The 10 Most Trusted Cyber Threat Solution Providers by Insights Success Media

â&#x201E;¢ www.insightssuccess.in April 2018 The

Most Trusted

CYBER THREAT SOLUTION PROVIDERS

SECURING PERSONAL DATA Ensuring Data Privacy through Personal Data Protection Solutions

COMPANY OF THE MONTH

CyberTalk Controlling the Massive Expansion of Global Cybercrime Damage

Anil Raj Founder & Director Cybervault Securities Solutions Pvt. Ltd.

Rajneesh Gupta CEO

TESSERACT GLOBAL Bringing the most experienced resources to assess your systems and to increase the security posture.

Editorial

yber threat intelligence paints a bigger picture for the key decision makers and places security operators ahead of the cyber attackers. As the technology ecosystem continues to deliver a stream of disruptive innovations that creates positive implications for both organizations and individuals, the cyber criminal is relentlessly discovering new techniques for attacking anything, ranging from medical devices to motor vehicles that can be connected to the internet. Even when an organization possesses security data that could be used to inform decision makers, information is often spread across the business in such a way that establishing a single, business-centric view of the organization's unique threat landscape appears out of reach. Basically, Cyber Threat Intelligence is an advanced process that enables the organization to gather valuable insights based on the analysis of contextual and situational risks that can be tailored to the organizations' speciﬁc landscape, its industry and market.

The Evolving Involvement of Organizations to Sharpen Cyber Threat Security

Even when an organization possesses security data that could be used to inform decision makers, information is often spread across the business in such a way that establishing a single, business-centric view of the organization’s unique threat landscape appears out of reach. Today’s cyber threat incidents often leave behind a broad swath of operational, reputational and ﬁnancial damages. Consequently, many boards of directors have begun to address cyber security as a serious risk oversight issue that has strategic, cross-functional, legal and ﬁnancial implications. Numerous forward-thinking companies are already shifting away from traditional perimeter in favor of cloud-enabled cyber security based on realtime analysis of data and user-behavior patterns. Thinking ahead can help organizations stimulate discussion, explore possible scenarios and develop a strategy for cyber resilience. Doing so will help businesses build a forwardlooking cyber security program that is based on the right balance of technologies, processes and people’s skills—all supplemented with an ample measure of innovation. With these components in place, organizations are likely to be better prepared for the future of cyber security.

Shweta Priyadarshini Shweta Priyadarshini

™

Editor-in-Chief Pooja M. Bansal Senior Editor Shraddha Deshpande Managing Editor Rajarshi Chatterjee Executive Editor Shweta Priyadarshini Contributors Bhavithiran Murugan Rahul Niraj Art & Design Director Amol Kamble Co-designer Savita Pandav Picture Editor Alex Noel Art Editor Mayur Koli Visualiser Sapana Shinde Business Development Manager Akansha Garewal Marketing Manager Dhruv Apte Business Development Executives Rutuja, Shraddha, Joan Research Analyst David Circulation Manager Vivek Database Management Prashant Chevale Technology Consultant Swapnil Patil sales@insightssuccess.com

April, 2018 Corporate Ofces: Insights Success Media and Technology Pvt. Ltd. Off. No. 513 & 510, 5th Flr., Rainbow Plaza, Shivar Chowk, Pimple Saudagar, Pune, Maharashtra 411017 Phone - India: 020- 7410079881/ 82/ 83/ 84/ 85 Email: info@insightssuccess.in For Subscription: www.insightssuccess.in

Insights Success Media Tech LLC 555 Metro Place North, Suite 100, Dublin, OH 43017, United States Phone - (614)-602-1754 Email: info@insightssuccess.com For Subscription: www.insightssuccess.com

Cover Price : RS. 150/Follow us on :

www.facebook.com/insightssuccess/

https://twitter.com/insightssuccess

We are also available on : Copyright © 2018 Insights Success, All rights reserved. The content and images used in this magazine should not be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission from Insights Success. Reprint rights remain solely with Insights Success. Printed and Published by Insights Success Media and Technology Pvt. Ltd.

CON TENTS

Cover Story

Company Of The Month

Cybervault A Leading Provider of IT Security Training and Services to Corporations

Interview With Insights Success

CyberArk:

Leading the Market in Securing Enterprises Against Cyber Attacks

Interview With Insights Success

Tesseract Global: A Trailblazer of Cyber Security Vertical

NetConclave Systems :

Providing Information Security Consultancy & Training Services Across the Globe

Necurity Solutions:

Swiftly Executing Variety of Domains with Safety as Main Moto

PROFILE

IFF Lab:

Reinforcing Cyber Security by Predicting and Mitigating Cyber Threats

36 42

OAASA Technologys: Providing Advanced IT Solutions to Safeguard the Businesses

Sytech Labs:

Leading IT Security Firm Providing Cyber Solutions and Training

ARTICLE

Securing Personal Data Ensuring Data Privacy through Personal Data Protection Solutions

Cyber Talk

Organizationâ&#x20AC;&#x2122;s Essential Deliberations in Managing the Risks to Cyber-world

THE

10 MOST TRUSTED SOLUTION PROVIDERS

Securing the Digital World from Cyber Threat

ith the rapid technological developments, our life is becoming more digitalized. Be it business, education, shopping or banking transactions everything is on the cyber space. There are some threats posed by this incredible rise in digitization which is creating a new set of global concern called as cybercrime. Since security has technology, organizational, and critical infrastructure elements, senior management awareness and commitment is required to develop a control environment that balances the costs and beneﬁts of security controls, keeping in mind the level of risk faced by the organization.

Insights Success Magazine, we have The 10 Most Trusted Cyber Threat Solution Providers, in order to assist businesses to choose their right Cyber Threat Solution Providers. Assessing the scenario in versatile perceptions our magazine has brought into light the companies, who have flaunted some excellent Cyber Threat Solution Providers. This examined list will lessen the search of organizations to have perfect availability of cyber threat solution providers for them. In this issue, we have specially featured Tesseract Global as cover story. Tesseract Global is a renowned cyber security solution provider, delivering defensive & offensive security capabilities to diverse businesses. Apart from this, we have chosen Cybervault Securities Solution Pvt.Ltd as Company of the Month, Cybervault is the leading provider of IT Security Training and Services to all level of corporations and is an authorized training center for EC-Council Certifications, which is an International certification body in the field of Cyber security globally present in 142 countries. We also have IFF Lab that provides digital and cyber forensic solutions and leverage the right blend of technology and proficiency to provide a host of solutions across multiple verticals. Necurity Solutions provides distinct cyber security solutions through vulnerability assessments, various penetrations testing, and network audits for the organizations. Sytech Labs Pvt Ltd which is one of the leading IT Security Firms in India, that is known for providing business solutions to their clients in terms of training, systems integration, consulting, outsourcing, application development, and networking. OAASA Technologys is a web-based control, robotic engineering and cyber security based company, providing cutting edge advances in robotic engineering, technology, securities and IT education & training. We have also encompassed FLUXONIX Corporation Pvt. Ltd. is a parent holding company of FLUXONIX Group and has wide spectrum of clientele from various domains, we have proved our knowledge and skills time and again to meet the challenging standards. Skynet Secure Solutions that is a leading institute for trainings on Ethical Hacking, python programming, cloud computing, penetration testing, Cyber crime Investigations. Meta Infotech is a comprehensive solution provider offering inventive solutions for the corporate world. Paladion that is a robust managed security service provider, with over a decade of experience, and dedicated to harnessing the latest in technology to deliver our Partners excellence in business capabilities. Also, we have Interview with Insights Success with CyberArk delivering a n.ew category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done and NetConclave Systems which is an information security firm providing cyber security services and consultancies like Web Application, Mobile Penetration testing, Compliance Audits such as ISO:27000:2013 along with customized tailor made courses to clients as per their requirements, Digital Forensics & Cyber Crime Investigations. Also, we have included articles of Controlling the Massive Expansion of Global Cybercrime Damage, written by Rex Aantonny, Founder of Rex Cyber Solution Our in-house editors have come up with some adroitly written articles such as Organization's Essential Deliberations in Managing the Risks to Cyber-world. So, flip through our magazine and explore interesting insights into the world of Cyber Threat Solution Providers.

THE

Cover Story

10 MOST TRUSTED SOLUTION PROVIDERS

TESSERACT GLOBAL Bringing the most experienced resources to assess the defence and to increase the security posture.

