The ever growing challenges of cybersecurity with no concrete solution yet…..


By MYBRANDBOOK


The ever growing challenges of  cybersecurity  with no concrete solution yet…..

Worldwide spending on cybersecurity products and services has collectively exceeded $1 trillion from 2017 to 2021.The ever-growing number of public IP addresses and access points, a dramatic increase in the volume of Internet traffic, and the massive amounts of data that the world generates today, combine to create a highly favourable environment for cybercriminals to exploit vulnerabilities. The cost of cybercrime will reach 7 trillion dollars worldwide by 2021, and the cost of ransomware damages will rise to 20 billion dollars.

Technological advancements have not only given us the power to manage everything with a click of a button, but it has also made us vulnerable to many threats online.The Covid-19 pandemic has given an unprecedented opportunity to cyber attackers to hack and break down the organizations’ IT infrastructure. The work-from-home working module adopted by the organizations has been attributed to the rise of cyber-attacks. As per IBM's Cost of a Data Breach Report 2020 found that organizations took 207 days to detect a security breach and over 80 percent of the reported cybersecurity threats were phishing attacks.

As per a report, hackers had installed malware into IT company SolarWinds' Orion software and accessed critical data of blue-chip companies, hospitals, universities, and U.S. government agencies.According to the report, at least twenty-four tech giants, including Nvidia, VMware, Cisco, and Intel, fell victim to the malware embedded into the Orion software.In the second half of 2020, when the world was struggling to deal with the coronavirus pandemic, cybercriminals did not even spare Covid-19 vaccine research institutions, targeting seven high-profile establishments from around the world, including one in India.

Time to Protect Your Organization Against Cyber Attacks

Every website on the Internet is somewhat vulnerable to security attacks. The threats range from human errors to sophisticated attacks by coordinated cyber criminals. The growing damages faced due to cyberattacks become necessary to take preventive measures right away. 

•    Generate Cyber Security Awareness: 
•    Implement a Phishing Incident Response Tool 
•    Carry Out periodic VAPT
•    Keep the Systems Updated
•    Implement Multi-Factor Authentication (MFA)

Technologies and business models have emerged in the cybersecurity space as the world embraced a remote work model where there’s no network perimeter and more applications and data are in the cloud than ever before. The funding landscape for cybersecurity startups has gone gangbusters this year, with 14 startups notching valuations in excess of $1 billion through the first four months of 2021 alone.  Secondly,the lack of a network perimeter in this new world accelerated the adoption of SASE (secure access service edge), zero trust and XDR (extended detection and response) to ensure remote users and their data are protected. 

The COVID-19 pandemic has accelerated the journey to zero-trust platforms as virtually the world’s entire workforce was shoved outside a defined network perimeter, forcing organizations to secure end users who are working remotely as well as fix anomalies and configuration issues revealed by the new approach.In light of the recent attack on the colonial pipeline, many countries have come forward to strengthen their network security.

Government of India is one of the largest digital ecosystems and the cyber-security budgets are still paltry. Indian government has increased the expenditure for the Indian digital programme by 23 percent to Rs 3958 crore for the year 2020-21.India’s cybersecurity services industry is projected to grow from $4.3 billion in 2020 to $7.6 billion in 2022.According to the Data Security Council of India, the size of the industry is expected to be $13.6 billion by 2025, with a growth rate of 21%.  This proposal is geared toward helping the cybersecurity ecosystem in India to grow stronger. MeitY has launched the Cyber Surakshit Bharat initiative which was in conjunction with the National e-Governance Division (NeGD). Even though India is faceing a critical cybersecurity risk with a dire need to improve the cybersecurity defences, it is taking small steps in improving the overall cybersecurity infrastructure. 

At the same time Private equity firms continue to eye the sector. Thoma Bravo has helped build many of the world's leading companies in applications, infrastructure and cybersecurity. Today, the private equity software portfolio includes 40+ companies that generate over $16 billions of annual revenue and employ over 50,000 colleagues around the world.

Meanwhile, analysts say Netskope and Menlo Security are among cloud security startups that could launch IPOs. Analysts say a new wave of startups seems to be taking share from industry incumbents. They include Illumio, Cybereason, Exabeam, Darktrace and iBoss.

Microsoft is clearly pitching itself as offering a full security suite, a competitive advantage as customers increasingly want a unified view of threats. Microsoft has disclosed that its cybersecurity revenues top $10 billion annually. Microsoft uses its own cybersecurity platform,  Windows Defender Advanced Threat Protection (ATP), for preventative protection, breach detection, automated investigation and response. With 400,000 customers, Microsoft's computer security franchise is growing at more than 40%, as per the company.

Further, CrowdStrike's initial public offering in June, 2019 raised $612 million, one of the largest cybersecurity offerings. CrowdStrike's rivals include VMware's Carbon Black, Palo Alto, FireEye and startup Cybereason. Private equity firms Blackstone and ClearSky recently invested $400 million in FireEye.

As the Computers are attacking us, software is attacking us. The only way forward is using artificial intelligence. Now the cyber security companies are using AI and ML and a specialized database to detect malware on laptops, mobile phones and other devices that access corporate networks. Machine learning has become a vital technology for cybersecurity.In addition, many software companies are using artificial intelligence to get a competitive edge.

Coronavirus Outbreak Boosted Demand For Cloud Security

Other cybersecurity firms with a sizable government business include Tenable Holdings, Rapid7 and CyberArk. Tenable in February acquired France-based Alsid, which focuses on identity access management.Rapid7 and Qualys specialize in vulnerability management services.

Gartner forecasts that the corporate computer security market will grow more than 10% on average annually through 2024 versus 3% growth for information technology department spending.As remote workers access company data via the internet, many businesses are setting up virtual private networks, or VPNs. Some are buying laptops with preinstalled security software.

