In a digitised world, it is always wise to believe in “prevention is better than cure”. The exposure to technology will bring new levels of cyber threats and hamper the IT systems of companies of all sizes deeply. Evangelising the concept of Zero Trust Security or Software Defined Perimeter is the only solution to cybersecurity, says Sandip Kumar Panda, CEO and Co-founder, InstaSafe, in conversation with Elets News Network (ENN).
Give us an overview of your products and services in India.
Traditionally, every digital organisation uses firewalls to enforce perimeter security. However, this security model is problematic because, when that perimeter is breached, an attacker has relatively easy access to a company’s privileged intranet. As companies adopt mobile and cloud technologies, the perimeter is becoming increasingly difficult to enforce bringing to one of the biggest disruptions since the invention of the firewall. This is where we exist. InstaSafe SecureAccess enables dynamic encrypted application access, in the cloud or on-premises, after authorizing users and their associated devices based on the principles of Zero Trust Security which believes in trusting no one until they are authenticated.
Our second product is SafeHats, a managed bug-bounty platform and an industry first security as a service solution leveraging the power of crowdsourced ethical hackers to keep enterprise applications secure against malicious/ bad intention hackers. It is thus, helping enterprises to connect with hundreds of highly skilled ethical hackers, each with their unique skill set, trying to recreate the same kind of environment to conduct offensive application security testing and reporting their findings through the SafeHats platform.
BFSI sector is increasingly transforming in sync with technology. How significant is cybersecurity in the present circumstances?
With digital transformation happening, every sector is syncing up. Similar is the case for the BFSI sector. BFSI is such a sector where with the increase in adoption and expansion, the security aspect becomes essential. Be it a new technology invented to aid the client service or expansion into a remote or new location, being safe yet connected becomes a necessity because the industry involves such transaction and information exchange.
Tell us about cloud-based security. Why is it vital for financial institutions?
Cloud-based security solutions, in a nutshell, mean traditional security solutions delivered in a scalable and hardware free model via the cloud. Our cloud platform eliminates the need for traditional on-prem security appliances that are difficult to maintain and require compromises between security, cost and user experience. InstaSafe security cloud is a cloud-first; multi-tenant platform deployed across public data centres globally that secure access for users and devices to applications and services, irrespective of their locations.
As innovation in payments rises, enabling the users and the consumers becomes primary and thus security plays a pivotal role in financial institutions which involves handling of an extensive amount of information. Cloud-based security solutions like InstaSafe assist customers in staying ahead of the curve in deployments, faster time to market with a peace of mind.
What are the major challenges that you come across while ensuring security in India?
In India, unlike other countries security aspect of any organisation has always been a reactive approach rather than a proactive one. In my experience of over 20 years in the information security industry, I have seen that cybersecurity funds are being considered as an expense whereas we believe that it should be an investment. With the Srikrishna Committee report on data protection, the new IT policies coming up and the awareness amongst the masses on GDPR and related issues it is evident that cybersecurity is becoming an immediate necessity. Globally, cyber breaches are happening every day and continue to create new records with the recent being the Quora and the Marriott breaches leading to compromise of millions of customers and users data.
It is always said “prevention is better than cure” and investing on cybersecurity is what is needed the most in today’s digitized world.
Would you like to share some of your future plans and innovations?
First, I believe that the future will bring in a continuing stream of new cyber threats that will cut deeply into the IT systems of companies of all sizes. Our business systems are so interconnected that attacks on small to medium-sized businesses can enable the penetration of large enterprises in virtually all of the critical sectors of business and vice versa. In line with that, we plan to make the organisations safe yet securely connected by evangelising the concept of Zero Trust Security or Software Defined Perimeter and making organisations aware that Hacker’s can’t attack what they can’t see.
We also plan to familiarize the concept of bug-bounty platform among the masses in India. Being the industry first in this field in the region, with SafeHats, we plan to evangelise the concept of leveraging the power of crowd-sourced ethical hackers to keep enterprise applications secure against malicious/ bad intention hackers. We want to help enterprises connect with hundreds of highly skilled ethical hackers, each with their unique skill set, trying to recreate the same kind of environment to conduct offensive application security testing and reporting their findings through our platform in lieu of bounty amounts offered.