if leadership fails to properly invest in security. Everything from business disruption and loss of customers to consequential legal fees and remediation can rack up the bill more quickly than leadership may realize.”
COVER STORY
SONIT JAIN CEO, GAJSHIELD.
HARSHIL DOSHI STRATEGIC SECURITY SOLUTIONS HEAD, FORCEPOINT
“Rather than focusing on traditional threat-centric approaches, organizations need to deploy security innovations that deliver risk-adaptive protection, which allows enterprises to dynamically and automatically adapt enforcement based on
“While allowing and restricting access to certain content and application for employees is the go-to strategy that is followed for cyber security, this does not solve the problems for many CISOs.
The challenge is to allow employees to use business critical SaaS applications while ensuring such applications are not misused in any manner.”
the changing levels of risk and focus on the interaction of human beings and critical data.” Lack of Awareness among the Management and Employees
The Security framework then works by negation. Its success is marked by an absence of a substantial data breach. Substantial because, security threats cannot be absolutely eradicated or protected against. There will be bumps along the road, and that’s how you know that the Security Framework has proved to be a success. It contains the road bumps and prevents them from turning into a full-blown wreckage. “For any CISO, the IT security budget allocation is very important, it should be done according to the severity of the data value. For instance, any data which is worth 1 lakh rupee, we can invest Rs 20,000 on its security, it is justifiable but at the same time we should not spend 1 lakh rupee to protect Rs 20000 value data. So, depending on the sensitivity, privacy and importance, budget of each entity is decided. Proper risk analysis should be performed with probability taken into consideration that what would be the consequences if something wrong happens,” said Manish Kumawat, Director, Cryptus Cyber Security. But the problem is that it cannot be done
without the support of the entire management. It requires huge funds and then they need to deliver an answer as to how those funds have been utilised and whether it was really crucial and/or beneficial for the company to do so. “Cyber security has become mainstream in terms of getting a seat at the boardroom. The executive board is now held accountable for cyber security, so the budget should fit the responsibility. What is the risk to the organization if intellectual property gets stolen? How much will a breach cost in terms of restitutions and corporate reputation? It all depends on the industry and the extent of the cyberattack. CISOs need the right mix of people, process and technology. And, they need the right technologies to address their company’s specific cyber security needs. It’s safe to say cyber security budgets are on the rise as they should be. It’s up to all of us to ensure that budget is spent wisely,” said Sandeep Puri, Country Manager - India and SAARC, Gurucul. Though this might appear to suggest a very basic understanding, that might not always be the case.
This is due to a disjunct between the understanding of the Security Executives and that of all the other departments of the company. Their job then becomes doubly complicated. As they don’t just have to understand the Technology, possibility of a breach through a chink in the company’s armour, and what the possible repercussions of the same can be. But in order to justify the existence of their department and the funds that they are spending, they need to break down this information in a way that can be understood by the top-level management who are not trained in the technicalities of Security Frameworks in the way CISOs are. So, the next problem that the CISOs encounter is the lack of awareness amongst the different levels of the organization. This is not something the effects of which are limited to a particular level of the management. But it percolates throughout the organization. A lack of awareness in the top-level management will directly result in insufficient funding for the Security department or lack of assistance from other teams. “In the present times, the top priority is creating a culture of Cyber Security in the organization. APRIL 2019 ENTERPRISE IT WORLD 23
COVER STORY
ALOK GUPTA MANAGING DIRECTOR AND CO-FOUNDER, UNISTAL SYSTEMS PVT LTD.
SANDEEP PURI COUNTRY MANAGER - INDIA AND SAARC, GURUCUL.
“Legacy infrastructure has got to be refreshed. Technology is advancing rapidly in so many areas. Enterprises need to review their legacy software and hardware and make significant investments to upgrade to the latest and greatest platforms which have significant security benefits built in that address today’s threats, not yesterday’s problems.”
In addition, this approach has to be top-driven. Once the senior leadership understands the threats and the possible Risks, it becomes easier to drive that agenda,” said Amit Dhawan, CISO, Birlasoft, acknowledging the need to educate and inform the employees of the company, starting at the top. This unawareness about Security in its basic form takes on a rather ugly turn when it comes to the lower levels of the organizational hierarchy. The employees of the company being ignorant about the security protocols prescribed by the CISO, or them not understanding the importance of the same for the company’s financial and intellectual safety, can have serious consequences for the company. It can potentially lead to unintended data loss. Uninformed employees sharing their company credentials or being careless about confidential information are accidents likely to happen when employees do not receive adequate security training. ¬ While the lack of awareness among the top-level management can make it extremely difficult for the CISOs to take adequate measures to ensure Security, the same, coupled with an absence of a regulatory framework among the 24 ENTERPRISE IT WORLD APRIL 2019
employees of the organization can potentially render those measures moot. Advancement of Technology complicating Security
Even when the employees are well-trained in identifying potential breaches and reporting them immediately, the age of hyper-connectivity doesn’t make this an easy job to do. This means that the (I)IoT that is well on its way to becoming an indispensable reality across organizations, leaves a lot of chinks in the armour that are just waiting to be exploited by the hackers. “The Internet of Things (IoT) allows for infinite connections to take place. Offices are now equipped with Internet-connected air-conditioning units, smart coffee machines, and video conferencing systems. But this means there are more avenues for cyber criminals to slip into the organization unnoticed. Our digitally interconnected world means that network boundaries are more porous than ever, and the resultant security vulnerabilities may remain unbeknownst to the security team. Yet, security for IOT devices are an afterthought, which makes it difficult for the
“Recently we have seen various new technologies coming into the mainstream. Trends related to Artificial intelligence, Blockchain and IoT will rule the year but in terms of cybersecurity,
we should gear ourselves to witness more of data breaches, ransomware and malware attacks.”
security team to detect and remediate potential threats in a timely manner,” said Sanjay Aurora, Managing Director, APAC, Darktrace. “There is a trend of adoption of AI by attackers. Traditionally, if you wanted to break into a business, it was a manual and labor-intensive process. But AI enables the bad guys to perpetrate advanced cyber-attacks, en masse, at the click of a button. We have seen the first stages of this over the last year - advanced malware that adapts its behavior to remain undetected. It won’t be long before we see full blown AI-powered malware in the wild and we enter a true cyber arms race,” said Sanjay Aurora, Managing Director, APAC, Darktrace. Facing Insider Threats
Not all challenges to Security come from external factors or from the ignorance of the internal forces. Insider Threats are a very real Security Threat faced by the businesses. CISOs will have a hard time safeguarding the company’s data from external breaches, if they are also constantly worried about Insider Threats. Therefore, it is important for them to have a mechanism to deal with the insider threats, so that all they have to worry about are the external hackers and not being torn apart from within. Commenting on his strategy for mitigating insider threats, Amit Dhawan, CISO, Birlasoft, said “Insider threats are real and we understand the risks associated with that. We support
COVER STORY
SANJAY AURORA MANAGING DIRECTOR, APAC, DARKTRACE
PANKIT DESAI CO-FOUNDER AND CEO, SEQURETEK.
“Enterprises are also feeling the heat from regulators, governments to beef up their security defences. Due to privacy acts coming into play, there is a fair amount of legal scrutiny about
how data is being used. With the boards of companies also being questioned, now they are also asking the CEOs about cyber security readiness of the organisations.”
numerous businesses worldwide and cover several international regulations. Any kind of loss or disruption is not acceptable to the organization, and I feel this acknowledgement, is the first segment of the strategy. The associated controls, which form the next, include administrative and technical capabilities, along with deterrents in the form of censures. However, in my opinion, the most effective strategy and real implementation depends upon training or awareness of people, and even their managers, who will always be the first to notice the tell-tale signs. The detective controls, and their knowledge to the employees helps the case further.”
