Increasing tech is decreasing entry barrier for cyber criminals: Forcepoint
Over the past few years, cloud technology has established itself as secure and modern alternate of old on-premise digital infrastructure but this has also increased the vector of cyber-attack and its impact. In an interview with Mohd Ujaley, Surendra Singh, Country Director, Forcepoint shares his views on security in the age of cloud and impact of artificial intelligence and cyber warfare on the physical world. He says, “As we move forward, the number of security breaches in the cloud will vastly increase than what they are today, so cloud providers and enterprises need to be careful about their asset security.”
There is growing adoption of cloud technology, what is your views on security in the cloud?
Technology is reducing the entry barrier for cyber-criminals. The reason why we say it because every organisation is talking about the cloud and most of the CIOs and CISOs feel that once things are in the cloud then their responsibility for security will reduce as the cloud service providers will be using specialist team to secure their assets. But in reality there is flip side to it, if all organisations go to one security provider for their cloud security, though there is a team of specialist to secure the cloud data but security breach can lead to a vast amount of data being stolen in one go. That is why, the cloud providers have to be careful about this.
As we move forward, the number of security breaches in the cloud will vastly increase than what they are today. So the cloud providers should be careful and also the organisations who are depending on the cloud should know this. There are a lot of automation happening with the help of Artificial Intelligence, this will enable organisations in finding out potential breaches quickly. Therefore, it is advisable to firms, if they are creating a new business, they should make security an integral part of their core business architecture.
In recent past, we saw nation states involved in cyber warfare. What impact do you see cybersecurity having on physical security?
You are right, the convergence of cyber and physical are impacting the foreign policies these days. We have seen small intercity cyber warfare happening especially between Russia and US or between US & China. This has a risk of nations getting into full fledge warfare because off late there are attempts to attack on the internal infrastructure of the country. Recent example is Russia that tried to completely crippled power system of Ukraine. Fortunately, Ukraine was able to avert it but any attack on national infrastructure could have a catastrophic impact.
In the cyber world it is very difficult to find the source of attack because attacker can manipulate. For example, ISIS can create a war between two countries just by creating cyberattacks. By creating such attacks the countries will be under the impression that the other country has done it. We have to be careful as these things can be easily manipulated.
And, you know this challenge is compounded by the fact that majority of personal details of the individual are available online with social media sites. Attacker can use combination of demographic details and Artificial Intelligence technology to impersonate.
There are more than 500 active cybersecurity solutions provider in the world, about 42 of them are aggressively working in India, still we see cyberattack, data breach happening regularly, why?
I agree with you, the buck must stop at industry and enterprises. They should take the responsibility. As a security firm our job is to make the life of our customer simple and easier. Today, most of the enterprise are dealing with multiple security vendors but unfortunately, security solutions of all the vendors does not integrate with each other – they do integrate but not fully. The result is customer and their security tool remain unmatched leading to loopholes.
We all have to work to integrate our own products rather than creating plans to secure different organs of the enterprises. Whole idea is more and more companies should merge and integrate their products and therefore give a unified solution to the customer. Companies should merger and integrate their products. Also at the company level, not only the CSO but other key heads should come together and use their mind to ensure robust security of their business, like most of them do for sales and taxation etc.
What kind of impact AI platform will have on cybersecurity?
With AI, more and more information is given in a digital form. And as it gets digitized it is vulnerable to external attack. What we will see is as artificial intelligence becomes mainstream, the security challenges will grow multi-fold and right in the beginning we have to track it and mitigate the issue. What is more important is that we should make security an easy thing to implement, so that customer and security team have more time to understanding the future threats that are coming. They will rather spend more time on analyzing the threats that is coming rather than resolving the one that has already happened.