â&#x20AC;&#x2DC;

inty a t r e c n u f End o lobal G t c a r e s with Tes y force Securit

Rajneesh Gupta CEO

ven with growing investment, sophisticated & advance threats still manage to bypass existing security solutions. Attackers resides within a network an average of 6 months before they are even detected. Organizations are deploying most advance security systems to defend their most critical assets from cyber criminals and skilled adversaries. Tesseract Global is an innovative cyber security provider, delivering defensive & offensive security capabilities to security team of financial institutions and critical infrastructure with highly curated programs to be a step ahead of emerging threats. Mumbai headquartered Tesseract Global provides third-party security assessment and training offerings from leading industry experts having complete grip over emerging cyber threats to improve enterprise security posture. A Creative and a Keynote Speaker Leading the Organization

ASECURITY

full-stack

ASSESSMENT PROGRAM WITH OUR UNIQUE METHOD OF DISCOVERY, SIMULATION

& DETECTION EXPERTISE TO REMOVE

SECURITY

BLIND SPOTS

Rajneesh Gupta is a Security innovator, an author, entrepreneur, keynote speaker & CEO of Tesseract Global. He believes in staying a step ahead of adversaries with emerging technologies. He is also a Chief Security Advisor to Probenet Solutions based in Texas. Prior to his role as CEO of Tesseract Global, Rajneesh was the senior security consultant at HP, responsible to deliver managed security services to premium accounts. Rajneesh has accomplished degree in

Electronics and telecommunication from Mumbai University and also completed international business management program from London School of Business & Finance. Rajneesh’s role is to innovate and develop a Security framework & working on future security roadmap. This helps to create value to customers, deliver with in-depth focus on excellence, by a team of highly passionate security practitioners and data scientists. Rajneesh is a recognized expert in the ﬁeld of e-governance, IoT

Security, Blockchain, Threat Intelligence and Risk Management with his appearances in various renowned media publications including DNA, CIO Review, International Achievers Conference etc. Rajneesh is a passionate traveller & dedicated devotee of nature. How Tesseract Global help • Program Development Regardless of whether you are building ability or developing your group’s current capacities, Tesseract Global give a proficient, yet extensive way to deal with specialized security evaluation program advancement. Tesseract Global staff brings knowledge from finance, human services, and the insight group programs. Utilizing lessons learned over these different groups, they will tailor their way to deal with client program standup or development needs. Save months of trial and error by streamlining clients approach to building a sophisticated internal assessment capability. • Independent Assessments Tesseract Global provide an outsider enemy centered viewpoint into client’s venture surroundings. Utilizing knowledge worked from years of experience and appraisals of several client situations, their administrators utilize Tesseract Global’s comprehension of bleeding edge Tactics, Techniques, and Procedures (TTPs) to evaluate and enhance security act. • Threat Modelling At Tesseract Global, we never prefer to jump into fixing up the vulnerability until we are not sure about organization defence weapons deeply. It is important to under when it comes to security its nothing fits to all and hence, every new task involve knowing existing IT infrastructure including workstation,

“

P rlox expose e attackers who even got e compromised valid key

so that the problem can be fixed before a real attacker can exploit your weaknesses and steal sensitive data. • Network Layer Testing includes network scanning, system fingerprinting, service probing, known exploit checks, port scanning, manual and automated vulnerability verification, IDS and IPS checks and many more. • Application Layer Testing involves Injections (SQL, OS, LDAP), Cross site scripting (XSS), Broken authentication and session management, Cross site request forgery and many more Uniqueness of Tesseract Global • Industry Experts

mobile devices, website, API etc. Our team focus on fixing the most important problems and understand the potential attack scenarios for the network. Our specialized security team also first identify forgotten over overlooked areas and improve focus by using realistic threats. • Training Offerings Blue Team regularly battle to keep pace with innovation changes and enemies’ assurance to sidestep the most recent controls. Tesseract Global is focused on keeping current in the enemy’s Tactics, Techniques and Procedures (TTPs), and cantering how to both mimic and distinguish their exercises. They share operational information and lessons learned in the field with client group to sharpen their ranges of abilities, their effectiveness, and at last better secure client business. Pen testing Services • With the insight technical review of your IT environment, our experts penetration testers take on the role of a hacker and deploy aggressive and up to dates testing procedures. As deliverables, organization receives a straightforward report of the vulnerabilities, exposures, risk and recommendations,

The Tesseract Global team consists of experienced experts, who bring years of breach assessment (hunt) and red team experience in finance, IT, Government, Human Services industries. • Transparency They make sure that their customers understand the fundamentals of the services which they provide, so you can fortify client’s security pose. In addition, they share their knowledge through training and presentations to benefit their customer. • Technology Tesseract Global use their proprietary tools to access infrastructure assets with best in bread platform to demonstrate and validate the efficiency with its client. Awards, Achievements, Recognitions Rajneesh has been recognized as 2017 CIO Review Top 20 Cyber Security Executives, 2017 International achievers in Cyber Security and Cyber Intelligence. Tesseract Global has been awarded with Top 30 Most promising enterprise security award in the year 2017. It has also been bestowed as Winner of International achievers in cyber security and cyber intelligence in the year 2017, Bangkok by IAC and Member of National Cyber Security Alliance, United States.

Read it First

Subscribe today Yes I would like to subscribe to Insights Success Magazine.

Global Subscription 1 Year.......... (12 Issues) .... Rs. 2500

6 Months ..... (06 Issues) .... Rs. 1300

3 Months .... (03 Issues) ....

1 Month ...... (01 Issue) .....

Rs. 700

Rs. 250

Date :

Name : Address :

Telephone : Email :

City :

State :

Zip :

Country :

Cheque should be drawn in favour of : INSIGHTS SUCCESS MEDIA AND TECH PVT. LTD.

CORPORATE OFFICE â&#x201E;¢

Insights Success Media and Technology Pvt. Ltd. Off No. 513 & 510, 5th Flr, Rainbow Plaza, Shivar Chowk, Pimple Saudagar, Pune, Maharashtra 411017. Phone - India: 020- 7410079881/ 82/ 83/ 84/ 85 USA: 302-319-9947 Email: info@insightssuccess.in For Subcription: www.insightssuccess.in

THE

10 MOST TRUSTED SOLUTION PROVIDERS

Company Name

Management

Brief

Cybervault Securities Solution Pvt.Ltd cybervaultsec.com

Anil Raj Founder& Director

Cybervault is the leading provider of IT Security Training and Services to all level of corporations and is an authorized training center for ECCouncil Certifications, which is an International certification body in the field of Cyber security globally present in 142 countries.

FLUXONIX Corporation Pvt. Ltd. ﬂuxonix.com

Anshul Abhang Managing Director

Fluxonix is a parent holding company of FLUXONIX Group and has wide spectrum of clientele from various domains, we have proved our knowledge and skills time and again to meet the challenging standards.

IFF Lab iﬄab.org

Ganesan Kaliyan Director

IFF Lab provides digital and cyber forensic solutions and leverage the right blend of technology and proﬁciency to provide a host of solutions across multiple verticals.

Meta Infotech Pvt.Ltd. metainfotech.com

BHASKAR PERURI Co-founder & Director

Meta Infotech is a comprehensive solution provider oﬀering inventive solutions for the corporate world.

Necurity Solutions necurity.com

Ishwar Prasad.S CEO & Founder

Necurity Solutions provides distinct cyber security solutions through vulnerability assessments, various penetrations testing, and network audits for the organizations.

OAASA Technologys oaasa.com

S. Bhattacharya CEO

OAASA Technologys is a web-based control, robotic engineering and cyber security based company, providing cutting edge advances in robotic engineering, technology, securities and IT education & training.

Paladion paladion.net

Sunil Gupta COO

Paladion that is a robust managed security service provider, with over a decade of experience, and dedicated to harnessing the latest in technology to deliver our Partners excellence in business capabilities.

Skynet Secure Solutions skynetsecure.com

Sachin Dedhia Founder & CEO

Skynet Secure Solutions is a leading institute for trainings on Ethical Hacking, python programming, cloud computing, penetration testing, Cyber crime Investigations.

Sytech Labs Pvt Ltd sytechlabs.com

Sandeep Mudalkar Founder & CEO

Sytech Labs Pvt Ltd is one of the leading IT Security Firms in India, that is known for providing business solutions to their clients in terms of training, systems integration, consulting, outsourcing, application development, and networking.

Tesseract Global tesseract.global

Rajneesh Gupta CEO

Tesseract Global is a cyber security solution provider, delivering defensive & oﬀensive security capabilities to diverse businesses.