WHAT IS THE SOLUTION? In such a scenario, being a CISO is hardly a cake walk. With a huge number of security solution providers available in the enterprise market, and a real threat right at their doorstep, the CISOs need to make a quick and an informed decision that maps out the security framework of their organization. Security vendors across the industry are of the opinion that Technological forces like Artificial Intelligence, Machine Learning, etc. will play a
crucial role in the Security trends in the coming years. “Visibility is key to cyber security and the technology that will spearhead the cyber security space in coming years is something which will help in creating advanced visibility of network to organizations. Contextual Intelligence is a technology that deep dives into a SaaS application and creates context beyond just the application data for an advanced visibility. Machine Learning based on contextual intelligence will also help in identifying and protecting organisations from zero-day threats and data breaches,” said Sonit jain, CEO, Gajshield. “As security threats are becoming complex and insider threats loom larger than before – behavior analytics will be a major trend in 2019. Not only will User and Entity Behavior Analytics (UEBA) solutions be attractive to customers – but embedding behavior-based decision making will become the cornerstone of all existing cyber security solutions, such as NGFW, DLP, and Cloud Security.” said Harshil Doshi, Strategic Security Solutions Head, Forcepoint. Having said that, there is a need to acknowledge the complexities associated with the use
“There is a shift in the aims of attackers, from straightforward data theft to seeking to cause damage by targeting fundamental parts of critical infrastructure. Whilst the bulk of attacks will still focus on stealing data because it is easily monetizable, there is, however, a more worrying type of attack on the horizon, and that is infrastructure sabotage.”
of AI and ML in the Security framework of the business. Their implementation might not always serve to alert the CISOs. Sometimes, it might just mask a red flag. Addressing this issue, Amir Moin, Head of Product, Smokescreen said “Consider a UEBA solution. It ingests a lot of data to establish a baseline of behaviors. It then flags any activity as suspicious that deviates from the baseline. This is a great application of AI & ML. But under certain circumstances this could also end up baselining the behaviour of malicious insiders as normal. So, after deployment if a high-privilege system admin goes rouge, the UEBA solution will not flag their behavior as anomalous.”
IN CONCLUSION Talking about the crucial decision of selecting a security solution, S Sridharan, VP & CISO, NCDEX, said “Perfect security solution is a myth like cyber resilience. We may try to identify less false positives but more accuracy in the solutions. I will focus on use cases, success of poc, support service availability and business continuity needs, etc. for selecting the best tool. There are security products which comes with preliminary condition to enable some security risks like enabling cache, macros, etc. This needs to be validated. User friendly is one more concern. As a CISO, APRIL 2019 ENTERPRISE IT WORLD 25
COVER STORY
AMIR MOIN HEAD OF PRODUCT, SMOKESCREEN
RAJESH MAURYA REGIONAL VICE PRESIDENT, INDIA & SAARC, FORTINET.
“In environments where security sprawl is occurring as fast as digital transformation, traditional approaches to security don’t stand a chance against determined and well-armed cybercriminals looking to target the expanding attack surface. Securing these complex, distributed, and continuously evolving networks requires developing and deploying security devices that can provide business-level digital performance, consistent functionality, and seamless interoperability.”
DEEPAK KALAMBKAR
“Our preventive controls do not evolve as quickly as an attacker’s tactics, techniques and procedures. Considering this, the challenge for CISOs is being able to detect attacks in real-time without false positives. This does two things – (1) Changes the SOC mindset to one that
assumes breach. You can defend better if you know what you’re dealing with. (2) Orchestration, the long-cherished dream of a world where remediation can be done with minimal human involvement, becomes a reality if you have highconfidence alerts that do not need to be vetted by an analyst.”
AVP INFRASTRUCTURE, SAFEXPAY
“With respect to Cyber Security my priority is to get the paper work as per the framework of the ISO and PCI – DSS standards. We also need to develop new engineers in cyber security.”
cost and meeting regulatory requirements is critical for any product.” Summarising the strategy to face the Security question, Rajesh Maurya, Regional Vice Presi26 ENTERPRISE IT WORLD APRIL 2019
dent, India & SAARC, Fortinet said “Organizations need to begin by anticipating attacks by implementing zero-trust strategies, leveraging real-time threat intelligence, deploying behavioral
analytics tools, and implementing a cohesive security fabric that can gather and share threat intelligence, perform logistical and behavioural analysis, and tie information back into a unified system that can pre-empt criminal intent and disrupt criminal behaviour before it can gain a foothold.” Keeping the organization’s data secure is a constant struggle. No matter how hard the CISOs try, by the very nature of Technology they cannot attain a point of absolute Cyber Security. Though what they can achieve is a state of optimum security by providing against the potential threats and minimizing the losses should there be a security breach.
SECURITY
BREAKING DOWN THE SECURITY BUDGET
At a time when Security is of paramount importance, it becomes essential for enterprises to proportionately allocate budget for different aspects of Enterprise Security.
“As businesses increase their digital footprint through the Internet of Things (IoT), cloud and other initiatives, their windows of vulnerability open further still.”
LIZ GOLDBERG
PRINCIPAL PRODUCT MARKETING MANAGERSECURITY INTELLIGENCE PRODUCT LINE, SAS
“As your primary security offense and defense, your team should be imparted with individualized and team training plans. Plans must be established and re-evaluated every year at a minimum.”
SURJIT DAS
PRINCIPAL CONSULTANT – CYBERSECURITY, SAS INDIA
What are the current technological challenges faced by the CISOs from a security point of view? The biggest technology challenge CISOs face is the growing complexity of their security environments. In fact, the average enterprise uses 75 security products to secure their network. With analytics becoming mainstream in the market, more security products are adding analytic capabilities to become “smarter”. Rather than simplifying the complexity, this is having the opposite effect. Analytic capabilities are becoming decentralized and data increasingly siloed, further limiting the organization’s ability to extract security insights in a consistent and governed manner. As a result, CISOs lack a consistent and accurate picture of their security risks which can lead to unnecessary costs and sub-optimal risk mitigation decisions. What kind of a budget do you suggest CISOs should allocate to meet their Cyber Security requirements? For much of the last 15 years, cyberattackers have
pursued secrets and money. Certain industries became favourite targets and experienced a disproportionate number of attacks, while others remained relatively unscathed. IT security should have senior executive support and be a centrally managed function. Next, the budget. At a minimum, 10 percent of the IT budget should be earmarked for the following cybersecurity fundamentals. • Employee education: 1 percent - In the modern organization, the training to support your cybersecurity strategy should be separated from the general training budget. Otherwise, this type of employee education can get lost to other training priorities. All of the organization’s staff should undergo a mandatory training • Security policy: 2.5 percent - A formal IT security policy is a must and should be tightly coupled with employee education. The policy need not be overly rigid, but it should provide guidance on acceptable use of the Internet and resources attached to it. • Network awareness: 2 percent - Network awareness should be a critical component of your
cybersecurity strategy. Here, it’s important to work with the team that provides your switching and routing fabric and gear to better understand your network awareness. • Specialized training for the security team: 1 percent - As your primary security offense and defense, your team should be imparted with individualized and team training plans. Plans must be established and re-evaluated every year at a minimum. How would you describe technical prevention measures in place for your customers? An integrated real time event monitoring & investigation infrastructure, which consisted of privileged identity management, single sign-on, security information and event management, web application filtering, DDOS protection, intrusion prevention, vulnerability assessment tooling and all these technologies underpinned by effective processes and procedures. The solution is at a minimum ISO27K and PCI/DDS certified and annually audited by a certified body. APRIL 2019 ENTERPRISE IT WORLD 27
CAAS
AVAAMO BUILDS INFRASTRUCTURE TO OFFER CONVERSATION-AS-A-SERVICE (CAAS) Ram Menon talks about Avaamo’s goal to make conversational computing for the enterprise a reality.
RAM MENON
CEO & FOUNDER, AVAAMO.
“Avaamo’s goal is to make conversational computing for the enterprise a reality.”
