The Current Data Security & Analytics Landscape in India

A seasoned cybersecurity professional, Maheswaran boasts of a 23-year-long career during which he has handled critical functions across companies that include Ramco Systems, Apara Enterprise Solutions, Paramount Computer Systems, FORCEPOINT, Titus, HelpSystems, before joining Varonis in 2022.

Siliconindia recently got a chance to interact with Maheswaran Shamugasundaram, Country Manager, Varonis Systems wherein he shared his insights about the current cybersecurity landscape in India, recent trends & techniques, and various other aspects. Below are the excerpts from the exclusive interview.

Share your thoughts on the current Data Security & Analytics landscape in India.

There has been a tremendous shift in the way consumers perceive data security post the Covid pandemic. Earlier, data mostly used to reside within a fixed asset or a perimeter, and organizations were predominantly deploying asset or perimeter-centric solutions. However post the COVID pandemic, digitization efforts of customers have accelerated multifold and they are mandated to make information accessible from Anywhere and Any device, This has increased the attack surface for data breaches significantly.

Cyber-attacks have grown exponentially both in terms of quantity and complexity and criminal groups are conducting organized cyber-crimes through effective collaboration. Also, the geopolitical crisis that exists around us has increased the attack surface for state-sponsored cyber-attacks. Both Government and industry regulatory bodies also have realized the importance of establishing effective data security frameworks for organizations and have started to enforce regulations which are data-centric, the impending Data Protection Bill is a great example of the same.

The proliferation of digital services and connected devices has caused immense growth in data volumes and allowed extensive collaboration of data with individual users and organizations. This along with innovation happening in data computing has created a plethora of opportunities to use data across all industry sectors,

Through efficient data analytics, organizations have realized the potential of using data to make intelligent decisions and fine-tuning business models to explore rapid growth, customer satisfaction, improve efficiency, productivity gains and more. Data Analytics is going through rapid innovation and will continue to be the key factor for organizations to make data-driven decisions.

What are some of the latest technologies that are disrupting the data security space? Explain with use cases.

Cybersecurity has evolved drastically over the last years and the following technologies would play a significant role in enhancing and simplifying data security. Automation technologies through effective AI and ML can help organizations to establish a predictive security framework and contain breaches before it creates a significant impact. Also, Blockchain improves data security by helping enhance the Confidentiality, Integrity and Availability of Data. IoT security would continue to evolve and be embraced by organizations as the number of connected devices keeps increasing and expanding the attack surface for organizations. Furthermore, ‘Zero Trust’ as a strategy will continue the momentum to assure organizations that their critical data access is under the least privilege.

How can businesses ensure the security and privacy of user data on their platforms? What are some of the key aspects that they must keep in mind while selecting for a data security solution?

There are three questions which if answered correctly, enable an organization to have an effective data governance model – What data is important and where is it residing? Are only the right personnel having access to the data? Do they know how the information is being used? Having a clear visibility of where the data is residing will enable the organization to come-up with a lot of meaningful insights. Due to the increased usage of collaborative tools like Teams, Google Meets and Zoom, there is a lot of information sharing that is happening in recent times. This has led to heightened risk of information overexposure, which is a mission-critical factor organization must take care of.

Data security is not an IT or a security initiative, it is a business strategy where all stakeholders within an organization need to take active part in the journey to make data protection programs more effective. Thus, it is very important for organizations to carefully assess the culture that is present within their company before selecting a data security solution.

What is the role of our government in making data security more stringent and secure in the country?

Government and infrastructure across the country have a huge role to play for us to grow as an economy and make cybersecurity more stringent. Even a minor cyber-attack on any government infrastructure or agency will have a massive impact on the country's economy and even lead to a crisis. There have been a lot of positive developments from the government over the last few years concerning Data security (Personal Data Protection Bill, Data Localization, CERT-IN, Sector specific regulations and others).

Also, the government must step in and make appropriate guidelines pertaining to sharing threat intel among business entities and government agencies. Lastly, cross-border collaboration between countries to understand best cybersecurity practices, effective governance and other key aspects will go a long way in successfully fighting the cyber war.

How do you expect the industry to evolve in the days to come?

Cybersecurity is constantly evolving even as we speak, and cyber-attacks are surely going to get more sophisticated, organized and thus, hard to tackle. Intending to efficiently fight cyber threats, businesses across the world now view cybersecurity as a prime aspect of their business strategy and discuss it extensively in all boardroom meetings. Going forward, I expect more cross-border collaboration happening between industry sectors, and government agencies to establish robust cyber defense frameworks,

Also since the demand for cybersecurity professionals is continuing to outpace supply, there will be a significant cybersecurity shortage and I expect government organizations and educational institutions to align together to embed Cybersecurity as a curriculum from grass root level, this will not only create necessary awareness with the young populations but also gives a unique opportunity to grow our economy through the cybersecurity talent pool available in the country.