CYBERVAULT A Leading Provider of Information Security Services to Corporations

ith the increasing number of attack vectors on Vulnerability Assessment / Penetration Testing, Web the rise in the industry, Cyber Security has Applications Testing, Wi-Fi Assessment, Network Audit for undoubtedly assumed prominent importance in identifying the IT Security Vulnerabilities and patching the corporate scenario of today’s world. Security breaches them. All this ensures the smooth and hassle free have become a common problem for organizations globally. functioning of critical IT Infrastructure. The strategic Due to these, the losses are severe and huge; hence, partners and expert consultants with a diverse industry organizations are becoming more and more aware and experience ensure the thorough evaluation and analysis of taking all the possible measures to curb these issues. The the network & infrastructure during the audits. attacks such as the recent ransomware attacks - petya and wannacry are a testimony to the fact of rising cyber security An Ardent Leader and a Creative Thinker issues globally. Lack of awareness is the cause of these Anil Raj, a tech savvy person, is the Founder and Director attacks and this is the reason why organizations need to of Cybervault Securities Solutions Pvt. Ltd. He has make their employees more and more aware. Most of the worked with Top level MNC’s as a Sr. Security Consultant medium to large level organizations have started following for many years before venturing out in the formation of his the global norms own of IT company. Infrastructure Powered Providing the best service to the like ISO by customers with global quality standards 27001, HIPPA Intellect for the health and in Information Security in order to care industry, backed by create a value for service for the customer SOX, NIST passion which are all for globally acclaimed technology, Cybervault came into existence in 2013 to bodies to issue strict guidelines for IT infrastructure from provide quality service to the IT Industry through implementation to security perspective. continuous innovations and implementing reliable processes. Cybervault has noticed that the awareness of IT Security is relatively low in the key sectors like Manufacturing, Mr. Anil Raj has a diverse professional background that Industrial Designing, Financial Consultancy firm and other includes network and web application Security, Penetration mid-level commercial organizations. This leads to the loss testing, Cyber Forensics, Trainings and regulatory of valuable time, money and ultimately reputation of the compliance methodologies. He is imminently qualified in organization. Cybervault provides consultation to these his field. Having graduated as a B-Tech (Comp), Anil Raj companies thereby creating the awareness for a cyberfurther holds a string of professional qualifications in secure operation. Further it also performs the necessary networking domain like MCSE, CCNA, Network+ and IT audits required for ISO IT Infrastructure compliances like

“

April 2018

™

Company of the Month

“

Helping the customers focus on their core business by ofoading their IT infrastructure management

“

Anil Raj Founder &Director

Security. Raj also holds an advanced diploma in Information Security. He is an globally certified ‘Certified Ethical Hacker’ and Licensed Penetration Tester. Awards, Achievements and Recognitions The extra ordinary director, Anil Raj is the recipient of two awards in the field of Information Security, one from The Indian Organization for Commerce and Industry Award for an outstanding achievement in the field of Information Technology and the other award from The Global Achievers Foundation Award, for being amongst the talented personalities of India for outstanding achievement in the field of Information Technology. He has also been featured on Radio City 91.1 for tips on Cyber Security in day to day life. He is an active member of various talk-shows and events regarding underground hacking groups & communities worldwide. He also holds Asia Pacific Gold Star Award for his outstanding achievement and remarkable role in the field of IT. Emergence of the Organization with Cyber Security Services

™

April 2018

Cybervault was founded as a core IT Security Service Company and the main idea behind starting the company was to bridge the gap between the industry and its requirements and provide smart technological solutions. Cybervault started promoting the company by contacting various companies and agencies for promoting their services. Various seminars, workshops and summits were conducted to network with the Cyber Security industry professionals. The seminar mostly emphasized cyber security trends, technologies and services oﬀered by Cybervault. To diversify its operations, it also started a separate division of Trainings by being an Accredited Training partner to ECCouncil USA which has global presence in 142 countries. Cybervault was always focused and consistent on delivering outstanding quality. In 2017 the company moved to a bigger premise. The client base kept on increasing right from IT companies to manufacturing companies, designing companies to production companies, ﬁnancial companies to co-operative banks. By 2017, Cybervault had a diverse type of client base with an increased client base in PAN India locations. The core competence was always on delivering the best service. Highlighting the key security issues and securing the clients data or applications thereby saving their

Building a Camaraderie with the Client Cybervault has always believed in giving the best to its clients. To build a strong relationship with the clients, the organization maintains its transparency in its work and that has recurrently brought the customers along with the addition of new customers. The desire for excellence comes from the fact that Cybervault express their opinions with openness and honesty in regards to the best interests of the project. This helps them to win the client's trust and rely upon the organization and their reports & recommendations. Cybervault maintains a positive attitude with the customers by keeping them in loop over the process and by explaining it to them. Timely and efficient communication with the clients coupled with a prompt service and well managed co-ordination lead to a healthy long lasting business relation, and that's the trick Cybervault applies in its business. The clients have been an integral asset of the company and Cybervault nourishes them, nurtures them and grows them thereby growing along with them. The organization has many success stories to share with, notably of the clients for whom the company went that extra mile in spite of the client getting the work done from other vendor is a remarkable story to share. Imparting Security Awareness Cybervault conducts awareness seminars in the companies about lacking IT Security Awareness which imparts the dayto-day working level guidelines to the employees. In the era of increasing cyber threats and attacks like ransomware and phishing, it has become extremely critical to impart necessary knowledge to the employee. This small contribution is leading to a bigger savings in the long term. The globally compliant IT Security Audits exposes the threats to the network and applications of the companies and makes them aware of the security scenario thereby recommending suitable action. Benefiting the Clients with Obtainable Services Cybervault has always delivered the best quality and skilled staff to its esteemed customers. The organization has always given emphasis on the quality of deliverables and never done business on the basis of low pricing. This has translated to the growth in client list year after year – be it in terms of new clients or the existing clients coming back

Delivering VAPT , Network Security Services, Web Application Services , Mobile Apps Testing and other Statutory Compliance Audits in accordance to NIST framework and OWASP guidelines

to them. The team of expert professionals from all walks of IT security brings along with them a wide scale of experience and expertise. All this coupled under one roof gives the customer the best of everything without the need of going anywhere else. The customer can simply offload their complete IT security requirement to the Cybervault. Cybervault has always worked on customer feedback and prompt technical assistance. These two critical factors have helped reinvent the relation between client and vendor every time with a renewed sense of work enthusiasm and commitment. Cybervault also provides customized and personalized service which suits the customer requirement perfectly in harmony to his needs. Envisioning the Future Cybervault has always believed in offering ‘Quality’ to its customers. This quality has been followed in the quality of its services, quality of the deliverables, professionalism of its staff and numerous other factors. Cybervault has grown exponentially every year. All this is because of the faith of its clients and the service along with competitive pricing. On a technical front, the vision of the organization is to get more accreditations from global security organizations and government organizations in order to serve the vast IT Fraternity.

April 2018

™

‘

money and reputation led to the success of Cybervault. “The level of customized service and the attention which we give to the need of each & every client and their requirement is what makes us unique” says the Director, Anil Raj.

IFF Lab : Reinforcing Cyber Security by Predicting and Mitigating Cyber Threats

“

Approach towards

assessing and addressing vulnerability involves a thorough and methodological analysis of the actions of competitive organizations

“

n a world where data is gaining importance, and companies are leveraging big data analytics for business decisions, growing number of organizations are also employing big data analytics to monitor security threats, to quickly respond to incidents and audit and review data to understand how it is used, by whom and when. Greater outreach of telecom companies and aﬀordable data charges has made the internet available to far-ﬂung areas of our nation as well as the world. The nation’s visionary step towards a ‘Digital India’ has resulted in a massive increase in the online presence of individuals. However, the challenge here lies in making their digital presence “secure” as cyber criminals are also getting smarter by the day and are harnessing newer ways to harass and cheat the innocent in the virtual world, especially women and children.