28 ENTERPRISE IT WORLD APRIL 2019
CAAS
Brief us about the company. What prompted the founders to start a Tech company? Avaamo is a deep-learning software company that specializes in conversational interfaces to solve specific, high impact problems in the enterprise. Much of the technology in this area had to be invented. We have developed fundamental AI technology across a broad area of neural networks, speech synthesis and deep learning to make conversational computing for the enterprise a reality. With seven patents and counting, we are building a new technology stack. We provide an enterprise AI platform that tightly integrates tooling, data, and enterprise connectors to ensure designers, data scientists, and developers can design and deploy complex conversational applications in weeks. We felt that the next great jump in enterprise software is conversational interfaces to talk and ask questions in enterprise systems. The rise of conversational interfaces whether in the enterprise or consumers, is a secular trend in human computer interaction. It is the first significant change after the invention of the browser. That idea germinated in us, ultimately leading to the foundation of Avaamo. We wanted to build a new platform to offer Conversation-as-a-service (CaaS) as a new kind of infrastructure. Tell us about the services you provide through your venture. Avaamo is one of the leading conversational interface providers to banking, insurance, and telcos in India. Many financial institutions choose Avaamo to implement conversational AI based interfaces using our technology due to our security, integration, back end systems and patented method to converse intelligently. To deliver on conversational AI’s promise, fundamentally new technology has to be built to perform multi-turn discussions and execute intensive judgment tasks just like humans. When you can do this, you can revolutionize businesses. Companies can streamline and improve their service desk and drastically improve customer care; insurers can generate quotes in minutes, and health care providers can help diabetics or cardiovascular patients better by monitoring their health care through a virtual assistant on an app.
Who are your target customer segments? Avaamo was built for a global business audience, not a single target customer segment. We support multiple languages and multiple verticals. Our platform was created for a diverse set of users and people across the globe. Success is based in part on how businesses cater to a global audience. We’ve learned that people prefer to interact in their own languages, and they want to experience brands in their own language. It quickly become clear to us that there is no monolithic AI market. AI is being applied to solve problems across industries and depending on the value proposition investors are looking for real tangible benefits of the technology in terms of “making” money or “saving” money. What is the USP of your company that renders its difference from its competitors? Avaamo has developed fundamental AI technology across a broad area of neural networks, speech synthesis and deep learning to make conversational computing for the enterprise a reality. We offer two solutions: (1) Virtual Assistants and (2) Conversational IVR based on a patented platform we call “Conversation as a Service”. Our enterprise AI platform dramatically simplifies the time needed to design and deploy virtual assistants to corporate employees and their customers. Avaamo’s tightly integrated platform uniquely combines tooling, data, and enterprise connectors to ensure designers, data scientists, and developers can design and deploy complex conversational interfaces in weeks. Our industry-first capabilities include a comprehensive, easy-to-use AI platform offers services like a comprehensive NLP based AI engine; behavior libraries designed to detect hate, frustration, praise and a gamut of other emotions; deep domain machine learning models in banking, insurance, telco, and healthcare; integration to legacy systems and systems of record; broad deployment options — deploy to messaging solutions, websites and portals; enterprise-grade security, entitlements, and scalability including HIPAA & GDPR compliance. Brief us about the future of the company or the goal it has set
to mark its exceptionality in future. Our plans are simple: help Avaamo become a crucial component of reinventing how business is conducted in the 21st century. Conversational AI will radically overhaul customer service and free human time and talent for different and more engaging jobs. To push ahead to various areas where conversational interfaces can be implanted in the enterprise. We believe Virtual Assistants are going to change the way customers, employees, and stakeholders interact with one another in the business world. We’re committed to making it incredibly easy for businesses to implement this paradigm shift in user computing. Share some success stories/ milestones, awards and accolades that the company has received. Avaamo has over 50+ enterprise customers in India including Honeywell, Wipro, SBI Mutual Funds, Reliance Nippon, Reliance Capital, HDFC Loans, ICICI prudential, IFFCO-Tokyo, Birla Sunlife, Aditya Birla Capital, Axis bank, City Union Bank, RBL, Ashok Leyland, India First, and many more. Avaamo virtual assistants are deployed at banking, insurance, and manufacturing customers in 40+ countries and 8 languages. Our latest announcements include: Tech Mahindra and Avaamo Partner to take Conversational AI Platform to Global Markets. Avaamo raised a $14.2 million Series A financing round led by Intel Capital with additional investment from Ericsson Ventures, Mahindra Partners, Wipro Ventures and WI Harper. This funding brings the company’s total investment to $23.5 million to date. With the massive advancements in technology, what are the opportunities and challenges evolving with it? Blockchain for distributed ledger technology will redefine the way we think about “trust” and is poised for a sea change in how it’s being implemented. Managing privacy and user data is a huge problem that has not been solved well. I think this is an area which will see a lot of changes in the coming years. As a result one can expect companies, regulatory organizations and even governments to start pushing for more “protection” of data. APRIL 2019 ENTERPRISE IT WORLD 29
SECURITY
DNS HIJACK – SIMPLIFYING THE MISROUTE DNS Hijacks are rapidly getting common and threat to e-commerce, corporates and end users. What exactly is a DNS hijack and how does that work and most importantly, how should we safeguard against this rapidly increasing threat. By: Archie Jackson (AVP Technology/Information Security – Genpact)
“The fastest way to detect DNS hijacking is by using the ping utility. If you ping a non-existent domain and it resolves, that is probably a very strong indicator that your ISP is hijacking your DNS traffic. The idea here is to ping the hostname, this should fail if it does actually return an IP address you are the victim of DNS hijacking.”
T
he hackers behind DNSpionage succeeded in compromising key components of DNS infrastructure for more than 50 Middle Eastern companies and government agencies, including targets in Albania, Cyprus, Egypt, Iraq, Jordan, Kuwait, Lebanon, Libya, Saudi Arabia and the United Arab Emirates. For example, the passive DNS data shows the attackers were able to hijack the DNS records for mail.gov.ae, which handles email for government offices of the United Arab Emirates. Here are just a few other interesting assets successfully compromised in this cyber espionage campaign: -nsa.gov.iq: the National Security Advisory of Iraq -webmail.mofa.gov.ae: email for the United Arab Emirates’ Ministry of Foreign Affairs -shish.gov.al: the State Intelligence Service of Albania -mail.mfa.gov.eg: mail server for Egypt’s Ministry of Foreign Affairs -mod.gov.eg: Egyptian Ministry of Defense -embassy.ly: Embassy of Libya -owa.e-albania.al: the Outlook Web Access portal for the e-government portal of Albania -mail.dgca.gov.kw: email server for Kuwait’s Civil Aviation Bureau 30 ENTERPRISE IT WORLD APRIL 2019
-gid.gov.jo: Jordan’s General Intelligence Directorate -adpvpn.adpolice.gov.ae: VPN service for the Abu Dhabi Police -mail.asp.gov.al: email for Albanian State Police -owa.gov.cy: Microsoft Outlook Web Access for Government of Cyprus -webmail.finance.gov.lb: email for Lebanon Ministry of Finance -mail.petroleum.gov.eg: Egyptian Ministry of Petroleum -mail.cyta.com.cy:Cyta telecommunications and Internet provider, Cyprus -mail.mea.com.lb: email access for Middle East Airlines
WHAT EXACTLY IS A DNS? The domain name system (DNS) functions as an interpreter between humans, who talk words, and computers, who talk numbers. DNS is the keeper of all domain names that are registered on the internet. Its job is to translate those names into IP addresses and hence show the relevant website to the user. Whenever we want to visit a website, it simply matches the name with the IP address and shows the result. This process may take place through a local cache or
through a zone file that is present on the server. A zone file is a file on the server that contains entries for different Resource Records (RR). These records can provide us a bunch of information about the domain. Let’s say the user opens up the browser and types in citibank.com. It is now the responsibility of the DNS resolver in the user’s operating system to fetch the IP Address. It first checks it’s local cache to see if it can find a record for the queried domain name. A local cache usually contains a mapping of IP-addresses to hostnames which are saved during recent lookups so that the DNS resolver does not have to fetch
SECURITY
the IP address again and again. If it can’t find the IP address in it’s cache it queries the DNS server to see if it has a record for it. A DNS server is usually given to the end user by the ISP (Internet Service Provider) or you can manually set up a DNS server for yourself. If it still can’t find the IP Address then it goes through a process or recursive DNS query in which it queries different nameservers to get the IP-address of the domain. As soon as it finds the IP-address it returns the IP-address back to the user and also caches it for it’s future use.
