Depending on the current business and cybersecurity maturity, many companies are following Cybersecurity Chakras model for strengthening their cybersecurity posture. In conversation with Mr Sudhansu M Nayak, Head of Cybersecurity and Cyber Forensics, CMS IT Services, we dive deep in the cybersecurity business.
How are companies strengthening their own cybersecurity?
Many customers try to discover their open attack surfaces and build a balanced Protect-Detect-Respond portfolio, starting with a definitive and involved defensible cybersecurity assessment.
Most of them have realized the importance of signature-less Endpoint Security as a Service for endpoints, Zero Trust Network Access and Comprehensive Integrated Identity and Access for enterprise resources, and VOILA (Visibility, Observability, Incident Response, Low-code integration, and Automation based on analytics) Services are essential for their sustained cybersecurity protection and hence, are buying these services. CERT-In, Reserve Bank of India, National Critical Information Infrastructure Protection Centre (NCIIPC), various ministries like the Ministry of Health and Family Welfare, Ministry of Power, Ministry of Finance, Ministry of Education, Indian Parliament, and many more are trying to build guardrails for protecting confidential business and citizen data and release acts, master directions, and guidelines periodically. Compliance with these norms inspires and influences various companies and enterprises to procure cybersecurity solutions to strengthen their Cybersecurity.
What are your views on cybersecurity laws?
In the Indian context, we see tremendous regulation and focus on 3600 streamlining laws and regulations to protect confidential business and citizen data and building a symbiotic cybersecurity environment. To curb cyber-crimes and create an enabling environment for effective use of cyberspace, our cybersecurity laws, and their drafts are not only going through immense public involvement and scrutiny (at citizens, think-tanks, and enterprise layers), but they are also being deliberated (at legislative, executive, and judiciary layers of government) on approaches to orchestrate a multi-dimensional defense, covering laws and sector-wise cybersecurity reference architectures, building strength then fiction agencies to test supply-chain applications and products, and strengthen cybersecurity education and skilling not only to build a cyber-trained workforce but a cyber-aware citizenry. As more cyber-aware citizens start involving themselves in the process, they become more collaborative and well-rounded in the legal, regulatory, and administrative cybersecurity macro- and micro- environments.
What are the new developments in cybersecurity services technology?
Zero Trust Network Access solutions to manage cyber-phygital risks, Comprehensive Identity and Access solutions to provide identity threat detection, forensics, and response, and security at the Edge cybersecurity mesh solutions covering information technology and industrial control systems are the front-runner emerging technologies in Cybersecurity.
In the Counter Ransomware Initiative on a global level, among four verticals of Network resilience, Countering Illicit Finance, Disruption and other Law Enforcement Efforts, and diplomacy, India is chairing the Network resilience. Multiple protection and incident response solutions to counter ransomware attacks are on the rise. Soon, 5G- and IPv6- compliant security solutions integrating into Security at the Edge cybersecurity mesh solutions will start becoming mainstay. Quantum cryptography, Quantum-secure communications (especially quantum key distribution (QKD)) and quantum machine-learning may render existing encryption protocols obsolete and artificial intelligence immensely enhanced. These technologies will be the tipping point to usher in multifarious cybersecurity complexities and hence, the transformation of communication security, data privacy, and organization resiliency.
What is the geographical graph of your clients from the MSMEs and from the non-metro cities?
Over 300 customers vouch for the capabilities of CMS IT Services. Some of these relationships have lasted more than 40 years. As one of India’s top IT services firms, CMS IT Services have support infrastructure spread across 220 direct support locations, 10 regional centres, 33 branch offices, 25+ spare depots, 18 repair centres, 2 state-of-the-art 250+ seater NOC and SOC (Mumbai and Bangalore), 7000+ support engineers in India.
Can you please explain in detail what a Defensible Cyber Security Framework is and what value it provides to the users?
“The Defensible Cybersecurity Framework responds to transformed cybersecurity requirements in the post COVID19 era, delivering ready capability to rapidly secure client operations. CMS IT has made deep investments in the domain to support enterprises across India keeping in view the need for agility and market-led cost structures.” “The Defensible Cybersecurity Framework includes deep threat intelligence, industry expertise, automation-driven Cybercops, AI, and Analytics. Our approach will allow enterprises to align their cybersecurity program design to business needs by establishing defensible cyberspaces and focus energies towards securing critical information infrastructures”.