The Criminal Justice System in India is faced with a crucial challenge – the mammoth number of cases awaiting investigation versus the shortage of resources. The aim is to relieve and unclog the currently overburdened forensic landscape with their commitment to quality and speedy delivery of reports. Incognito Forensic Foundation has been a prime partner in deploying and implementing cyber and homeland security solutions with various law enforcement agencies and organizations across India. IFF partners with leading OEMs across the globe for the deployment and commissioning of cyber and digital forensic solutions. The approach of keeping themselves abreast of the latest in technology and the incumbent cyber security threat landscape enables IFF Lab to channelize their knowledge for assisting Law Enforcement Agencies and other organizations. Esteemed Cybercrime Investigator Leading the Organization IFF Lab is headed by Ganesan Kaliyan, who is a venerable Certified Ethical Hacker and a Computer Hacking Forensic Investigator. He strives towards making IFF Lab a leading organization that provides the necessary technical support and training on cyber defense and forensic investigations to law enforcement and government agencies and the society as a whole. The team at IFF Lab consists of certified CHE (Certified Ethical Hacker) & CHFI (Computer Hacking Forensic Investigator) professionals along with forensic experts from different disciplines who leave no stone unturned in predicting and mitigating cyber threats and engaging in a meticulous investigation of cyber-crime cases involving hacking, phishing, financial frauds, online matrimonial scams and the like. Having a repertoire of forensic experts handpicked from premier forensic institutes across India, IFF Lab always strives to stay a step ahead of the rest.

April 2018

™

THE

10 MOST TRUSTED SOLUTION PROVIDERS

Incognito Forensic Foundation is a private forensic lab that provides forensic analysis and investigation services to the government, law enforcement agencies, corporates, and individuals. It oﬀers services pertaining to Computer Forensics, Mobile Forensics, Cyber Forensics, Audio/Visual Enhancements, Questioned Documents, Fingerprint Analysis, Incident Investigations, Corporate Frauds, Financial Frauds, Data Theft, Advance Fee Scams, Online Matrimonial Frauds and many such intelligence-led investigations. Additionally, it also provides solutions that cater to Homeland Security, Dark Net & Social Media Monitoring, Secure Transcripts, and Cyber Security Analysis and Assessment.

Ganesan Kaliyan Director

Awards, Achievements, Recognitions IFF Lab is a name synonymous with trust and faith in the forensic domain and the organization considers that as their biggest achievement, award as well as recognition. They have supported law enforcement agencies in solving some really complex cases of high-proﬁle murders, ﬁnancial frauds, and sexual harassment, and also in tracking terrorist activities. IFF Lab has successfully deployed their surveillance and homeland security solutions at the National Institute of Mental Health and Neurosciences (NIMHANS, Bangalore) and Mazagaon Dock, to name a few. Placement of Cyber and Digital Forensic Solutions

wide range of enterprises enable them to assist organizations in reinforcing their cyber security by predicting and mitigating cyber threats. Their approach towards assessing and addressing vulnerability involves a thorough and methodological analysis of the actions of competitive organizations that help them identify potential cyber threats. In the years to come, IFF Lab envisions to partner with more government and private agencies along with various state police departments to build an India which is seen as the epitome of a “cyber-safe” digitally progressive nation.

There is an incumbent and dire need to have more and more cyber and digital forensic centers that can predict and mitigate cyber threats before the damage is already done! It is essential to create more awareness among individuals about cyber-crimes and the ways to ensure cyber security. At the same time, there is a need to have a cyber-forensic center that can be approached easily by the common man and that’s what IFF Lab strives to do. Believing in Constant Evolution and Envisioning a Cyber-safe Nation IFF Lab’s futuristic cybercrime and digital forensics center combined with their rigorous experience of working with a

™

April 2018

Ensuring Data Privacy Personal Data

Protection Solutions T

he world is moving fully into a digital realm, a scale which is too large. Though, freedom and privacy cannot be taken for granted. Today, the personal data actually refers to data, that’s been created by users. True or not, an individual can be identified from the data and other information to which the organization likely to have access. The word “Privacy” is a fundamental human right. But, nowadays the understanding of the term privacy refers towards the end users data privacy or information privacy. Protecting privacy and personal data is an issue of risk and trust for organizations. By protecting privacy the risks of costly incidents, reputational harm, regulatory penalties, and other harms lessens. Each and every organization depends upon the trust of its existing and eventual customers, clients, business partners, vendors, and employees. So, when this trust is lost, it might have a devastating impact on an organization. While dealing with data privacy issues, the solution needs to address data security controls, cloud infrastructure security controls, technical tools and security assurance. Along with technical security controls, the solution has to address governance controls at process and people. Avoid Data Theft by Enhancing Data Security It is necessary for organizations to limit the data access by holding privileged access to their sensitive data to a number of employees and insiders. For every organizations, it is really important to be aware of identify their sensitive data. Though, it will be probably around 5-10% of the total data. This could result in an immense loss of reputation and revenue to a company. To mitigate a cyber-attack, one needs to prepare a list of security measures and data security policies. Through these policies, immediate reaction against cyber threat can be done in order to prevent extreme impacts of a cyber-attack. With access management and rights, employee access could be identified easily and creates on awareness on the user in the organization, who could have the potential to breach. An organization can secure their sensitive data from hackers by using strong and different passwords for every department. It can also manage using a password manager tool and ensuring that all employees receive proper data security training and password tips, making the hacker feel much more unlikely and difficult. Further, it is really helpful for an organization to have regular data backup and update their data to be on the safer side during unexpected attack or data breach. The most number of breaches is done in five major industry verticals: banking/credit/finance, business, education, government/military and medical/healthcare. Almost 90 percent of the medical and healthcare breaches the number of records compromised were identified.

April 2018

™

Securing Personal Data

Technical Tools for Preventing Data Loss Data loss prevention tools (DLP) afford ways to identify uncertain data-handling activity and enforce a remediation action. Use modern strategy to keep data secure from theft. Data Classification: A technique of organizing data into categories for effective use. A classification tool should be scalable, ease compliance with regulatory requirements, and provide incident response features in the case of a data breach. This categorized data will not only ease up the data management but will also boon from getting affected due to cyber security comprising. User Behavior Analytics: The data loss prevention practices dictate some form of user behavior analytics to combat any insider threats within the enterprise. In case of firewalls and anti-malware software analyze and block potential outside threats, user behavior analytics technology inspects user action for malicious behavior. Force point insider threat, a data loss prevention software constantly monitor and analyze your users behavior, identifying the users who are most likely to compromise the data either accidentally or maliciously. “Hardware is easy to protect: lock it in a room, chain it to a desk, or buy a spare. Information poses more of a problem. It can exist in more than one place; be transported halfway across the planet in seconds; and be stolen without your knowledge.”– Bruce Schneier, an independent consultant at counterpane systems. Offline DLP: This is a standard feature for data loss prevention software. As most DLP software is installed directly onto the user's machine, it can still monitor and protect against attacks while it is disconnected from the network. If an incident occurs, the machine contains the attack details locally until it is reconnected, upon which an incident report will be generated. By using the right DLP software and policy, every enterprise can determine their own data loss prevention practices to eliminate data loss. Since data breaches become more adept, enterprises should consider data loss prevention a viable addition to their information security strategy. At present, personal data is increasingly being seen as a personal property. The business firms collect massive volumes of personal data from individuals to use the data to personalize customer offerings, unveil products and diversify into new markets.

™

April 2018

Rohan Vaidya Regional Director of Sales at

CYBERARK

April 2018

â&#x201E;¢

Interview with Insights Success

CYBERARK Leading the Market in Securing

Enterprises Against Cyber Attacks

n today’s world, cyber systems provide flexibility leading to its illicit use. With the Government framed Internet policy, Internet along with making the life easy with economic activities like buying, selling, online transactions and social networking brings along many threats. Hacking tools are available on the internet which does not require people to be highly skilled and also encourage them to do inappropriate acts online. Thus, cyber space has made users vulnerable making it important to take necessary steps and avoid exposure from to acts. CyberArk is delivering a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done. In an interview with Insights Success, Rohan Vaidya, Regional Director of Sales at CyberArk gave some insightful answers highlighting the influences made by his company to take wellness programs to a new level. 1. Kindly brief us about the company and what kind of cyber threat solutions/services the company provides to their clients. CyberArk focuses on preventing targeted cyber threats that make their way inside the network perimeter to attack the heart of the enterprise. CyberArk leads the market in securing enterprises against cyber attacks that take cover behind insider privileges and attack critical enterprise assets. Today, CyberArk delivers a new category of targeted security solutions that help leaders stop reacting to cyber threats and get ahead of them, preventing attack escalation before irreparable business harm is done. 2. Briefly tell us about your journey since inception of the company? CyberArk is one of the first cyber security companies ever. The company was founded in order to protect access to sensitive information against users already within the network, with early customers coming from the financial services industry. Over time we expanded our customer base as we grew and also our product offerings, both organically and with various acquisitions, most recently in the DevOps and cloud security spaces. 3. Tell us something about the CEO/founder/MD of the company? Udi Mokady – a co-founder of the company - is CyberArk’s Chairman and Chief Executive Officer. He has been CyberArk’s CEO since 2005 and has been instrumental in CyberArk becoming a trusted security partner to more than 3,650 global businesses, including more than 50% of the Fortune 100. 4. Mention some of the awards, achievements, recognitions and clients’ feedback that are notable to you. CyberArk has received prestigious security industry awards including: 2017 SC Award winner for Best Identity Management Solution, 2017 Cybersecurity Excellence Award winner for Best Cybersecurity Company, a winner in the 2016 GSN Homeland Security Awards, a Top Place to Work in Massachusetts by the Boston Globe, a 2016 Microscope Award winner for Channel Excellence, a Best Place to Work in Massachusetts by Boston Business Journal, a Best Workplace in Technology by Fortune Magazine and Great Place to Work (2016), a CRN 2016 Security 100 company, a 2015 GSN Homeland Security Awards winner in two categories: Best Privileged Access Management Solution and Best Continuous Monitoring and Mitigation System, Best Israeli Enterprise by the Geektime Geek Awards (2014), Techworld Awards’ Security Product of the Year (2014), Computing Security Awards’ Enterprise Security Solution of the Year (2014), and SC Magazine’s Best APT Solution (2014).