EXAMPLE, USING NSLOOKUP In the second line we have set the type = a. This will query the A records and return us an IP-address for the domain we query. When we type in google.com we get an output showing the server and an IP-address#port. This server is the current DNS server that is serving our request. DNS uses UDP port 53 to serve its requests. The third line in the output shows “Non-authoritative answer”. We can see all the IP-addresses associated with google.com. This is usually the case with large organizations where they use multiple servers to manage scalability of request traffic. A Zone file is basically a text file present on the server hosting the domain that contains entries for different resource records. Different types of Resource Records exist within a Zone file. • A Records- Maps an IP Address to a hostname. For e.g. 74.125.236.80 for google.com. • NS Records-Delegates a given zone to use the given authoritative nameserver. For e.g. ns1. google.com is an authoritative nameserver for google.com • MX Records-This tells us which server is responsible for receiving mails sent to that domain name. • TXT Records-This consists of arbitrarily
human readable text in a record. • CNAME Records- Gives an alias of one name to another.
HOW DOES A DNS HIJACK WORK? DNS Hijacking, is when bad actors redirect or “hijack” DNS addresses and reroute traffic to bogus DNS servers. Once a DNS address is successfully hijacked to a bogus DNS server, it translates the legitimate IP address or DNS name into the IP addresses of the hacker’s malicious website of choice. DNS spoofing and DNS poisoning (or DNS cache poisoning) are the same thing, but slightly different than DNS hijacking. In the latter, the hacker would either plant a malware or hack the router DNS settings. However, in DNS poisoning or spoofing, the hackers compromise (poison) the cache of a DNS server. DNS redirect, on the other hand, is an unethical way of redirecting users to unintended pages such as advertisements pages, etc. ISPs are the ones that usually practice DNS redirect to drive users, say from a 404 page to their desired pages which are usually ad pages. It wouldn’t be unfair to name it ISP DNS hijacking. If your computer has been infected by a malware that managed to change your PCs DNS settings, it will no longer have the ability to correctly make the connection between a user friendly domain name and its original IP address. This means that you will be directed to fake versions of certain websites you are trying to visit. Your computer’s DNS settings are usually assigned by your ISP (Internet Service Provider). When you try to access a website, your computer refers your request to those settings which redirects it to a DNS server. The server matches the name with the IP address and then sends you to the desired website.If your computer settings are compro-
mised, your request will be redirected to a rogue DNS server. Consequently, the rogue server will translate your request into a fake IP address that leads to a fake or malicious website. DNS is highly decentralized. No single DNS server holds all the IP addresses and their corresponding domains. Your query will travel along a chain of DNS servers before you get your result. Therefore, DNS hijacking is the practice of redirecting DNS queries. You send out a query, but a third party steers the query the wrong way. As a result, you get a false IP address, and the wrong page loads on your screen. Example, if you’re trying to access your online bank. Your DNS is hijacked and a different website is loaded that looks exactly like your bank’s homepage and you enter your login details. This is a known phishing scam when hackers create fake copies of a website to extract their victims’ usernames and passwords. The next thing you know, your bank account has been compromised. A DNS hack could happen at any link in the chain of DNS queries. Here’s how: • Malware:Your computer or router can be infected with malware that rewrites the configuration of DNS settings. As a result, your device queries a conned DNS server that serves you fake IP addresses. A malicious malware could redirect you through hacker-controlled open web proxies and get access to all your traffic and could also be directed to a dummy website that extracts your passwords and usernames through fake login procedures. • Compromised DNS server:In this, your query is redirected in the wrong destination by a DNS server under a hacker’s control. This attack is even more clever because once the query leaves your device, you have no control whatsoever over the direction your traffic takes. • Internet service provider interference:Some internet service providers use DNS hijacking on their own users to display ads or collect statistics. They do this by hijacking the NXDOMAIN response.NXDOMAIN is the response you get if you type in a domain that does not exist (meaning it doesn’t have a corresponding IP address). For example, if you entered “ssdsrfadsfdgfaaf.com” into your browser, you would get the NXDOMAIN response: “The website cannot be found” or a similar error message. When an internet service provider hijacks the NXDOMAIN response, they replace the error message with a fake website set up by the internet service provider to show you ads or collect your data. To read the entire article, log onto www.enterpriseitworld.com.
APRIL 2019 ENTERPRISE IT WORLD
31
SECURITY
CHALLENGES FOR THE CISOS: EDUCATING THEMSELVES AND THE EMPLOYEES A CISOs biggest concern is to protect the data of the organization. It is not so simple always as the lack of awareness among the employees might just complicate things further for the CISO rather than assisting him/her.
“Cybersecurity education is a critical tool for enterprises faced with an increasing volume of constantly evolving threats.” What are the current technological challenges that the CISOs are facing? The constantly evolving technology is shaping up the future of business. The biggest challenge that CISO faces today is protecting the data. CISO should always stay ahead of the game as his job is to protect not only his company’s data but also their client/ user’s data, a stolen data can prove fatal for the company. There is a boom in the business of hacking as hackers are constantly finding new and sophisticated ways to attack with evolving technology. With growing digitalization things are now started getting connected to each other. To keep up with the development in the increasing number of interlinked systems is also a major task for the CISO. Newly launched products or technology that come without any in built security can also be a possible challenge for a CISO. Awareness is also a major concern in cybersecurity, most of the people aren’t updated about it and they don’t think it’s essential for the business. Earlier in India there was no specific budget that was allotted in a firm for cybersecurity. A small organization often thinks that they don’t need cyber security as they won’t be a potential target for hackers. We have often heard tech giants also falling in the trap of hackers and losing tons of valuable data. There are times when employees avoid some strange functioning in their emails and the ignorance of that often leads to a huge cyber-attack. So, carelessness from the company 32 ENTERPRISE IT WORLD APRIL 2019
as well as employees can also be a huge challenge that a CISO faces. The vendor landscape has started to leverage AI & ML for protecting the threat landscape. What is your organisation proposing to customers? At Kaspersky Lab we use the Humachine formula- which means efforts by human and machine. Even with the presence of AI in our products, we like to give it a human touch to analyse possible threats that could affect the processing of the company. We follow the strategy of working with an advanced technology like AI and using our human expertise to analyse these advanced technologies to prepare our products. What are the solutions that you offer to them to face those challenges? We have developed our solutions by understanding the threats and targeted attacks on SMEs. We therefore offer a variety on endpoint solutions that can be altered according to the company’s requirements and suiting their cybersecurity budgets. Kaspersky’s endpoint security solutions include Kaspersky Hybrid Cloud Security, Security for Microsoft Office 365, Kaspersky Security Business Total, Kaspersky Threat Management and Defense, Industrial Cybersecurity and Fraud Prevention. How do you think the Indian Data Protection Bill will affect the
MR.SHRENIK BHAYANI
GENERAL MANAGER, KASPERSKY LAB (SOUTH ASIA)
Cyber Security solutions that you offer to the Enterprises? As a global company, we comply with local laws and regulations. Respecting and protecting customer privacy is a fundamental principle of Kaspersky Lab’s approach to processing data. Kaspersky Lab only processes that data which is necessary for product functionality to perform as promised, for example, to identify new and as yet unknown threats and offer better solutions to customers. The company does not attribute this data to specific individuals, anonymises it in most cases and robustly protects it. Security training is a key element of operational success, how does your organisation help or do you think, customers are adequately, training their staff on awareness? There are a lot of companies that are now giving cybersecurity utmost priority. Cybersecurity education is a critical tool for enterprises faced with an increasing volume of constantly evolving threats. IT Security staff needs to be skilled in the advanced techniques that form a key component of effective enterprise threat management and mitigation strategies. Equipping your team with the most up-to-date knowledge will help defend your organization against even the most sophisticated attacks. We at Kaspersky Lab provide Comprehensive corporate training programs covering digital forensics, malware analysis and incident response topics.
