In recent years, India's digital landscape has rapidly evolved, presenting both opportunities and challenges in cybersecurity. As digitisation becomes ingrained in daily life, identity theft and cybercrime have surged. Organisations are shifting to the cloud, altering security practices, and redefining IT leadership roles.
In an interview with Rohan Vaidya, Regional Director — India & SAARC at CyberArk, we discovered about the key cybersecurity trends and solutions with a focus on privilege access management, AI-threat mitigation, and the future of cybersecurity in India. Edited Excerpts:
What cybersecurity trends are you seeing in India, and how are organisations adapting?
In recent years, India's IT landscape has undergone significant changes, particularly post-Covid. The digital transformation, once a pre-Covid concept, has accelerated, encompassing government services like passport and ticket reservations, as well as private sector innovations, including indigenous technologies. E-commerce, food delivery services like Swiggy and Zomato, ride-sharing apps like Uber and Ola, and digital payment systems like UPI have become integral to daily life.
This digital shift has also led to a rapid adaptation by citizens, especially younger generations, who rely on digital identities for various purposes. However, it has also given rise to cybercrime, including identity theft, ransomware attacks, and social engineering scams.
From a business perspective, enterprises face data breaches, with customer data falling into the wrong hands, often ending up in the grey market for various purposes. Small and medium-sized businesses (SMBs) are vulnerable to ransomware attacks, with hackers seeking instant gratification. Social engineering remains a concern but has limited financial impact and tends to raise awareness.
From a technology standpoint, India's journey to the cloud has accelerated, causing a shift in security practices. Organisations now prioritise business needs over security barriers, and the pandemic further accelerated this shift. The roles and responsibilities of IT leaders are changing, with business leaders driving technology decisions, often based on their engineering backgrounds. This has led to an increased adoption of technologies like SAS analytics for quick business improvements.
In summary, India's IT landscape has evolved rapidly, with digitisation becoming a way of life, presenting both opportunities and challenges, particularly in the realm of cybersecurity and the changing roles of IT leadership.
How does your privilege access management solution help to prevent identity theft?
CyberArk, 23 years ago, introduced the term “privilege identity management” (PIM), now referred to as “privilege access management” (PAM). This concept applies across all IT systems, involving usernames and passwords granting administrator rights. CyberArk secures these credentials in a digital vault, rotating them per policy. This prevents human or machine access, ensuring secure access to target devices.
For broader identity protection, including standard users, we offer solutions like multi-factor authentication (MFA) and single sign-on (SSO). AI and ML-driven monitoring detect unusual activities, adding layers of security. Criminals prefer easy targets, so barriers like these deter them.
CyberArk also offers solutions for customer identity and access management (CIAM), providing secure authentication methods for end customers, and enhancing trust in digital interactions. Trust now resides in digital platforms, not physical locations like traditional banks.
How can customers, end users, and enterprises mitigate AI threats and defend against sophisticated cyber threats created by generative AI?
Generative AI predates ChatGPT, with long-standing use in both hacking and vendor activities. Accessible tools like ChatGPT enable rapid experimentation, shortening the time to market for hackers. The threat landscape remains consistent, but attack frequency has surged, necessitating quicker response times. Security operation centres leverage AI tools for intelligent monitoring. Computing power will be pivotal, and quantum computing is a game-changer due to exponential capabilities for both sides. Grid computing and Bitcoin mining once explored similar concepts of utilising computing power.
ChatGPT made AI more accessible to everyone. Having “cyber sense” is crucial, similar to common sense in everyday life. It helps you make informed decisions and avoid potential threats. Trust your instincts and apply this “cyber sense” in both personal and business contexts to navigate the digital world more effectively.
What is the future of cybersecurity in India with so much digital innovation happening?
India is emerging as a cybersecurity hub akin to its IT and software development success. With a well-educated IT workforce and established outsourcing structures, many companies are relocating their global security centres to India. This trend is driven by resource availability, cost-effectiveness, and quality. Additionally, India's intellectual capital in analytics aligns with the growing importance of AI in cybersecurity. In fact, CyberArk also invested in a shared services centre, which started off with R&D, and then we expanded to other global shared services. We’ve got a centre, which is probably right now at about, say, 250-300 employees out there. Then there is a value that the corporation sees in investing in India, so there are plans to expand those capabilities.