™

April 2018

5. How do you work on your long-term relationship with your clients? Kindly brief us about the most satisfactory experience with a client. Privilege Account Security (PAS) solution is a journey. When the customers make a decision to buy CyberArk PAS solution they are well aware that this is a strategic initiative which will be an ongoing program to secure their privilege accounts across the enterprise. During the Pre-sales and the implementation phase, customers work very closely with CyberArk certified experts to milestone their PAS journey. The CyberArk solutions are architected in such a way that it allows the customer to progressively onboard different platforms and technologies’ privileged account at their business needs’ pace. In an ever fast evolving business world CyberArk has been for several years a thought leader by constantly innovating to secure and protect the privileged accounts in new domains like IoT, Cloud, SaaS or DevOps. Cyber security is a team game and CyberArk works very closely through their C3 Alliance initiative with most of the security or automation vendors to form an integrated solution. Most of the customer who started working with us few years ago have expanded quickly their scope to cover their IT assets with CyberArk. Many of them have worked closely with CyberArk’s plugin development team to go beyond IT to onboard legacy technologies or operational technologies (OT). 6. Share with us how the company is contributing to its sector in the industry. In 2016 CyberArk launched the C3 Alliance, with the idea being to bring enterprise software, IT security and services providers together in order to deliver proactive protection, detection and response to customers by putting privileged account security at the core of their cyber security strategies. Today, this programme has more than 45 partners and well over a hundred product integrations that help customers get more value from existing security investments. 7. Share your point of view towards current scenario of the cyber security industry. While 2017’s most prominent attacks were ransomware - major security attacks like WannaCry and NotPetya – the real underlying story was the massive public breaches affecting companies like Uber, which was a wakeup call for everyone to realize the potential of cyber-attacks and how they can impact

companies globally. Initiatives like the move to the cloud, the growth in DevOps and the increasing convergence of IT and operational technology (OT) have drastically changed networks and expanded responsibilities of security teams of protecting them. These initiatives, for all their business benefits, have caused network complexity to skyrocket — issue cyber attackers are all too eager to exploit. The skills shortage to safeguard against such attacks remains stubbornly inadequate as a major concern. 8. Kindly brief us about your strategies to tackle the competition in your sector. What steps are you taking to ensure that you continue to grow and develop? We believe we set the standard in privileged account security by delivering the most innovative solutions and best-in-class customer support. Our size and experience versus our competition helps fuel our growth as we work to expand our leadership position by further automating and simplifying our solution across on-premise, cloud, and hybrid environments. We aim to expand our relationships with existing customers and accelerate new customer adoption by being as effective as possible in sales and marketing, with our reach being extended through our global partner ecosystem and enablement program. 9. What can be expected from your company in the upcoming years? CyberArk’s technology acquisitions – from DevOps to cloud security – have a common thread to them; securing privilege and credentials as new business practices result in an increased attack surface. Even in this period of constant change, unmanaged privileged accounts are almost always at the center of cyberattacks. CyberArk will continue to help customers secure themselves in this critical area. 10. What are the benefits gained by your clients while doing business with you? Our customers expect CyberArk to help them build awareness of modern cyber security and privacy threats, processes and technologies as the first step toward an active defence – and also to help the wider business understand how critical this is. Companies must show greater urgency to enable cyber security resilience by prioritizing cyber security risk at the same level as wider business and financial risks. It's our job to help them understand how new technologies - like cloud and DevOps - affect the attack surface and to promote a‘think like an attacker’ mind-set, which is the most effective start point to better overall security. April 2018

™

Necurity Solutions: Transforming Cyber Security Sector with Indigenous Security Solutions

“

from the varied industries be it Medicine, Jewelry, Shipping, or Hospitality, from the cyber-attacks.

Our goal is to

build a cyber-free universe, with zero cyber-attacks

“

renowned proverb quotes, “In cyber security, the more systems we secure, the more secure we all are.”

As the world has become more connected than ever, cyber security has become a necessity rather than a choice. Hacking, Cracking and other types of cyber mischief have reached a level of sophistication and it has become a profession with high stakes involved. It has gained a plenty of weight over the years as the worldwide spend for the cyber security has continued to grow by 71.1 million in 2014, 75 million in 2016 and is expected to reach to 100 million approx. by 2018. Necurity Solutions stepped into the world of cyber security in 2016 with a strong mission to make information technology a beneﬁt in the business industry through economical and innovative security solutions. Necurity has successfully shielded more than hundreds of companies

Necurity Solutions is compassionate in providing end-toend cyber security protection and preventing the sophisticated cyber-attacks. It has ﬂawlessly detected vulnerabilities in several companies and has reported them via their Bug Bounty Programs. The company provides innovative and universal security solutions to its customers through Security & Theft Data Protection, Cloud Security, Enterprise & IT Network security, and Web & Mobile Application security. Creative and Enthusiastic Leader of the Organization The giant Necurity Solutions is run by Ishwar Prasad Bhat, who is the dynamic Founder & CEO of the company and is accredited with Ethical Hacker and Information Security Expert certiﬁcations. Ishwar has successfully dealt with a serious cyber-attack on the eBay company, wherein the vulnerability in the website would allow the hackers to purchase any item for one rupee. This cyber-attack is recorded as the ‘eBay One Rupee Vulnerability’ in the Google and he is well known for detecting the threat. His splendid knowledge and vast experience in the cyber security has placed him in association with the top MNC giants such as AT&T, eBay, Blackberry and more. Additionally, he is a notorious speaker at various International Cyber Security Conferences. On speaking about the company’s success, Ishwar asserts, “The major contributing factors behind the company’s success would be my team. We have thousands of happy customers and have successfully mitigated thousands of cyber-attacks around the globe. ” Awards and Accolades Necurity is well-known for strongly protecting the data and integrity as well as taking high preventive measures to April 2018

™

THE

10 MOST TRUSTED SOLUTION PROVIDERS

mitigate the cyber risks. Its in-house experts thrive hard to deliver best services to their customers. Ishwar Prasad, the CEO of Necurity Solutions, was recently recognized as the ‘Entrepreneur of the Year 2016’ by the Entrepreneurs Council of India. He was also endorsed with the monetary awards of worth $2000 from the renowned companies like Shopify, Uber for detecting multiple susceptibilities in their system. He has recently bagged ‘Vinutna Ratna’ Award by the Akkineki Foundation of USA for his remarkable achievements in the cyber security sector. Necurity Offering Unique Services The company delivers a wide range of services like web and mobile app development, various penetration testing and many more. It also offers manual as well as remote network audits and vulnerability assessments for the organizations. Necurity has built an effective way to create a website that will withstand the relationships with its peers. Its strong motive is to create user-friendly and informative websites with meaningful content, high-resolution photos and videos, and expansive portfolios. Its dedicated team is available 24*7 to assist its customers with the technical issues in updating, and fixing the vulnerabilities released by the vendors.

Ishwar Prasad Bhat CEO & Founder

Visioning an Unbeatable Future With the emerging IT environment, the intense need for the cyber security will remain the same as there will always be some vulnerability to our data systems. Necurity Solutions holds a glorious future as its primary focus is always on delivering trustful and quality security services to its clients. While sharing the upcoming goals of the company, its CEO mentions, “With the quality and trustful service which Necurity is delivering to its clients, we see Necurity Solutions to be the pioneer in the ﬁeld of Cyber Security Technologies.”