SECURITY
THE EVOLVING LANDSCAPE OF SECURITY AI and ML pay a crucial role in how Security as a domain evolves in the enterprise market. From complicating the security to offering solutions to build stronger barriers, it is important to understand the trends that these technologies bring about.
“AI solutions for cyber security is based around true cognitive technologies – such as language processing and semantic reasoning.”
PRASHANTH GURUSWAMY
DIRECTOR SALES, INSTASAFE
The vendor landscape has started to leverage AI & ML for protecting the threat landscape. What is your organisation proposing to customers? AI & ML are the hottest buzzwords in every segment of IT industry. The very idea of teaching a machine to mimic the way humans think without the need to develop millions of complex rules sounds amazing and machine learning models are simply trained by feeding them with large amounts of carefully selected data. But there is however a thin distinction between thinking like a human and performing intellectual tasks like a human. AI solutions for cyber security is based around true cognitive technologies – such as language processing and semantic reasoning. Potential applications include generating structured threat intelligence from unstructured textual and multimedia data (ranging from academic research papers to criminal communications on the Dark Web), proactive protection against phishing attacks, intelligent decision support for human experts. Alas, we are yet to see sufficiently mature products of this kind on the market. At InstaSafe we are working towards making a better secure world for our customers and working with machine learning & AI techniques to make zero trust architecture a reality. Is “Zero Trust” the next BIG wave in Cybersecurity? Absolutely, Zero Trust signifies that never trust,
only validate. It is the strictest interpretation of security and assumes every actor is malicious and only gives access on a real time as need basis. Zero Trust eliminates the idea of a trusted internal network and an untrusted external network. Instead, all traffic and users are treated as untrusted. All resources are accessed in a secure manner, and all traffic is logged and inspected. Security, therefore, becomes ubiquitous throughout the infrastructure.
for organizations, manufacturers, and consumers, while at the same time creating opportunities for hackers. The world has seen the risks of this firsthand: Internet of Things (IoT) devices now constitute the largest-scale botnets, able to take down major websites like Twitter, GitHub, and the PlayStation Network. The many ways a hacker could access this data is apparent and quite disconcerting. The first step to protecting yourself is, knowing where you’re vulnerable.
Why is the email still so vulnerable? The majority of cyber attacks begin with one simplest phishing email. Its carried out over email , social media , messaging services and applications.The goal is to trick the target into giving personal information that can be used later to cause further damage.It can be passwords to hack the company,online bank details to steal money or your social security number. Anybody can be a victim from an individual to a commercial firm or digital infrastructures. Social engineering is the key to nearly all email incidents and awareness is a must for making emails safe apart from technology.
Security training is a key element of operational success, how does your organisation help or do you think, customers are adequately, training their staff on awareness? InstaSafe engages with various organisations and we have worked with Cloud Security Alliance in the past to introduce innovative concepts & systems to the Indian cybersecurity community. This year we are working towards supporting “Women in Cybersecuity” to generate awareness on the need for diversity in our community and continue to bring new initiatives for the community empowerment.
IoT devices and IT/operational technology integration have dramatically expanded the attack surface. How does the new perimeterless world save itself? There are more connected devices than humans. The unparalleled growth of connected devices has created innumerable new threats
What is your sales enablement action plan this year, to confidently communicate your value proposition to the crowded channel partner & customer audiences? InstaSafe launched its Channel Partner program last year & is looking forward to add capabilities that include extensive sales enablement that widens our reach with our partners. APRIL 2019 ENTERPRISE IT WORLD 33
SECURITY
WIPRO HIT BY AN ADVANCED PHISHING ATTACK, INITIATES INVESTIGATION The advanced phishing attack on Wipro proves the persistent vulnerability of the email. While the enterprise employs new technology to keep its data secure, hackers continue to find, attack and exploit the weak spots. B Y P O OJA JA I N P O OJA @ AC C E N T I N FO M E D I A . C O M
DR AJAY DATA
CEO, Data Xgen Technologies
“It is of utmost importance to educate employees for phishing attacks, experience mock attacks, develop a security policy that includes but isn’t limited to password expiration and complexity and keep sensitive Data encrypted as much as possible.”
Wipro has recently been the target of an advanced phishing attack. It was reported that Wipro was aware that its email systems have been breached by hackers to target its customer systems and the company was in the process of building a new private email network for the employees. The attack came, when the company was trying to recover from the breach. “We came to know of a potentially abnormal activity within our network, about a week back, in respect of few of our employee accounts, who were subjected to an advanced phishing campaign.” Wipro posted a statement on its official Twitter Account. The data breach was first reported by a cybersecurity blog, KrebsOnSecurity. According to this platform, Wipro was “dealing with a multi-month intrusion from an assumed state-sponsored 34 ENTERPRISE IT WORLD APRIL 2019
attacker and that Wipro’s systems were seen being used as jumping-off points for digital fishing expeditions targeting at least a dozen Wipro customer systems.” Commenting on the immediate steps taken to tackle the attack, Wipro stated, “We have used our industry-leading cyber security practices and partner ecosystems for these steps. We are collaborating with our partner ecosystem to collect and monitor advanced threat intelligence for enhancing security posture. We continue to monitor our enterprise and infrastructure at a heightened level of alertness.” As soon as the attack was identified, Wipro took prompt action and set off a forensic investigation into the matter. It also took quick remedial actions by identifying the affected users and taking the necessary steps to containing and
mitigating the potential impact of the breach. “We have also retained a well-respected, independent forensic firm to assist us in the investigation. We continue to monitor our enterprise and infrastructure at a heightened level of alertness,” Wipro added. Commenting on the Phishing and cyberattacks on Wipro’s systems, Dr Ajay Data, CEO, Data Xgen Technologies said “Employees possess credentials and overall knowledge that is critical to the success of a breach of the company’s security. One of the ways in which an intruder obtains this protected information is via phishing. The purpose of phishing is to collect sensitive information with the intention of using that information to gain access to otherwise protected data.” The Wipro incident surely raises questions on how secure is the enterprise market? Though,
SECURITY
NEELESH KRIPALANI Senior VP and Head, Clover Infotech
“The approach towards cyber security threats needs to be proactive rather than reactive.”
RAJIV SINGH
Senior V.P. & Global Head of Enterprise Security & Risk Management, Tech Mahindra
“They are the most sensitive and important record of our personal data which can be easily compromised, as a result of e-mail ID breaches.”
