BFSI sector faces new advanced, targeted attacks which can bypass traditional security systems: Adi Dar, CEO of Cyberbit

How has been the journey of Cyberbit in India so far; what are the opportunities in the market?
Cyberbit offers a portfolio of four products in India: a cyber range for cybersecurity simulation and training; SOAR (Security Orchestration, Automation and Response), to automate and streamline security operations; EDR (Endpoint Detection and Response), to detect advanced attacks that bypass conventional systems, and ICS/SCADA security for critical infrastructure networks. Within a short time from entering the market, Cyberbit was able to generate substantial traction for all four products. The high level of technology expertise in India, the awareness on security issues and the openness to innovation have all contributed to our rapid growth. Ofcourse, none of this growth would have been possible if we hadn’t built a wonderful regional team.

Our main focus in 2018 was the financial sector and this is projected to grow in the coming year. What makes our offering appealing to the BFSI sector is our unique capability to provide products entirely on-premise, without sending sensitive data to the cloud. Unlike our competitors, our products can function in an entirely air-gapped infrastructure without any impact on our detection and analysis capabilities. This gives us a clear edge over other vendors because many customers, especially in the BFSI sector, are not willing to migrate to the cloud.

We are being approached by a significant amount of system integrators who are interested in partnering for large-scale projects, through implementation of our entire cybersecurity stack. This interest and activity with system integrators will lead to great success for both the channel and Cyberbit. We are also excited to be working with some of the biggest manufacturers in India to protect their factories and production lines from cyber sabotage and other malfunctions.

Since the Reserve Bank of India came up with its Cyber Security Framework for banks, there’s been a steady surge in the demand for cyber security solutions and services in the domestic market. Do you plan to capitalise on this opportunity?
India is a huge and an important market for us, presenting plenty of opportunities. The recent RBI regulation is the right and comprehensive one for the banking industry. When we saw the first draft in May 2017, we knew that we can truly help BFSI organisations comply with it and become dominant players in this market. I believe that the scale of the Indian market is worth investing in, as much as the scale of the US market for us.

With the Indian government’s emphasis on digital banking, more and more banks are offering digital banking services today, but it is to be seen that how adequate and well equipped is the banks’ cybersecurity mechanism.

Two of India’s private banks – City Union Bank and Cosmos Cooperative Bank – were victims of cyber attacks this year. The new risks in the BFSI sector involve advanced and targeted attacks which can easily bypass traditional security systems like firewalls and antivirus systems. The new cyber attacks are designed by sophisticated attackers and do not have a file signature that antivirus systems can detect. The attacks are often file-less, meaning that they operate entirely in system memory with no files to analyse, making them impossible to get detected by conventional systems. This is where solutions such like our EDR come in handy. These solutions do not rely on signatures but on AI, machine learning and behavioural analysis. Therefore, they can detect these file-less and signature-less threats that bypass traditional systems. Perhaps, if one of the attacked banks had an EDR solution in place, this attack could have been eliminated.

Cyberbit’s products can help organisations comply with RBI in many ways. For example, RBI requires a Cyber Crisis Management System, preparedness for zero-day attacks, asset management, forensics and deep packet inspection, analytics and dashboards, and advanced SOC capabilities. We are operating in several markets with strict regulations and are experienced in supporting these requirements. We have published a whitepaper to help organisations in India align with RBI regulations.

In terms of customer acquisition, can you share some of the recent project wins?
We have many customers in India including one of the top banks which uses Cyberbit’s EDR solution and a global consulting firm using Cyberbit SOC 3D for its SOC. QoS Technology provides cybersecurity training and simulation powered by the Cyberbit Range. AforeCyberSec Technology is licensed to offer our SOC 3D SOC Orchestration Automation and Response (SOAR) platform. We have multiple international clients like Samsung, HPE, and Miami Dade College. Many of the top financial institutions in Israel and multiple global customers use our Cyber Range, SOC Orchestration and EDR solutions.

Why is the current state of cybersecurity not mature enough to prevent and respond to attacks in a timely manner?
The answer is three pronged – people, procedures and products. Cybersecurity is only as good as the humans who are responsible to respond to alerts and threats. The cybersecurity skill gap is already bad and is expected to get worse. Time and again customers tell us how hard it is to hire and retain proficient professionals for their SOCs. This is driving a lot of interest in our Cyberbit Range training and simulation platform.

In terms of procedures, the old way of doing things is no longer sustainable. New automation and orchestration technologies are essential to automate and streamline the response to threats. Without these new SOAR technologies, security products will generate thousands of alerts, but the teams will be so inundated with risks and overlooking the most serious threat and not responding in time.

There is no shortage of new cybersecurity products coming to the market. It seems as if every week a new cyber start-up is founded, but this creates a new problem – vendor and product overload. The leaders responsible for their organisation’s cybersecurity are faced with hundreds of disparate solutions from dozens of vendors and are expected to evaluate all of them and then piece together the best combination of tools. They have no good way to be sure that the products they choose will work well together to provide seamless, end-to-end protection. Besides, they need to find and train people who know how to use a dozen of different tools. That is why many enterprises prefer vendors like Cyberbit who can provide a suite of solutions that work together holistically to protect the entire organisation in the most efficient manner.

How does Cyberbit ensure to drive better conversations with CIOs and CISOs?
We ensure that primarily by providing cutting-edge products with current and future industry needs and pains, making our entire portfolio attractive to CISOs and CIOs, with whom our partners are aiming to engage with. The shortage of skilled cybersecurity staff, increasing need for training, and the complexity and volumes of alerts increase the demand for our Cyber Range and SOC orchestration products. The increase in financial attacks have placed EDR and SOC orchestration on the budgetary priority of financial and other large enterprise CISOs. Finally, the increasing threat on critical infrastructure is driving a high demand for ICS/SCADA security.

Plese tell us about Cyberbit’s core business focus areas in India.
We mainly provide our cybersecurity services to the financial services, IT/ITES, transportation, utility services, electricity, airport and educational organisations. Our India office is located in Bengaluru, with additional presence in Mumbai and Delhi. Currently, we have 15 employees in our sales and marketing team in India, and we are planning to increase this number to 20 in the coming months. We participate in local events, exhibitions and conferences to promote our products.