The Network Penetration Testing service of the company generates a complete cyber audit report on the networks, ports, and the switches, apparently mending all the susceptibilities. Also, the Web Application Security Assessment Report comprises of the complete details of the threats, explanation, references, and the cyber-threat ﬁxing techniques. Necurity’s biggest strength lays in the user manual and automated vulnerability assessment techniques which overcomes the traditional usage of various software or other scanners. The unique techniques of the company have led it to ﬁnd the exposures which could not be detected by any other software or tools.

™

April 2018

Controlling the Massive Expansion of Global Cybercrime Damage ABOUT THE AUTHOR Rex Aantonny is the Founder and Chief Executive Ofcer at Rex Cyber Solutions Pvt Ltd. He is also the Chief Trainer at Hexter Lab. He has given numerous Information security based calibrations to private & government ofcials at Coimbatore, Chennai & Kerala. He is best known as the Tamil Nadu Executive of HANS (Anti Hacking Anticipation Society), an NGO based out of India that works with clients across the world, helping them create awareness on cyber threats. Rex made his foray into the eld of cyber forensics as a Research Associate at Interscience Academic Research Centre during his college days after completing his training from National Informatics Centre. He later joined ‘Cadgraf Digitals’ as Software Executive, where he played a pivotal role in shaping the company.

April 2018

™

Experts View

yber security is the most elusive domain across various domains and technology domains it’s a game which is not understood for a very long time the industries trying to protect and after several decades we realized we have not been able to protect as of now we do not have an established framework or a methodology to secure us. This might shock you but the truth is we never be secure ever. Only thing is we have to be more proactive and be safe. There is a bigger diﬀerence between secure and safe. Even if you invest into more security it will help you to complex the work of bad guys not stopping the problem it will give more space breath and run your industry but you can be safe in the cyber safe even if you hacked; it will be possible only by you if your industry is already preparing for it and have proper response, recovery and forensic in place.

By 2021 the cybercrime damages were estimated 6 trillion USD. Data remains the primary hacker target there are 100+billion lines of software code being produced each year which contains billions of vulnerabilities that could be exploited. The 6 trillion estimated costs include the cybercrime damages, loss of IP, productivity, personal and financial data, forensic investigation and restoration finally the reputation harm. Cyber threats have evolved from targeting and harming computers, networks, and smartphones — to humans, cars, railways, planes, power grids and anything with a heartbeat or an electronic pulse. As the planet morphs into a digital global society of interconnected people, places, and things, there’s a whole lotta cyber that needs to be defended. Prevention will always be your best line of defense against cyber criminals. Like any other criminal activity, those most vulnerable tend to be the first targeted. 1. What are your security policies? Are they well demarcated 2. Do all your employees understand the most common hacking stuff, like phishing, social engineering, etc. 3. Education and awareness of your employees will go long way to protect yourself against many types of cybercrime.

things you can’t cut corners on and it will save you an incredible amount of money in the long run when considering the risks it involved. Exploits in software are very common ways hackers gain access to sensitive data. Updating your network connected devices always be a top priority. Many companies mostly startups and SME do not scan their website application for malware or security level that’s leads to the loss at one time. Always keep the backups of all your critical data; recovering from a cyber attack is involves restoring your data from a point prior to the event in question. Steps to prevent cybercrime:1. Never disclose your personal information publicly on websites. This is as good as disclosing your identity to strangers in public place. 2. Always avoid sending any photograph online particularly to strangers and chat friends as there have been incidents of misuse of the photographs/identity. 3. Never enter your credit card number to any site that is not secured, to prevent its misuse. 4. Always use latest and updated software to guard against virus attacks. 5. To prevent loss of data due to virus attacks, always keep back up of your data. 6. It is advisable to use a security program that gives control over the cookies and send information back to the site, as leaving the cookies unguarded might prove fatal. 7. Website owners should watch traﬃc and check any irregularity on the site. Putting host-based intrusion detection devices on servers will serve the purpose. The Human mind is crazier than anything so always be aware that technology will help you to keep safe but it’s your duty to apply it. And remember NO ONE IS KNOWN IN THE CYBER WORLD.

Securing Computers, Digital Assets, and Networking Some

™

April 2018

NetConclave Systems: Providing Information Security Consultancy & Training Services Across the Globe Kindly brief us about the company and what kind of cyber threat solutions/services the company provides to their clients.

ur exploration of cyber threat defenses shifts from establishing baseline security postures to determining the types of cyber threats and other obstacles to security that concerns today’s organization the most. Organizations can afford to stand still when it comes to maintaining effective cyberthreat defenses. IT security teams must keep pace with the changes occurring around them whether to the business, technology, or threat landscapes- by making changes of their own. NetConclave Systems is a 10+ years old company headquartered in Pune and having offices at Bangalore & Dubai (UAE). It provides business aligned security services and trainings to create and strengthen the security posture of client. In an interview with Insights Success, Niranjan P. Reddy, Founder & CTO of NetConclave Systems gave some insightful answers highlighting the influences made by his company to take wellness programs to a new level.

We are an Information Security firm providing cyber security services and consultancies like Web Application, Mobile Penetration testing, Infrastructure & Network Audits, Compliance Audits like ISO:27000:2013,HIPAA,Real Time Threat Monitoring, ECCouncil Authorized InfoSec Training along with customized tailor made courses to clients as per their requirements, Digital Forensics & Cyber Crime Investigations. 1. Briefly tell us about your journey since inception of the company? The journey has indeed been a tough one beginning from scratch. We began with InfoSec Training courses for various corporates then slowly moved into Consulting and providing various services like Vulnerability Analysis and Pentration Testing. We followed a unique funda of firstly getting an written Authorisation from the client and then show them with April 2018

™

Interview with Insights Success

a POC how vulnerable they mostly with their web applications and other areas. We oﬀered it as free service by highlighting 1 Critical ﬂaw after which we used to get to do the entire Pentest activity as a paid service.

Circle Of Excellence for Contribution in InfoSec Trainings for corporates 8 years in a row in the South East Asia category. ·

2. Tell us something about the CEO/founder/MD of the company? Niranjan Reddy the CTO and Founder of the company an Electronics graduate from Pune University with 14 yrs+ of hardcore InfoSec experience had worked previousely with numerous Corporates and then started up his firm Netconclave Systems. He is an InfoSec Evangeist with numerous international certifications like MCSE, CCNA,ECCouncil's Certified Ethical Hacker(CEH),Computer Hacking Forensics Investigatior(CHFI),ECCouncil Certified Security Analyst, ISO 27000:2013 Lead Auditor,OSCP,CISSP. 3. Mention some of the awards, achievements, recognitions and clients’ feedback that are notable to you.

· · · ·

Member of Nasscom & Core Member of DSCI, Pune-India Chapter. Chair Member for National Cyber Defence Research Centre (NCDRC) Founder of National Information Security Summit (NISS) Assisting Corporates as an Advisory & Consultant in cyber forensics & cyber security globally. Featured recently twice on Radio Mirch 98.3 FM on e-wallet security and Blue Whale game risks on teens. Speaker at various International Hacking Conferences at Ground Zero-Sri Lanka, ISSACON, NASSCOM, DSCI, ISACA Pune Chapter, International Cyber Security SummitColombo- Sri Lanka, Hackon 2016, Hackersday Lucknow, NISS, Digital Investigators Conference & Exhibition(DICE), ISACA - Pune Chapter, Symbiosis(SCIT) ,Gujarat Forensics Science

ECCouncil Global Award Winner as Best Instructor &

™

April 2018

University (GFSU) and many more. · Oﬃcial Cyber Crime Expert – Pune Police. Speaker at various Security related Conferences. · Best instructor & Contributor to the Infosec community Award at Hacker Halted, Miami-USA for 8 years in a row 2009 - 2016 held by ECCouncil, USA. · Also honored with the Commendatory Certiﬁcate by the Police Commissioner of Pune for solving 3 critical cyber crime cases in 2010. · Also featured in various newspapers and news channels coverage on my achievements in the IT Security domain can be viewed by clicking on the below mentioned link: http://www.netconclave.com/news-a-media/newspaper articles-and-media-news.html · Continuously contributing to the media by writing various articles on security and creating general awareness to the common man in cyber security. · Published many Articles in International magazines like Hakin9, e-forensics, & Gulf Times, India Legal,Digital 4N6 Journal & popular Indian News Papers like Times Of India, Pune Mirror, Financial Express, Sakal, Mid-day etc. · How do you work on your long-term relationship with your clients? Kindly brief us about the most satisfactory experience with a client. · We believe in giving much more than expected to our clients. This means our clients get into an Annual Security Maintaince Contracts with us so that we take care of all their Info sec issues and maintain it along with their technical teams. We had implemented HIPPA Compliance for a client along with their web application pentest. It was valid for 1 year. They came back to us for the 2nd year also as they had options to go with another vendor but they continued to have us do the gap analysis and re-testing of the web application. 4. Share with us how the company is contributing to its sector in the industry Cyber Awareness Trainings & Workshops on a regular basis is the key way to minimize the curbing rise in Cyber Crimes and Cyber Attacks. We do perform these kind of trainings on a regular basis for our clients. Besides this we do free sessions for certain Schools and Colleges. Recently we have done a few with Hindustan Times Security Awareness sessions for various schools and colleges in Pune.