security has always been a major concern of the business, it has taken a new dimension in the age of interconnectivity. An attack of this scale, then not just has the potential to compromise the information of the company or the employees, but also of their clients and customers. There is an unavoidable ripple effect at work here. Addressing the vulnerability of the Email, Rajiv Singh, Senior V.P. & Global Head of Enterprise Security & Risk Management, Tech Mahindra said ¬¬“E-mail is a universal way of communicating on internet. If you are on the internet, you need to have an email addresses, these are our internet IDs. These email IDs lets us sign up for
things, receive notifications, and communicate with each other. However, e-mail attachments are the primary reason for malware installation. Employees, whether maliciously or unwittingly, can render a company vulnerable via email. If the data contains sensitive information, then the organization could incur mitigation costs.” Offering advice on what can people can do in case of a data breach, Neelesh Kripalani, Senior VP and Head, Center of Excellence (CoE), Clover Infotech said “It is imperative for organizations to stay ahead of the game against the hackers, and we as the MSP play an important role in ensuring the same. We recommend implementation of
Database Activity Monitoring (DAM) solutions to monitor database traffic for detection and blocking of threats. We conduct regular VAPT tests and ensure corrective actions are taken up in real-time. In addition, we implement data security features such as redaction, masking, database vault, encryption etc. to ensure that sensitive data is protected. For cloud environment, we suggest to implement role based access so that the administration privileges do not stay with single user account. Additionally, we recommend implementation of cloud access security management tools for greater security control and access visibility of SaaS and PaaS solutions”. APRIL 2019 ENTERPRISE IT WORLD 35
WHITE PAPER
CYBERATTACKS ON CLOUD HONEYPOTS BY: MATT BODDY, SOPHOS
C
ontrary to popular belief, every device is worth hacking when the process is automated. It doesn’t matter who or where you are, if you own a company big or small, or have technology in the home – every device can be monetized by an enterprising criminal. Brute force login attempts are likely ccurring on any online device. Yet the speed and scale of the problem can boggle the mind. Criminals are relentless and often competitive with one another to find, take over, and monetize your smart devices. The research you’ll find here, using honeypot devices across the internet, is a first step in attempting to quantify the issue. In cybersecurity terms, a honeypot is an open, vulnerable device, configured to deliberately lure a cybercriminal to attack. When the criminal starts to interact with the device, they are in fact triggering alarms to alert a business or individual to their presence and track their activity. There are many types of honeypots, but in this paper we focus on two main distinctions: high and low interaction. A low-interaction honeypot is a honeypot that, once found by the hacker, will not be of much use to them. In our case, the attacker is presented with a login prompt they have no way of getting past. This logs and stores any attempts to log in, providing information on the attacker’s IP address of origin (which can be attributed to a location), and the username and password used in the login attempt. A high-interaction honeypot permits the attacker to go further in order to gather additional information about their intentions. In the context of this paper where high interaction honeypots are referenced, we allowed the attacker to log in to the honeypot with a designated set of usernames and passwords, and stored any command the attacker attempted to use. The honeypots in this test simulate the Secure Shell (SSH) service and, therefore, measure SSH login attempts. SSH is a remote access service used not only by servers, but is also enabled in 36 ENTERPRISE IT WORLD APRIL 2019
domestic environments in devices as diverse as CCTV cameras or NAS devices. On these systems, legitimate users may connect via SSH to remotely configure the device or to access files. For an attacker, once they get past the login prompt onto an IoT device, they not only gain the same access as the owner, but often gain even more control than was ever intended. We initially set up honeypots in ten of the most popular AWS data centers in the world and made sure that the honeypots are not affiliated with Sophos or any other company other than, perhaps, the hosting provider. To a hacker, they appear as just a number, a bit of extra processing power that could be theirs, a camera they could control or a directory of files they could access and share. The research clearly demonstrates that devices that have not received due attention to configuration (including changing any default passwords installed at the factory on many devices) may permit a cybercriminal to access those devices. However, we can learn how attackers work from this research, and what we can do to prevent many of them from succeeding.
THE FINDINGS Finding 1: The short time it takes to get pwned
When the honeypots first went online, it took attackers no time at all to discover the SSH service and for login attempts to start. In one instance, our device was attacked in less than one minute from deployment. However, in others it took nearly two hours before login attempts began. But once the login attempts start, the attacks are relentless and continuous. Finding 2: It is a feeding frenzy
Once the honeypots were well established, each device saw an average of 13 login attempts per minute*, or about 757 per hour**. Finding 3: The Chinese connection
95.4% of the traffic we tracked appeared to originate in China. This doesn’t necessarily mean that the attackers conducting these brute-force attempts are also located in China, because attacks
may be routed through other machines under the attackers’ control. Finding 4: The global distribution of login attempts
The London honeypot alone suffered just over 314,000 login attempts over the course of the 30 days in which we ran these honeypots, with the honeypot hosted in Ireland suffering more than 600,000 login attempts. Other notable figures include over 950,000 attempts in Ohio. Does this mean that hosting services in London is safer than hosting services in Ohio? In short, no. Honeypots based in every region received hundreds of thousands of login attempts over this 30 day period. These attempts varied in complexity from default usernames and passwords down to complex passwords with what security practitioners would consider sufficiently complex combinations of numbers, letters, and special characters. No one country is safer than any other. Wherever you are in the world, following good security practices is paramount.
DEFAULTS ARE THE FAULT Looking at what drives this number of brute force login attempts, we found the dominant problem was ongoing exposure as a result of not changing default usernames and passwords. For example, ‘root’ exists as a default username for most *NIX devices. Consequently, it is unsurprising that it is consistently at the top of the list of most seen username login attempts. However, the sheer scale is remarkable: ‘root’ accounts for 5,211,644 of the 5,447,956 logins (just under 96%). Because the ‘root’ account provides administrative access to devices, it’s likely
WHITE PAPER
underground community and is no better than a “well known secret”. Even when users are forced to choose their own password during initial setup, we often observe little care is taken in choosing a secure password leading to easy attempts by criminals to brute force guess working combinations.
WHAT HAPPENS ONCE THEY’RE IN? that, after their botnet reaches a significant size, the cybercriminal will use this privileged access to perform large scale DDOS attacks to organizations and institutes as seen before in botnets like Mirai. There are other correlations we can make between login attempts and specific technologies. For example, the username ‘pi’ was represented in the top 20 attempted usernames because it is the default username for Raspberry Pi-based computers running the Raspbian operating system. The fact that the username exists here shows that, through misconfiguration or negligence, these devices appear on the internet as exposed and vulnerable. If a device is online, anyone can attempt logging in, so the only line of defense is the password. This is where we see opportunist cybercriminals are aiming for commonly used and poorly chosen passwords for the root account. In much smaller numbers we also notice login attempts targeting specific brands or models of device. These login attempts are focusing on devices still configured with well-known default accounts and passwords. For example, for Raspberry Pis running Raspbian, a distribution of Linux designed for the Raspberry Pi, the default password “raspberry” appears 1,808 times, taking it into the top 20 attempted passwords. This dastardly duo of default login details and obvious links to hardware names gives hackers an easy ride. We have collated a list of the most recognizable default usernames and passwords that were used by attackers and, to illustrate the issue,we have suggested IoT device brands which use those defaults. Going beyond the default password, there is a further issue with commonly chosen passwords. When analyzing a handful of the most seen password attempts, clear, simple keyboard patterns are being exploited by cybercriminals. Two canonical examples of this would be the passwords “1qaz2wsx” and “1q2w3e4r”. Looking at a keyboard, it is easy to see how all of these keys are located right next to each other. Many devices ship with default passwords. Whether they are easy to guess or not, this is always a mistake. Any device with a default password quickly becomes widely known in the
The purpose of this research was to establish the frequency, consistency, and complexity of the average attack on the average person. As a result, the majority of the research focused on lowinteraction honeypots to measure the number of login attempts. However, the high-interaction honeypot was included to better understand what the average device may well be directed to do once compromised. The research suggests that if you’re unfortunate enough to have a weak username and password and your device ends up online, you will be involved in attacks aimed at large organizations. From the high-interaction honeypot, we pulled this typical course of action: 1. Login attempt of username:root password:admin succeeded 2. TCP connection request to Yandex over HTTPS 3. TCP connection request to large retail chain’s open API over HTTPS 4. TCP forward request to large retail chain’s open API over HTTPS The above process repeats thousands of times, making it appear automated. However, we can still analyze the steps in the attack. 1. Check that the honeypot has a valid internet connection by connecting to a well-known address. This is via a secure connection request to Yandex. Yandex is a popular search engine in eastern Europe and Russia. 2. The attack then checks if connectivity to the target service is available – in this case, a connection request to a remote IP address belonging to a large retail chain’s open API . 3. There then follows an attempt to exploit large retail chain’s IP address using the SSH honeypot server as a proxy. By being compromised, the honeypot has now become an amplification device for the cybercriminal to launch further attacks on other infrastructure.
