Palo Alto Networks’ top APAC, India execs on securing local enterprises from cyberattacks

California-based Palo Alto Networks, which is led by former SoftBank Group executive Nikesh Arora, offers enterprises a security platform that can be operated across clouds, networks and mobile devices.

The cybersecurity firm considers India to be one of its fastest-growing markets in terms of revenue, Sean Duca, vice president and chief security officer for Asia-Pacific, had told TechCircle in an earlier interaction. He had said Palo Alto Networks would continue to invest in the still-maturing market, where it conducts a great deal of research and development.

To strengthen its automated cloud capabilities, Palo Alto Networks had last October completed its $173 million acquisition of cloud security firm RedLock -- another company with a significant R&D presence in India.

In a conversation with TechCircle, Simon Green, Palo Alto Networks’ senior vice president for APAC, and Anil Bhasin, regional vice president for India and SAARC, spoke at length about the cybersecurity landscape in India, the RedLock deal, regulations in the country and more.

Edited excerpts:

India’s digital transformation wave has seen an increase in the number of cyberattacks. In light of this, how has the country’s cybersecurity landscape changed?

Green: Philosophically, I would not get into a market unless I’ve had a degree of confidence. Businesses in India are going through a dramatic transformation. If you look at the digitisation of the banking sector within India, it’s creating a greater platform or surface area for potential attacks because we are moving from a traditional paper-based environment to a highly digitised one.

You can easily see some of the advances in the telecom space as well. India, as an example, has leapfrogged other countries on a general communication basis, skipping a generation of technology.

Transformation in banking is the right example here. Whatever you do in scale here is significant and we are seeing how digitisation is leading to dramatic and potential cybersecurity threats. It is certainly creating significant challenges.

My outlook on the Indian market is very bullish. We have widened our investment here relative to other markets in the last two years. The industries that we serve in are consistent in all the markets. Telecommunications, banking and finance, and healthcare are not unfamiliar spaces or markets to us. What is different in India is the scale and the pace at which transformations occur.

As Indian enterprises move to Internet of Things and cloud networks, how has the attack vector changed and can these firm handle these attacks?

Green: Today, crimes are launched from the basement of houses by young people who never appear on the ground. Data is easily traded. We don’t know who those criminals are. But the landscape is changing. The problems manifest differently depending on the size and scale of the sectors but the threats are similar.

Data can be easily converted into money. Banking is a sector where we have built capabilities over time to serve their customers. Over time, banks have become digitised. Their challenge is that they have many networks and have deployed technology but don’t have the appropriate tech as they have complicated networks. Startups, on the other hand, are not complex because they put their database on the cloud and they know that their information is secure. So, complexities and problems manifest differently. But the one thing that is always consistent is that data can easily be converted into money which then becomes the attack point.

How has the RedLock Inc. acquisition benefitted you?

Green: RedLock’s performance last year exceeded forecast by 50%. It provides customers with incredible insights into what’s going on in the public cloud. It gives visibility of what’s occurring on multi-level platforms with 35 engineers based in Bengaluru.

We are doubling our investment and are increasing the capacity of our facility. It helps us to provide customers with cloud security analytics, advanced threat detection, continuous security, and compliance monitoring in a single offering. The company allows security teams to respond faster to the most critical threats by replacing manual investigations with automated, real-time remediation and reports that highlight an organisation's cloud risks.

Bhasin: The three challenges or initiatives that any organisation faces are as follows: first is to secure my enterprise which is the network and the end point. Every organisation in some shape or form is leveraging cloud. Second is to secure my cloud, and third is to secure our future from AI/ML/IoT-based attacks. For us, Redlock is one piece that secures the cloud which is in conjunction with securing the enterprise and securing the future.

Hospitals now store medical records electronically, making them very vulnerable to cyberattacks. Have you witnessed any new cyberattacks in this space lately? How do you address the challenges here?

Green: Healthcare data is always challenging. People can be harmed by misusing their medical records or doctor’s prescriptions. Healthcare is changing because a lot of medical devices are getting connected to networks, so that’s another potential cyberattack point.

The next wave of telecommunications is 5G and if this gets rolled out, then many devices will get connected to the network; therefore, the attack surface grows larger. Healthcare devices will get connected to 5G networks. Doctors will remotely deliver to patients on those 5G networks. I would say the environment is becoming more complex.

We are trying to create a far more open security environment by collaborating and collecting a large amount of data (and to analyse that data using) artificial intelligence and machine learning to deliver insights to help customers secure their enterprise. We are trying to collaborate very aggressively with industries as attackers are equally collaborative and becoming automated everyday.

Typically, technology environments have behaved differently. Many organisations today have different types of security services but none of them are working together and the industry has grown to control intellectual property. We at Palo Alto are trying to change this scenario by collaborating and sharing our services with different organisations, and hence, to prevent cyberattacks.

Bhasin: We are trying to change the entire narrative where security is not a tactical necessity but a strategic enabler to businesses. This will help native companies that store their data on the cloud go to market faster and scale properly.

We are betting away from remediation to prevention. In the good old days, where the philosophy was to buy the best product in every segment, we now want to integrate all devices, so security becomes easier to understand, and we can then automate it. Once you know the challenges, we will let technology to take over. Everything that is complex is being simplified so that people can handle specific instances.

We have also launched a new AI-based security platform called Cortex which can be deployed on a scalable public cloud platform. It allows security operations teams to speed up the analysis of massive data sets. It's enabled by the Cortex Data Lake, where customers can securely and privately store and analyse large amounts of data that is normalised for advanced AI and machine learning to find threats and orchestrate responses quickly.

In automated hacking, software is used to create massive attacks. Similarly, we need to leverage software to prevent those attacks in matter of minutes. We are trying to bring industry on a common framework so that it allows the customer to absorb and consume technology very easily.

India is on steroids where every individual uses at least three to four connected devices either at home or outside. Can people secure themselves in such a scenario? How will that affect your business demand?

Bhasin: It’s all about people, process and technology integration. Palo Alto Networks is trying to stitch the 4Es together which are education, enablement, empowerment and execution.

Green: We are not trying to control anything but to enable and provide insights to customers. We handle the piece of technology which is the business around applications. We allow applications because if we see the visibility, we can deliver insight to manage the security risk associated with it. We understand the risks and then provide insights to people to be able to do business.

Have you ever faced any specific challenges on regulations? Have you had discussions with the Indian government?

Bhasin: I would like to see us as a country where there is transparency in terms of public disclosure so that we can instil confidence with whosoever we serve. In the US, if there’s any kind of breach, it gets reported within real-time and is out in the public. This further boosts confidence. I wish that we could adopt something like this (in India). We want regulatory frameworks to bring societal change. India should accept a public disclosure law. Digital India (should be) secured and policies should be prevention-oriented.