However, industries hard hit by the coronavirus pandemic will spend less on security software. They include airlines, hotels, retail and restaurants. However, one view is that mergers and acquisitions will pick up.

Spending on security technologies has evolved as companies shift business workloads to cloud computing service providers. Amazon Web Services, part of Amazon.com is the biggest cloud services firm. Amazon looms as a potential rival as it builds more security tools into its cloud services.

In addition, Microsoft is integrating more security tools into its cloud-based Office 365 software. Microsoft competes with cybersecurity firms such as Proofpoint, Splunk, CrowdStrike, Okta, and startup Netskope. To slow down hackers, more companies are focusing on internal security threats though a strategy known as Zero Trust. The things are getting complicated as the state-sponsored hackers and cybersecurity firms are both using artificial intelligence to get an edge.

Zero Trust cybersecurity models focus on internal threats, such as hackers stealing someone's security credentials. Security firms verify the identity of network users and limit access to applications.
You may think the time is right to move into cybersecurity stocks but the Cybersecurity products are battling with Ransomware, Phishing and the enterprises are fighting with Cybersecurity stocks span a wide-range of products and services. In addition, some security vendors are shifting to software-based subscription business models from selling hardware appliances.

High profile data breach in 2020 and 2021

  •     Facebook users’ phone numbers leaked on hacking forum (Exposed personal data of over 500 million Facebook users)
  •     LinkedIn profiles had been put for sale on a popular hacker forum (Exposed 500 million users)
  •     ParkMobile breach exposes license plate data and mobile numbers of its users (Exposed Mobile Numbers of 21M Users)
  •     Air India cyber-attack(4.5 million customers)
  •     Marriott International (Marriott Data Breach 2020: 5.2 Million Guest Records Were Stolen)
  •    Magellan(More Than 364,000 Individuals Affected)
  •    Twitter( A malicious code was inserted into its app hasimpacted information worldwide)
  •     Garmin( Hackers deployed the ransomware tool and encrypts company’s digital infrastructure, paid $10 million as ransom)
  •     Software AG(It has hit with $23 million ransomware attack)
  •     FireEye and SolarWinds supply chain attack victims(Hackers inserting malicious code into a SolarWinds software update)
  •     Florida Water System( The intruder boosted the level of sodium hydroxidein the water supply to 100 times higher than normal)
  •     Microsoft Exchange Mass Cyber Attack( Causing Rampant Damage to Millions Worldwide)
  •     Airplane Manufacturer Bombardier( Confidential data of customers, suppliers and approx. 130 Bombardier employees has compromised)
  •     Sopra Steria Ransomware Attack( Sopra Steria cyber attack costs to hit €50 million)
  •     Acer(REvil Ransomware Attack cost a ransom of $50 Million)
  •     The US Fuel Pipeline(U.S. fuel pipeline operator Colonial Pipeline has shut its entire network)
  •     Telegram Hijack ( Millions are exposed as a malicious new threat exploits Telegram with dangerous malware)
  •     Mobikwik (10 million users for mobile wallet reported to be on sale on the dark web)
  •     Juspay( 35 million records with masked card data and card fingerprint were breached)
  •     Airtel denies claims that data of 2.5 million users was leaked

Let’s peep throughhow the OEMs are geared to secure industry with their various products and service offerings.

Infoblox’s BloxOne Threat Defense provides simple, ubiquitous protection for on-prem, cloud and hybrid networks from the network core

Measures to be taken for Cyber threats
The rise in remote work, branch offices, and IoT devices has led to the increased adoption of cloud-based applications, services, and infrastructure, and increased the challenge for enterprises. The growth of highly dispersed networks and the increased use of cloud have expanded the need to secure users and data located outside the four walls of headquarters, leaving organizations vulnerable to cyberthreats and highlighting the importance of end-to-end encryption.
In this network environment, organizations looking to protect themselves from cyberthreats need a solution that gives them visibility into their entire network. Without visibility into which devices are connecting to a network and where network traffic is going, network security professionals are working with one hand tied behind their back, forced to react to threats as they arise from unknown vectors instead of proactively managing threats before they cause damage.
BloxOne Threat Defense from Infoblox can provide this kind of visibility and security by enabling large organizations to secure and scale their networks to optimize the infrastructure for a cloud-first world. It provides simple, ubiquitous protection for on-prem, cloud and hybrid networks from the network core. It is a cloud-native, hybrid solution that uses the data generated by DDI to monitor network traffic, proactively identify threats and automatically inform security systems and branch office network managers, addressing security incidents with speed and efficiency in order to better protect data and mitigate the costs of an attack by catching the 90% of all malware that touches DNS to enter or exit the network.

Partner Network
Our channel partners are some of the most important components of our business, and we are proud to have partners on five continents. We are relentless in providing opportunities for our partners to succeed, through investment, enablement, and special incentive opportunities to help them deliver the networks of the future to the entire world.  In today’s cloud-first world, reaching the last mile has never been more important, and so we have stepped up our investments and innovation in our cloud-first BloxOne Platform--which comprises BloxOne DDI and BloxOne Threat Defense--to enable our partners to provide security and networking security services over the cloud, as services. Because the BloxOne platform is cloud-native, it offers cloud-managed deployment, requiring no new infrastructure to implement, and enabling customers to quickly and remotely secure and manage connected devices, whether at HQ, in a worker’s home, or in the middle of the ocean.

 E-Magazine 

Copyright www.mybrandbook.co.in @1999-2021 - All rights reserved.
Reproduction in whole or in part in any form or medium without express written permission of Kalinga Digital Media Pvt. Ltd. is prohibited.
Other Initiatives : www.varindia.com | www.spoindia.org