CONCLUSIONS AND COUNSEL In light of the above observations, we have some initial recommendations to keep devices secure and break these botnet chains. Most of the login attempts preyed on default usernames and/or passwords. Changing these is a critical initial step
to improving the security profile of a business, and it must be applied rigorously to all new devices. The recommendation is simple – change all passwords from the default and avoid obvious patterns. There is also a specific weakness around universal plug and play (UPnP). UPnP automatically sets up a port forwarding rule which allows connections between routers and devices. Although the research has not addressed this specifically, it could be the reason for so many login attempts targeting CCTV and other IoT devices. The simple advice is to turn off UPnP on routers. Ideally, everyone should use complex and unique passwords for each service. To make this simple, they should use a password manager. A password manager can introduce unique complex passwords for every website you use, and you only have to remember a single password for the password manager itself. And on SSH servers, use key based authentication, not just a password. Key-based authentication provides an alternative to password based authentication; if you don’t have the key, you’re not allowed in. Where available, administrators can deploy tools such as fail2ban on Linux servers to limit the number of login attempts someone can make before their IP address is banned from connecting again. If an attacker does manage to get onto your Linux device, then your last line of defense should be a malware scanner, such as Sophos Antivirus for Linux, which will catch known payloads that are dropped onto your device by the adversary. The aggressive speed and scale of attacks on new devices should send a strong signal to anyone working with technology, as well as deploying technology around the home. The only default setting that is acceptable is that of caution and best practice. It is not a case of if you will be targeted, but rather when, and how prepared you are for the attacks to come. APRIL 2019 ENTERPRISE IT WORLD 37
SECURITY
SECURITY AND TECHNOLOGY: A CISO’S TOOLS The ever-evolving Technology presents a new challenge to the enterprise just as it solves other problems. Rajiv Singh talks about the role the latest technological trends play as far as the Security in the Enterprise Market is concerned.
What are the technological trends that you have witnessed in the industry that have improved your services and what are the trends you think should emerge? With an increase in the cyber security incidents, securing networks and protecting data is becoming crucial to organisations. According to Cisco Security survey, India faces one of the highest cyber security threats in Asia-Pacific region. With an increase in the incidents of security breaches, there is an uptake in cyber security budgets. As per EY’s Global Information Security Survey 2018-19, around 70% of the organisations plan to increase their cybersecurity budgets. The companies will have a renewed focus on protecting and improving network infrastructure. Tech Mahindra has partnered with promising security Startups to address issues like Artificial Intelligence, IoT (Internet of Things) Security, and Critical Infrastructure Security. The objective is to address the growing needs of the enterprise customers globally and build a mutually beneficial relationship. We have developed the World’s First AI-Powered Predictive Cyber Risk Platform that can predict and proactively avoid cyber-breaches by continuously monitoring IT inventories and take appropriate mitigating steps. Our end-to-end security portfolio has disruptive solutions like continuous Security Assurance, Industrial IoT security, anti-email spoofing & threat score card that provides a transparent view of the risk resiliency of the organization and offers continuous assessment capabilities. Tech Mahindra’s intelligent Security Operation Center can prioritize the actionable intelligence for proactive handling of identified critical risks. It can also provide key insights to board members of the organization and accurately measures overall breach risk and cyber-resilience. Tech Mahindra in partnership with the US based Startup, has built Automated Security Assurance Platform (ASAP), that provides continuous assurance on compliance and risk management to the shareholders and assures the Board of Directors of the risk posture capability of the Enterprise. We have also partnered with an Israel based startup to develop advanced cybersecurity solutions like cybercrime investigation, cybercrime policing &analytics. What are the current technological challenges faced by the CISOs from a security point of view? Today, businesses are digitally transforming themselves at a rate faster than before. Businesses across key sectors are increasing their digital budgets in order to create new business models. With Internet of Things becoming more pervasive, security related responsibilities are getting complicated. Hence, the biggest challenge for CISO is to protect and secure the network from possible security thefts. According to NASSCOM, India is one of the most vulnerable nations in the world when it comes to cyber-attacks. Therefore, it is critical for CISOs 38 ENTERPRISE IT WORLD APRIL 2019
tobecome leaders who protect data and stay ahead of the game through continuous learning. The rise of ransomware is also a massive challenge for CISOs. According to a report by Cyber Security Ventures, ransomware damage costs are predicted to hit $11.5B by 2019 and cybercrime damage costs will hit $6 trillion annually by 2021. Hence, protecting sensitive data from the hackers is crucial to organisations. Other challenges for the CISOs include -compliance assurance, compliance management and ensuringcompliance with GDPR, Australian Prudential Regulation Authority (APRA), California Consumer Privacy Act (CCPA) and other similar standards. The vendor landscape has started to leverage AI & ML for protecting the threat landscape. What is your organisation proposing to customers? Key initiatives by Tech Mahindra to provide protection against the threat landscape includes:l Providing contextual threat intelligence, SOAR, Endpoint-detection and Actionable Intelligence with a single pane of glass as part of the tools stack via aid of partners’ tools/ platforms. l Utilising threat intelligence from aggregators that contextualize STIX/ TAXII and over 150 commercial feeds besides ISAC (Information Sharing and Analytics Centre) and ISOC (Integrated Security Operations Centre), US Cert and other neutral entities. l LeveragingAI/ML to contextualize raw feeds and enhance the context, remove duplicates and false alarms l Provide Digital-Forensics Analysis, anti-spoofing, anti-phishing services Is “Zero Trust” the next BIG wave in Cybersecurity? With businesses investing heavily in digital models, the world is becoming more connected than ever before, making businesses an attractive target for hackers. Hence, the legacy approach that relies on trusted and untrusted domains can no longer help in providing full proof protection to companies. This has led to the emergence of a ‘Zero Trust Network’. A zero trust network looks at everybody equally. It works on the assumption that one cannot separate ‘good guys’ from the ‘bad guys’. It is a holistic and strategic approach to protect the network and ensures security of the devices againstall possible security breaches. IoT devices and IT/operational technology integration have dramatically expanded the attack surface. How does the new perimeter-less world save itself? Tech Mahindra helps secure entire IoT value-chain from the devices at the edge of the networks, right up to Cloud. We conduct end-to-end security
SECURITY
RAJIV SINGH
SENIOR V.P. & GLOBAL HEAD OF ENTERPRISE SECURITY & RISK MANAGEMENT, TECH MAHINDRA
“Tech Mahindra has partnered with promising security Startups to address issues like Artificial Intelligence, IoT (Internet of Things) Security, and Critical Infrastructure Security.
The objective is to address the growing needs of the enterprise customers globally and build a mutually beneficial relationship.”
testing to verify - Security of the device (Baby Monitor), Security of Mobile-application, Testing of protocols, including Fuzz testing, Back-end server infrastructure : Web, SIP & XMPP servers, Crypto-analysis (cypher, Hash, certificates), Database security, and Secure code review. Tech Mahindra offers solutions for OT (Operational Technology) Security Assessment by providing services like Security Assurance Testing, Compliance to Standards: NIST-800-82, IEC-62443, SANS top 20, NERC-CIP, Blackbox (Fuzzing) and Grey Box testing, Centralized point of monitoring, Control & Reporting, Complete IT/OT visibility, Asset Management, Detect known and unknown threats across cyber kill chain, Early warning – Actionable Alerts and Security Information and Event Management (SIEM) Integration What are the services offered by Tech Mahindra with respect to Security in the Enterprise Market?
Tech Mahindra’s end-to-end security portfolio has disruptive solutions like Continuous Security Assurance, Block chain based Industrial IOT security, Anti - Email spoofing & Threat score card that can provide a transparent view of the risk resiliency of the organization and provide continuous assessment capability. Tech Mahindra’s continuous security platform protects any application, patched or unpatched, across the full application stack from file less threats to binary memory-based attacks. Itstops threats in realtime, delivering unprecedented accuracy without false positives. By 2020, over one-third of all data will live in or pass through the cloud, with data production in 2020 being estimated at 44 times greater than it was in 2009. Given the global drive towards strong national privacy regulations, Tech Mahindra has developed MyData Shield, world’s first global privacy ecosystem that protects the individual’s right to privacy, consent and grievance redressal across multiple industries
simultaneously, including health care, financial services, retail and government. MyData Shield supports integration with national identity and trust infrastructure, such as India’s Aadhaar biometric registration service. Tech Mahindra also has an expertise in cyber crime investigations, starting from the social media crimes and identity theft related issues to high end financial crimes like Cryptocurrency Investigations and hacking. With Unique blend of tier1 OEM tools coupled with high-growth startups; Tech Mahindra delivers managed security as a service. The customized services include: Threat Monitoring, Analytics and Incident Management, Security Infrastructure Device Management, Threat Surface Management Services, Brand Monitoring and Protection Services , SOC in a Box, VAPT, Compliance Audit, Identity & Access Management, Risk Consulting, GDPR as a Service, Security Audit/Strategy, Cloud Security Monitoring and ETDR as a Service. APRIL 2019 ENTERPRISE IT WORLD 39
CLOUD COMPUTING
A LOOK AT CHECKPOINT’S JOURNEY THROUGH THE CLOUD MARKET With Cloud leading the industrial technological revolution, it has become exceedingly crucial for the solution providers to up their cloud game to navigate the enterprise market.
