Nearly, 22 percent of the cyberattacks which took place in the country last year were aimed at the banking sector. On top of it, these attacks are becoming increasingly complex. To address these challenges, technology leaders need military-grade cybersecurity solutions such as Endpoint Detection and Response (EDR) to detect the most advanced attacks, says Rakesh Kharwal, Managing Director – India/South Asia & ASEAN, Cyberbit in conversation with Anupama Suresh Mehra of Elets News Network (ENN).
How cybersecurity plays a vital role in the banking sector?
The banking sector comes across as a soft target for hackers because of the treasure trove of cash and consumer data that it inherently has. Here, cybersecurity plays a critical role. A data breach can have wide-ranging repercussions on the industry player as well as the broader market. They can be financial losses, regulatory consequences, reputational damage, and general mistrust. These factors have spurred technology leaders from the banking sector to innovate in the field of cybersecurity. But the challenges are not easy at all, the banking sector is adopting new technologies at a very fast rate to generate incremental revenues and give their customers a seamless experience.
However, its approach needs to be comprehensive and farsighted since cyberattacks have multi-layered dynamics and are growing more sophisticated with every day that passes. Further, the new users that are riding onto the digital bandwagon are not well-versed with the threats that they are vulnerable to, making it the responsibility of the banking players to shield their customers from them.
The Indian banking sector has already started bearing the brunt as nearly 22 percent of the cyberattacks which took place in the country last year were aimed at the banking sector. On top of it, these attacks are becoming increasingly complex. To address these challenges, technology leaders need military-grade cybersecurity solutions such as Endpoint Detection and Response (EDR) to detect the most advanced attacks as well as there is a need of strong team of skilled cybersecurity professionals who have hands-on skills to counter such attacks.
What are the major technologies Cyberbit is working on?
Cyberbit provides military-grade cybersecurity solutions including behavioral-analysis-driven ‘Endpoint Detection and Response (EDR)’, ‘Security Automation, Orchestration, and Response (SOAR)’, ‘ICS/SCADA Security (OT Security)’, and world’s leading ‘Cyber Range’ platform for simulated cybersecurity training. Here is a small brief of each one of our products and their use cases:
- Several recent cyberattacks have indicated how easy it can be for evasive attacks to bypass firewalls and anti-malware systems. We have developed our EDR solution with Artificial Intelligence or, to be more specific, its subset Machine Learning to detect attacks that can evade conventional systems. This approach is further refined using behavioral analytics to detect anomalies and hence, any potential threat. An EDR solution has become a necessity for enterprises, especially financial institutes, and government organisations, as threat groups utilise advanced tactics to infiltrate their infrastructure and, consequently, their data.
- We have a platform called SOC 3D, which is the first Security Automation and Orchestration (SOAR) platform that brings a unique confluence of automation, orchestration, and big-data-powered analysis into a single and all-inclusive incident response platform. It triples SOC efficiency and provides unprecedented visibility while also reducing the time-to-respond by 90 percent.
- Cyberbit’s ICS/SCADA Security, on the other hand, addresses the gradual convergence of Information Technology (IT), Operational Technology (OT), and Internet of Things (IoT) networks. It eliminates end-to-end security risks associated with the networks of Industrial Control Systems (ICS) – such as electric grids, transportation systems, manufacturing lines, power plants, etc. – where a cyberattack can put lives at peril and cause environmental damage.
- Cyberbit Range trains cybersecurity professionals in a hyper-realistic simulation environment with SOC-like (Security Operations Center) setting. This effectively amplifies the cybersecurity team’s skills and brings visible improvement in terms of teamwork. Our Cyber Range solution also helps organisations to reduce onboarding time for fresh talents and can further be leveraged by educational institutes to train their students in a real-life atmosphere during their academic journey.
Since India is aggressively digitising, our vision is to eliminate all emerging cybersecurity challenges so that they do not become a roadblock in this development. We have also envisioned to create India as a global hub for cybersecurity training.
You have been a part of IBM. How challenging or exciting it is to be related to Cyberbit now?
I have been around different types of technologies that you have been witnessing over the years. I have been part of this journey and I have worked for both large organisation as well as small firms. What I truly interesting in both of these environments is that there is a huge demand for embryonic technologies. Since the development is happening at both large-scale and small-scale, it is not the current size that really matters. What essentially matters is the vision, the market approach, and the scalability of a product or a service. So, the excitement is always there.
Technically, I have been working within the industry for the past 16 years and I’ve worked with IBM only for the past two years. I have finally focused on the product so that for every challenge that we face in the cybersecurity domain, there are products and solutions that effectively address them. The majority of times, there are client-based problems but if you truly understand the cybersecurity industry, you know that the industry comprises several components aligned together including the technologies, people, and processes.
Most of the sophisticated attacks always have a hint of social engineering. Social engineering is nothing but people compromising people. Somebody not protecting the password, somebody accidentally giving away the passwords, intentionally giving the passwords, and so on.
So, people have come across as the weakest link, the biggest challenge I had with cybersecurity products all my life and, largely, nobody does anything to drive people’s awareness. At larger enterprises like IBM, driving fundamental changes is a quite complicated process.
However, at relatively smaller yet highly scalable platforms like Cyberbit, you can easily drive such changes and unlock the true potential of products and services. To find out the most effective path, however, is what is both challenging and exciting for me personally.
How Endpoint Detection and Response (EDR) can prevent cyberattacks in the BFSI sector?
In its 2019 Data Breach Investigation Report, Verizon stated that 10 percent of the overall breaches were aimed at the Financial Institutions (FIs). One must note that this is despite the fact that it is relatively easier to compromise a personal device or even a private organisation vis-à-vis an FI. Endpoint security solutions, previously, largely meant an ensemble of antivirus and anti-malware software as well as firewalls that prevented the attack at the network level.
Lately, the attacks have evolved to become more sophisticated. Solutions such as EDR incorporate capabilities such as real-time monitoring, behavioral analytics, machine learning, and make room for intensely precise recognition and remediation while keeping false alarms at a bare minimum.
This approach enables the novel solutions to detect even the slightest of an anomaly within the network or in a user’s behavior. Hence, EDR solution has emerged as an imperative for enterprises, especially for financial institutes and government organisations, as threat groups utilise advanced tactics to infiltrate their infrastructure and, subsequently, their data.