With so much advancement in Technology we would be advancing to the maximum use of technology like smart homes, smart cities, IOT, Artiﬁcal Intelligence etc. All this will also give rise to more Cyber Attacks and Threats. Hence we as users of all these should keep ourselves updated about various threats and countermeasures to have minimal risks and cyberattacks. 6. Kindly brief us about your strategies to tackle the competition in your sector. What steps are you taking to ensure that you continue to grow and develop? Competitors are the key to our growth. If there is no competition then there are no challenges. I have seen many startup companies coming up in many numbers and charging peanuts for InfoSec services and do not survive for long in the market. But quality and experience matters in this domain. Hence we assure quality and our experience of more than 15 years and the legacy of our clients speaks about us. We hope to keep this trend and acquire more clients in the future.

7. What can be expected from your company in the upcoming years? With a lot of SME companies using IT not aware of Cyber Security and falling prey to cyber criminals we intend to have Security Assessments and awareness trainings to help them combat cyber attacks. Further we intend to have periodic Compliance audits and Gap Analysis audits minimum once yearly to see they are adhering to the Information Security Standards as mentioned in the ISO 27000:2015 manuals. 8. What are the benefits gained by your clients while doing business with you? Incident Response and Management Managed Security Service (MSS) we have already started catering to few of our overseas and domestic clients offering Services like SOC implementation. The fact of being Cyber safe and secure is not just about one time audits or yearly gap analysis. We need continuous monitoring of traffic of your networks. Hence real time monitoring and 24*7 monitoring of networks we tell our clients would help combat cyber threats and attacks in a better way.

5. Share your point of view towards current scenario of the cyber security industry.

April 2018

™

OAASA Technologys Providing Advanced IT Solutions to Safeguard the Businesses

“

One Stop Place for Robotic Engineering, Cyber Securities and IT Services & Training

companies seek new and cost-effective ways of responding to dynamic customer requirements. Also, the sophistication of cyber-attacks from worms and viruses to enhanced techniques such as Zero-day attack, Dynamic Trojan Horse Network (DTHN) Internet worm, and Stealth Bot drove led the IT security service providers to design advanced security software and solutions. OAASA Technologys provides cutting edge advances in technology and securities, through innovative thinking and revolutionary ideas. The company offers a web-based programming architecture for robots and security system, offering a security based web interface that allows users to type their robot control programs. The Startup Journey

“

n this digital world, technology has involved in everything we do, in one way or another. It plays a big role in the success of the businesses too. The usage of technologies has increased in daily affairs of the organizations, whether it is small or big. With this, the number of organizations hit by cybercrime is also rising each year. No business is safe from the cyber-attack; it becomes necessary to fight back against the cybercrime. Effective cyber security tools and systems are needed to protect the confidential data of the businesses.With an aim to make a clean and safe cyber and robotics world by removing threat of cybercrime, OAASA Technologys was incorporated. The company is also working towards creating internet security awareness through their skillbased trainings and IT services with products to a huge number of organizations. With the change in manufacturing world, the need for the technologies has also changed. Adaptable automation and security system has become a priority around the world, as

The journey of OAASA started in the year of 2011 when nCircle Inc. was formed at New Orleans, Louisiana. In the year 2014,to provide web and software services globally a sister concern ZenX Software was introduced in Kolkata. Later, they started Cyber Security, Robotics and IoT Services and successfully served more than 400 clients. In the year 2016, OAASA Technologys, formed in Kolkata as a parent company and became Indian cyber security partner of a Denmark-based Company Heimdal Security. In the year 2017, they have introduced www.IoTKeep.com is IoT data security platform, www.AnnyMart.com is e-Commerce platform for IT, Cyber Security, Robotics and IoT products and Careersion.com platformfor IT career and training.

Tremendous Leadershipof the Company Sobhan Bhattacharya, CEO of OAASA Technologys, successfully served as a renowned Chief Engineer for long years in the USA, France, Canada andthe UK with International Maritime and Aviation industries. He is holding two master’s degrees MBA and M-Tech (IIT Kanpur), also fellowships of many International April 2018

™

THE

10 MOST TRUSTED SOLUTION PROVIDERS

organizations and authorities. He has even launched low cost Ultra Smart IoT data security platform and many domestic & industrial robotics products in the market. He has implemented many exceptional initiatives in the IT industry those are very useful in the present scenario in terms of accessibility, low cost & security point of view. Extensive and Innovative Services Provided by OAASA OAASA Technologys is a web-based control, robotic engineering, cyber security based, and ISO 9001 – 2015 certified Company located in India. They deliverIT securityservices for the businesses and shield them from the manifold of cyber-attacks they are exposed to in their daily exercises.They provide solutions to protect against information theft, security breaches, hacking, network vulnerability, virus attacks, framework trade off, system compromise, frauds etc., through audit and assurance, IT administration, data security and business innovation warning. OAASA Technologys are working for the most recent decade with professionally licensed ethical hackers and ISO 27001 Auditors. OAASA also offers training and education based practices on complete web; android security based technology, ethical hacking, cyber security, cyber forensics, wireless engineering, robotics, VLSI and embedded systems. It has arranged many workshops for cyber security, IoT & data security for general awareness. They have recovered many companies from cybercrime throughInformation Risk Assessment,Security Audit, Vulnerability Analysis and Penetration Testing, Cloud Security, Managed Security, ITIL & ISO27001:2013 implementation. PotentialSegment for Cyber Security from OAASA’s Point of View

Sobhan Bhattacharya CEO

cyber security solutions for the defense industry. The defense and the homeland security agencies are expected to cover around 75% share of the global cyber security market in 2018. Growth in investments on military programs and allocation of resources for research and development of cyber security solution for the battle field communication systems; is expected to remain as the most upcoming trends in the cyber security market for the defense industry over the coming years. Company’s Next Movefor Future OAASA Technologys is about to release International Standard Cyber Security and IoT products in the global market. The next goal of the company is to enter the domestic life of individuals to provide cost effective, secured Cyber security and IOT solutions. They have already developed many products into the global market in terms of wearable, Tabletop, and fixed units.

Advancement in the ﬁeld of information technology, upgradation of existing weapons with intelligence, and increasing dependency on internet network by the military organizations raises the threat of organized cyber-attacks. It became necessitated the use of reliable and enhanced cyber security solutions for the defense industry. The cyber security market remains as the key driver for the growth of ™

April 2018

Cyber Talk

Organization’s Essential

Deliberations in Managing

the Risks to

CYBER-WORLD O

ver the years, there has been gigantic development in the cyber-world due to the extreme growth in the information technology. But the security of this cyber-world is often exploited and is at risk. Currently, there is a severe threat to very basic and highly confidential data. The security organizations are majorly focusing on cyber-security threats rather than other means of attack/ than any other means of attack. These organizations are presently working on the cutting-edge spying techniques and other methodologies to manage cyber-security risk. The expansion of technology from cell phone to the smartphone has engaged the government to work closely with the private sector to secure the cyber network. Sharing the Information The confidential information leaking can bring the stability of an organization into danger. Securing and managing this information is a perfect insight to create a strong base for an organization. The investors must be alert to the risks, predominantly of cross-cutting and shared risks, and be involved in complex decision-making processes. Information sharing should involve appropriate communication processes. These processes must embrace thresholds and criteria for communicating and escalating risks. Tools used for sharing information, such as dashboards of pertinent metrics, can keep investors conscious and involved. Sharing the information helps to identify, asses, and respond to a cyber-security risk and permit risk decisions to be well informed, well considered, and built with a perspective to satisfy organizational objectives. Maintain a Culture The framework of an organization depends upon the way it establishes a culture of the cyber-security. This helps the organization to identify risks early and implement suitable operations to mitigate them. The leaders should maintain a culture of cyber-security to prevent incidents or attenuate their influence to the cyber world. They should establish some principles of cyber-security and risk management throughout the organization. However, the organization should focus on training practices to build a structure to maintain the expertise and deal with new critical risks. Appropriate