40 ENTERPRISE IT WORLD APRIL 2019
CLOUD COMPUTING
VENUGOPAL N
DIRECTOR – SECURITY ENGINEERING, CHECK POINT SOFTWARE TECHNOLOGIES (INDIA) LTD.
“Check Point is focusing on rolling out more comprehensive and hyper scalable solutions such as CloudGuard to provide protection against evolving
cyber threats.”
It is believed that India’s Booming Cloud Market is expected to reach $4.1 Billion by 2020 (Forbes). What are the factors behind this growth in the Cloud business in India? The value proposition of moving to the cloud is there to be seen to all. Businesses are recognizing that the agility and flexibility that the cloud gives is second to none and hence are moving their critical apps to the cloud. With cloud infrastructure vendors are also setting up their data centers in India, concerns about data theft and data moving out of the country are being addressed. Such combined forces are driving the cloud business to grow manifolds. What are the real CIOs infrastructure challenges that are being resolved by Cloud? Cloud solutions are powering the biggest transformations for enterprises. Organizations are bringing their products to market faster and leveraging shared resources of cloud services instead of spending countless resources and time designing, deploying and managing physical infrastructure. With such greater agility in the virtual environment, IT resources can be deployed more quickly at optimized costs and are scalable according to the changing market demands without having to compromise on the security of their data, their network, and their employees. Check Point’s CloudGuard provides comprehensive cloud security solutions to keep enterprise data, asset and apps free from even the sophisticated attacks (Gen V). Provide a brief description of your Cloud Capabilities.
Check Point’s cloud solution CloudGuard is designed to prevent the latest fifth generation (Gen V) and multi vector cyber-attacks targeting cloud networks, data and applications. The comprehensive portfolio seamlessly integrates with the largest number of cloud platforms and cloud-based applications to easily protect any cloud service. The solution also supports single-click and agile deployment models aligned with the dynamic nature of cloud services, making adoption and expansion of cloud services a breeze. Can you enumerate your cloud offerings? Check Point’s CloudGuard portfolio of solutions currently consists of three main offerings. CloudGuard IaaS provides advanced threat prevention for enterprise network in public and private clouds. It protects assets in the cloud from the most sophisticated Gen V cyber-threats with dynamic scalability, intelligent provisioning and consistent control across physical and virtual networks. CloudGuard Dome9 that provides native security and compliance automation across the public cloud, delivered as a service. The solution allows enterprises to easily manage the security and compliance of their public cloud environments at any scale across various cloud platforms. CloudGuard SaaS that prevents targeted attacks on SaaS applications and cloudbased email, also delivered as a service. The solution blocks attacks on SaaS applications and cloud-based email. What are the special services/differentiated services that you provide which are not
available with other Cloud providers in the competition or they are trying to emulate or catch up with you? Check Point CloudGuard security solution provides the most comprehensive offering in cloud security covering all: Cloud Workload Protection (CWPP), Cloud Posture Security Management (CSPM), and SaaS Security. Across all solutions, it offers industry-leading threat prevention (NSS awards-winning), compliance orchestration, extensive visibility, and ease of use that serves the dynamic nature of cloud usage. Only Check Point supports single-click and agile deployment models aligned with the dynamic nature of cloud services, making adoption and expansion of cloud services a breeze. What is your road map for next 12-36 months? Not all enterprises in India are protected for advanced and sophisticated cyberattacks as they are for Gen 2 and Gen 3 viruses. As a security provider, Check Point is focusing on rolling out more comprehensive and hyper scalable solutions such as CloudGuard to provide protection against evolving cyber threats. We are already ready with the security of the future with a robust cloud security portfolio that supports single click and agile deployment. Further, talking about building our product portfolio strength, we have identified key focus areas for the year and will be centering our energies to create awareness on the following offerings in the market. Some of the key areas are CloudGuard IaaS and CloudGurd Dome9 integration, CloudGuard Magellan, Container Security and Serverless SecurityPaaS Security. APRIL 2019 ENTERPRISE IT WORLD
41
THE STUFF // PRODUCTS & SERVICES
CIO TOYS
ALARIS EXPANDS INFORMATION CAPTURE ECOSYSTEM FOR SMALL-TO-MEDIUM ENTERPRISES
Alaris, a Kodak Alaris business, has unveiled its next generation of information capture solutions designed to easily and affordably digitize paper, automate business processes, and boost productivity at home and in the office. The Alaris
E1000 Series Scanners are the latest addition to the award-winning IN2 Ecosystem, a powerful combination of best-in-class document scanners, imaging software and services delivered by Alaris’ global network of partners. Packing all the
intelligence of a larger device into a streamlined, desktop scanner, the Alaris E1025 and E1035 Scanners are ideal for small office/home office environments, reception areas and workgroups. The compact, quiet scanners deliver the Right Fit with seamless integration into customer environments; the Right Experience by streamlining and optimizing workflows, enabling one-touch scanning directly into business applications; and the Right Results through superior image quality, paper handling and information accuracy. Productivity-boosting features include the ability to power up and start scanning in less than ten seconds and fast throughput. The E1025 and E1035 models scan at speeds up to 25 pages per minute (ppm)/50 images per minute (ipm) and up to 35ppm/70ipm, respectively. They are easy to set up, enabling users to scan right out of the box and integrate with existing business processes and applications, from network to Cloud, through Alaris Smart Touch Software.
SYNOLOGY
B Y S A N J AY @ A C C E N T I N FO M E D I A . C O M
QUANTUM LAUNCHES NEW F-SERIES NVME STORAGE PLATFORM FOR CUTTING EDGE MEDIA WORKFLOWS Quantum Corp. has announced the F-Series, a new line of NVMe storage arrays designed for performance, availability and reliability. Using non-volatile memory express (NVMe) flash drives for ultra-fast reads and writes, it supports massive parallel processing and is designed for studio editing, rendering, and other performance-intensive workloads utilizing large unstructured datasets. Incorporating the latest Remote Direct Memory Access (RDMA) networking technology, the F-Series provides direct access between workstations and the NVMe storage devices, delivering predictable, fast network performance. By combining these hardware features with the new Quantum Cloud Storage Platform and the StorNext file system the F-Series delivers powerful end-to-end storage capabilities for post-production houses, broadcasters, and other rich media environments.
42 ENTERPRISE IT WORLD APRIL 2019
The F-Series is based on the Quantum Cloud Storage Platform, a software defined block storage stack tuned specifically for video and video-like data. It offers a future proof and reliable platform, eliminating data services unrelated to video while enhancing critical capabilities such as enhanced data protection, flexible networking and block interfaces. The result is an efficient architecture that maximizes streaming performance.
RNI NO: DEL ENG/ 2017/ 69906 Postal Reg. No.: DL-SW-01 / 4200 / 17-19
Date of Publication: 28 of Every Month Date of Posting: 1 & 2 of Every Month
Experience capabilities beyond SD-WAN with
ARUBA SD-BRANCH Aruba Software Defined Branch (SD-Branch) combines best-in-class wired and wireless branch infrastructure with remote management orchestration, analytics-driven security framework and state of the art SD-WAN capabilities Learn more at: www.arubanetworks.com/in-sd-branch For more details contact: +91 9606811117 | shipras@hpe.com Copyright Š 2019. Aruba, a Hewlett Packard Enterprise company. All right reserved.