Cyber security spending in APAC will be $90 billion by 2026, IT Security News, ET CISO
While there is little doubt that enterprises are getting the benefits of digital transformation today, there is a flipside to it as well. They are now facing the daunting challenge of safeguarding their organizations against sophisticated cyber attacks, which are increasing. Threat landscape is dynamic with new threat vectors coming in all the time. In a conversation with ETCISO, Steve Stavridis, Sales Leader APAC, OpenText Cybersecurity, sheds light on the prevailing cybersecurity trends in the industry, the key challenges and the utilization of new technologies such as AI ML to prevent and mitigate threats.
How does the threat landscape look today?
The threat landscape is evolving across industries and continues to become more sophisticated, with threats increasing in frequency and duration. In fact, at our organization OpenText, we have a threat intelligence platform where we gather and collect humongous amounts of data from millions of sensors. We apply machine learning and artificial intelligence to that database and we’re able to ascertain the number of threats, the number of phishing attempts, malware that is out there in the threat landscape.
Let me present some interesting statistics from our threat report that we publish twice a year and which you can access online. It is called OpenText Global Intelligence Threat Report. As per the report, from the year 2023, we have seen an increase in a couple of areas, firstly a five times increase in phishing from the previous year. Secondly, in terms of malware, we noticed that of the malware that we detected, 84% was unique, which we call polymorphic malware. These factors demonstrate the increase in frequency and sophistication and the growing number of threats that we’re seeing.
What kind of a threat gathering ecosystem you have?
The Threat Intelligence Platform, which is a cloud database, collects data from endpoints, networks, etc. We apply AI ML to the data to determine if the file is clean and not malware infected.
What the three major threat challenges confronting organizations today?
The top three challenges that we’re seeing are first: people. A lot of organizations invest in infrastructure, but there’s a significant amount of investment needed in people. How do we educate and empower people to become more aware of the evolving threat landscape: that is important.
The second area is the evolving nature of threats. There is an increasing amount of malware and phishing, with multi-vectors targeting information for credentials, information, and data. So, how do we keep pace with the threats? How do we block those threats and how do we recover from those threats? Those are some of the major challenges.
The third challenging area, in particular in the local Indian market, is the increase in government regulation. A number of government regulations, for example, the GDPR in Europe, the information privacy principle in Australia and the DPDP regulation in India require businesses to be compliant. How do we work with our partners and help customers to ensure compliance with the local regulations?
What should be the basic ingredients of a robust cyber resilience policy for organizations?
It would start with education. Cyber resilience equals prevention and recovery and there isn’t a single solution for robust security. It would have to be in multiple layers. I always like to use an analogy: if we want to protect a room, we wouldn’t just lock the door, we’d have some security cameras, maybe some red switches on the doors, secure the door, and perhaps have a guard dog at the front as well. So if we take that into consideration, we would have to be thinking in layers and talk about prevention, protection, detection, response, and recovery.
How do the-not-so-big organizations take care of their cybersecurity?
Only the top 25 of the enterprises can tackle cybersecurity on their own. The Top 25 may have the talent and investment capabilities to do that, the rest will not have the capabilities to do that. For the others, who do not have the in-house capabilities, we are trying to put together the best of breed products from multiple players and offer it as a single platform for a customer. The rest of them need a lot of help in terms of evaluating which are the best players.
We are helping our customers by giving them a platform approach. We have the local knowledge and capabilities which make the service beneficial. As a software provider, we have a platform called SecureCloud, which enables our partners to deal with the management and licensing of the various security solutions for endpoint, web, and email. Technology partners like Technopoint help us provide the right security solution.
What is your understanding of the Indian cybersecurity market?
We work with industry analysts like Canalyst to understand the market. One of them published a report, according to which, the cyber security spending in Asia Pacific will be $90 billion by the year 2026, at a growth rate of about 12%. The cyber security spend in India is $6 billion. This means managed services growth is significant. There is enormous opportunity for our channel partners to work with customers to provide data protection services. Around, 300 million MSMEs in India are digitizing their assets. They’re putting data from paper-based to digital-based assets. So in that transition, they’ll need that data to be stored somewhere and will need it to be secured. There is a big potential in the Indian market and the demand is growing.
There’s a lot of focus to help the customers and partners address the demand which is there in the market. Growth-wise, we started off in 2017 and now we’re three times. We’re growing at 28-29% as of the last quarter discussions. And we’re also introducing new technologies and venturing into new domains of security. For example, we just got into API security, which is becoming prominent these days.