April 2018

™

â&#x201E;¢

April 2018

leadership involvement, accountability, and training would create a culture-defining a governance structure and communicate the objectives and expectations. There must be policies and techniques which can interconnect cybersecurity risk management expectations, risk definitions, and guidance throughout the enterprise. Swiftness is Necessary The cyber threat can be mitigated with immediate and rapid action. Early identification of the risk to the confidential information will help an organization to stabilize its network. This speedy response can manage and reduce the impact of an organization exposed to the cyber-security risk. Quick planning and preparation can help in incident management. These management plans should be implemented time to time. Besides, technological innovations have mitigated the threat to the cyber-world and by thus speeding up the connectivity. This makes it vivacious for enterprises to have the personnel who understand the threat landscape in association to how the enterprise operates. Rapidity to assess potential jurisdictional liabilities, manage and protect data will help a company to secure existing and proposed regulations in the cyber-world. Being Alert to the Threat Environment The technological innovations are not the only entities causing the risk to the Cyber-security. The environment in which the technology dwells and is maintained should also be focused on. Organizations need to focus and advance their intelligence to monitor the capabilities of the opponent. They should improve their network security sensors and other reporting processes to account the risks from third parties. Threat environment does not always act externally; the insider threats should also be accompanied. The security problems to the cyber-world arise with this influence of malicious or inadvertent insiders existing in the workspace of the company respectively. Implementing Cyber Hygiene Practices Cyber risk management is essential for the effective use of the resources of an organization. It can be achieved by application of basic cyber hygiene practices. These practices focus on the establishment of a secured infrastructure. Implementing these basic practices is a decent starting point to prevent attacks and reduce cyber risks. The organization should focus on improving its knowledge about the high-value services and assets. Conducting cyber-security education and awareness activities are vigorous for cyber risk management. The organization should enhance their access controls and system monitoring to upgrade their level of cyber-security. Close observations of the changing technology and standardized secure configurations can lead to proper management of threat to cyber-world. Maintaining the user access accounts is also essential to create a good foundation for the organization in the cyber-world. Road Ahead The government is planning to make policies that would have the potential to enhance the security, availability, integrity, and efficiency of the information system in the upcoming future. Further, there will be operations that would characterize the specific threats with the help of the threat metrics and models. With the evolving trends in technology and threat landscapes, the future is going to introduce the cyber-world with technologies related to big data, cognitive computing and the Internet of Things. This technological approach would prove vibrant in managing the volume and complexities of the cyber risks.

April 2018

™

www.samsung.com

Sytech Labs Leading IT Security Firm Providing Cyber Solutions and Training

“

The Work on securing the country from Cyber War is in Progress, but there is always a Better Solutions than the previous that are yet to be discovered

“

ith the advancement of technology, the knowledge resources are becoming an open source by boosting students and researchers to learn more about Cyber Security. The new era of Cyber Defense in India has grown to maximum from personal to corporate level, social networking, social media; knowledge sharing websites that are very rapidly growing in securing the people. As security is the major aspect for every nation. The government of India has secured ambitious plans to raise cyber connectivity with various activities related to e-governance and e-commerce that are now being carried out over the Internet. Even the country is planning to prevent Cyber War which is now been treated as another nuance apart from Army, Navy, Air force and Space War. The private sectors along with the Indian government which is also providing many critical services related to cyberspace ranging from banking to electricity to running airports and other key transportation infrastructure. The government can necessarily work closely with the private sector, particularly in promoting cyber security practices and hygiene.

One of the leading IT Security Firms in India, Sytech Labs is well-known for providing business solutions to their clients in terms of training, systems integration, consulting, outsourcing, application development, and networking. Sytech Labs services line include Information Security Training, Seminars & Workshops, Cyber Crime Investigation & Consulting, Vulnerability Assessment & Penetration Testing (VA/PT), IT Security Consulting & Auditing, Web Application Development, Search Engine Optimization, Network Solutions etc. Renowned Ethical Hacker & Cyber Security Expert A Cyber Crime Investigator and Consultant with Hyderabad Cyber cell, Sandeep Mudalkar the Founder and CEO of Sytech Labs establishedSytech Labs in 2014 with its headquarter based at Hyderabad. With the Motivation from his father Mudalkar Kashi Vishwanatham (Deputy Conservator of Forest-Retired), today he is a trainer & researcher of cyber security. He was interviewed by several news channels including The Hindu, Deccan Chronicle, The New Indian Express, Zee TV, Zee News(Hindi), TV9, NTV, Eenadu Etharam, T-News, Express TV, CVR News etc. He was even rewarded by IAS & IPS officers for solving cases of cybercrimes, identifying bugs in government sites, & helped them to improve security and safe transactions and Cyber Forensic Investigator. Under the leadership of young entrepreneur Sandeep, the team has always copped up with Crime Branch Departments of various states for Investigating Cyber Crimes. In a short span of time, Sytech Labs has improved the infrastructure by conducting plenty of seminars & workshops across India. He has also conducted awareness on Cyber Crimes for more than 200+ schools, Intermediate & Degree Colleges &more than 100+ workshops on Ethical Hacking at various engineering colleges. Many students and professionals got benefited by his lectures. Obstacles Faced at Ignition Point At the beginning of the journey, while establishing the organization, Sytech Labs faced several difficulties over a year in finding a good team for sorting out issues in their April 2018

™

THE

10 MOST TRUSTED SOLUTION PROVIDERS

projects and there was also a tough task in forming cyber security expert’s team which is very rare especially in India. They also faced multitask Investigation across critical cases from various police department regarding Fake profiles of Social Networking Cases, Credit & Debit Card cloning, Cyber Stalking, Fake Lotteries, Data Integrity, Phishing, Email Hacks ,Denial-of-service (DoS) ,Programming flaws, Spoofing attacks, Virus & Worms in Networks, Website Hacks, Leakage of Private information on blogs etc. Contributing Various Sectors through Cyber Crime Solutions Being a Cyber Crime Investigation & Law Consultancy, Sytech Labs provides consultancy services to Cyber Law issues, helping Cyber Crime Victims and how to carry out Cyber Crime Investigations, etc. For this purpose, they have a panel of advocates/consultants specializing in Cyber Law matters and practicing at various levels over India. The company focuses on VA/PT & SEO Projects in which they check websites for bugs and whether the website is vulnerable to hackers, later they solve the problem of the website administrator by protecting the websites from cyber criminals. Apart from this, Sytech Labs also focuses on SEO projects and even work on main and mini with academic projects. The organization includes team of experts from most of the states in India. They have also helped the society by offering consultancy services on cyber laws & cyber-crime investigation for victims. Sytech Labs qualified team of Software Developers & Web Developers is been always appreciated by the clients for providing them with best Web Solutions and also keen to outsource web solutions to foreign clients. They have always been keen to find the right processes to fix security issues of the Web Applications and have been appreciated by major corporate companies for providing them VA/PT reports. Spreading Awareness of Cyber Security As the world is facing increased number of cyber-crimes, the company’s training department is working hard to deliver their best IT Security knowledge to the students to make them best for the IT industries. The uniqueness of Sytech Labs is sharing their knowledge with students by conducting various workshops across globe. They also provide Vulnerabilities Assessment & ™

April 2018

Sandeep Mudalkar Founder & CEO

Penetration Testing (VAPT) training programs along with job assistance for eligible students. They are also creating awareness about the scope of this in the market by conducting various workshops & seminars. The organization conducted two weeks of training program for Indian Army on Cyber Security and it’s best practices, Cyber Forensics, Information Security & Legal Compliance. Certification programs offered at their training center are Certified Ethical Hacking, Certified Forensic Expert, Certified Information Security Expert, Certified Network and Its security Penetration Testing, Certified Cyber Law, Cyber Sense. SecuredFuture of Sytech Labs The cyber threats will certainly pose a significant challenge to IT professionals across all sectors with the increase in technologies such as cognitive computing, and big data analytics. Besides the IoT is further influencing the increasingly connected world in unprecedented ways. While talking about the future steps that are taken on cybercrimes by the organization,Sandeep states “Our goals is to be one among the best cyber security experts over India, trying hard to get tie-up with various governments across India as there are many flaws in government systems & apart from this we are focusing on M-Commerce & ECommerce projects etc.”