Startups need to have a robust app security infrastructure to protect user data: Rajesh Maurya, Fortinet

In an interview with CiOL, Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet, analyses the factors impacting cybersecurity among businesses, especially startups. He also recommends essentials that would make their networks more resilient to cyber-attacks.

2020 has been a disruptive year, what were the trends that cybercriminals looked to exploit?

The barriers that existed between logging into work from a corporate office and connecting to the network from home were eroded in 2020. Networks were turned inside out, with the vast majority of workers now accessing critical networked resources and applications from their home offices. This change happened suddenly, which left little time to plan an effective cybersecurity strategy.

Some organizations are still trying to figure out how to effectively scale their enterprise security protections out to their employee’s homes. In the meantime, especially during the second half of 2020, exploits targeting Internet of Things (IoT) devices, such as home entertainment systems, home routers, and connected security devices, were among the top threats we documented. Each of these IoT devices introduces a new network “edge” that needs to be defended. This has put pressure on security teams to figure out how to extend security monitoring and enforcement out to every device.

In the meantime, user-based resources that were once hidden behind a full stack of enterprise-grade security solutions are now protected with little more than an SSL connection in some situations. As a result, we are seeing success by cybercriminals targeting home networks using older exploits aimed at aging connected devices, and then using them as a beachhead from which to launch attacks against the corporate network as well as cloud-based applications and resources.

What factors are impacting Cybersecurity among businesses in India?

To keep pace with emerging threats and new risk exposures, the average enterprise now deploys 47 different security solutions and technologies. All of these separate tools—especially when they have individual management consoles and operate largely in isolation—make it difficult to correlate events and execute a consistent, coordinated response to threats.  And at the same time, security teams have been stretched thinner and thinner, with 65% of organizations saying they lack the skilled staff, especially as tool-specific proficiencies become harder to maintain.

Not to mention, in today’s environment there is a lot more data and far more alerts that SOC analysts must review, in part due to the sudden increase of traffic from outside the network due to remote access. The increase in traffic, and resulting log files, increases the chances of an alert falling through the cracks. Because of the proliferation of advanced attacks, today’s compromises can occur in a matter of seconds, which means that relying on manual human intervention to perform incident response is no longer a viable security strategy.

How adequately are Indian Startups secured to protect their networks and data?

Startups have fewer human and capital resources to spend on security, let alone address other regulation requirements. More specifically security concerns especially surround Application Security and Cloud, which are the most important business development inflection points for this segment. Applications are an increasingly common attack vector and vulnerable code can be exploited as an entryway into networks. These startups need to have a robust application security infrastructure in place designed to protect user data. This should include things like a web application firewall enabled with current threat intelligence to identify and mitigate known and unknown threats, as well as detect and patch vulnerabilities.

Effective digital innovation also makes startups use a lot of cloud computing and storage. Cloud services provide consistent, scalable performance with lower upfront costs. However, the cloud must be secured differently than a traditional network or data center and disparate point solutions often amplify data movement while reducing visibility across these distributed environments. As a result, if data is going to be stored in the cloud, firms must ensure that the same security standards they apply to their own networks are applied in the cloud. In addition to detection and prevention security must also be dynamically adaptable and scalable to ensure that it can grow seamlessly alongside cloud use.

What would you recommend an essential for Startups to become more resilient with respect to cybersecurity?

We often say you can only protect what you can see and I think, in the past, a lot of these attacks were not seen and also there was a lot of persistence and stealth in these attacks. Companies didn’t have the proper inspections or management in place for all of their traffic flow. Visibility is a key, especially these days when most traffic is encrypted. If you put in a regular firewall or other devices that are not capable of that filtration at high speed, you may miss critical threats entering your network.

You need a setup that is capable of decryption and encryption as well as having the proper policies and inspections in place to sort them. Timely information is also important because you need to know the second the attack has happened and be prepared to address it, rather than finding out months after the attack actually happened.

The key to defending against cybercriminals is getting the right model for securing, segmenting and monitoring business-critical applications. With remote working it’s really the time to set up a strong foundation built on Actionable Threat Intelligence and Zero Trust Network Access. This is the new normal we’re heading into and it’s important to have a structured security plan. Finally, when faced with limited budgets and resources instead of not paying enough attention to security startups should look at Managed Security Service Providers as an option.