SME Channels February 2019 by SME Channels

PLUS

Fortinet Rolls out Next-Generation Firewalls to Deliver Intent-based Segmentation /06 www.smechannels.com

India’s leading IT magazine for channel business VOLUME 09 | ISSUE 12 | PAGES 44 | FEBRUARY 2019 | RS. 20/-

SME CHAT / 19 Unistal: Our products are designed to prevent data leakage and provide protection against various types of cyber threats.

SECURITY /22 FORTINET: Preparing for

Cyber Threats in 2019

SECURITY /24 Check Point: Check point’s infinity architecture provides gen v security securing assets of organizations

THE CHANGING

IT SECURITY LANDSCAPE Data security continues to become complex with the each passing day, but many companies have the propensity of softpedal the risks. ..... /26

ONE SUPPLIER, TWO SUPPLIERS, THREE SUPPLIERS FOUR… FINDING THE RIGHT SECURITY PARTNER can sometimes feel like a never ending children’s game. One for small business, another for mid-sized and yet a third for my large enterprise customers. Fortinet is the only company that offers the full range of solutions that are needed in today’s environment, solutions that seamlessly scale from small business to large enterprise. The Fortinet Security Fabric architecture ensures that organizations of all sizes can equally be protected without compromise. Fortinet is there for you with no need for any games. For details contact: North: Sanjeev Tyagi, E-mail: styagi@fortinet.com, M: +91 98105 00157 South: Binu Ninan, E-mail: bninan@fortinet.com, M: +91 98400 36767 West, East, Central: Navin Mehra, E-mail: nmehra@fortinet.com, M: +91 98925 60700

FORTINET SECURITY FABRIC A Security Architecture that’s Broad, Integrated and Automated

www.fortinet.com/whyfortinet

PLUS

India Most Digitally Mature Country in the World: Dell /06 www.smechannels.com

India’s leading IT magazine for channel business SECURITY/36 EMERGING CYBER SECURITY CHALLENGES – NEW THREAT LANDSCAPE

SECURITY/20 CYBER AWARENESS

SECURITY

/39 4 WAYS TO PROTECT YOURSELF FROM CYBER CRIMINALS WHEN SHOPPING ONLINE

MY EXPERIENCE EDITORIAL

LOOKING BEYOND BOUNDARIES SANJAY MOHAPATRA

sanjay@smechannels.com

We just started our 2019 journey of events from Bangladesh. The event is Enterprise It World and Infosec Foundation Global Security Symposium & Cyber Sentinel Awards 2019. A great experience to do it because after doing some events in overseas market – specially in Dubai, we were under impression that it is the only exciting market in the APAC region but amazing Bangladesh growing at nearly 8% more than any other country – courtesy garment exports of the country, manufacturing of generic medicines and growth of banking sector among others. But along with growth the country is seeing huge cyber attacks from the hackers. Therefore, opportunity of doing business in Bangladesh is also great. Bangladesh is the second largest exporter of garments to the global market after China, it has huge manufacturing units of generic medicines, it is also becoming stronger in contact center and call center services. Bangladesh has also embarked upon strong digital journey. It means ICT market in Bangladesh is on rise. I was speaking to Mr. M. A. Mannan, Honorable Minister, Ministry of Planning, Republic of Bangladesh about the country’s stride on it path. He expressed his happiness that a journalist is taking interest in Bangladesh economy. He quipped, “You invest in our country, we will give you all support whatsoever to make your business successful… take all profit and give a very little profit to us. But I assure you that if you invest $1 dollar, we will offer you opportunity of $2 dollar. We have a huge skilled population to help you. Do not be worried.” My sense is our neighbour wants to compete with India which is really healthy can be another land where our partners and principals can explore. It is only 45 minutes flight from Kolkata and food habit is like India. You won’t feel like out of the country except the airport is little crowded.

Bitdefender Endpoint Security Solution BITDEFENDER ‘GRAVITYZONE ULTRA SUITE’ is a complete Endpoint Security solution that uncovers and stops elusive threats with Detection and Response (EDR) that works. GravityZone Ultra integrates layered next-gen endpoint protection and easy-to-use EDR platform to accurately protect enterprises against even the most elusive cyber threats. It offers prevention, automated detection, investigation and response tools so enterprise customers can protect their digital assets and respond to these threats. GravityZone Ultra excels where most products are too complex and resources intensive. GravityZone Ultra sharply limits the number of incidents requiring manual analysis, reducing the operational effort required to run an EDR solution.

SPECIFICATION: IT PROTECTS DESKTOPS, LAPTOPS, SERVERS (PHYSICAL AND VIRTUAL) AND MAILBOXES. SERVERS SHOULD ACCOUNT FOR LESS THAN 35% OF ALL UNITS. FINAL WORDING: Overall, the Software uses adaptive-layered architecture that includes endpoint controls, prevention, detection, remediation and visibility. OVERALL RATING

SME CHANNELS FEBRUARY 2019

contents

Trusted Advisor of Channel Business

VOLUME 09 ISSUE 12

2019

JAN ER COV RY STO

Publisher: Sanjib Mohapatra Editor: Sanjay Mohapatra Associate Editor: Deepak Singh Sub Editor: Aritra Ghosh Designer: Ajay Arya Assistant Designer: Rahul Arya, Deepak Kumar Web Designer: Vijay Bakshi Technical Writer: Manas Ranjan Satya Sagar Sinha Lead Visualizer: DPR Choudhary MARKETING Marketing Manager: Nidhi Kujur, Priyanka Circulation and Printing: Panchanan Bhoi SALES CONTACTS Delhi 6/102, Kaushalya Park, Hauz Khas New Delhi-110016 Phone: 91-11-41055458 / 8587835685 sanjeev@smechannels.com Bangalore #28/1, 3rd Floor, Sri Lakshmi Krupa, Near Shamanna Park, Model House Street, Basavanagudi, Bangalore - 560004 Ph. No. +91 88618 21044 Mumbai Tahmeed Ansari 2, Ground Floor, Park Paradise, Kay-Bees CHS. Ltd.,Opp. Green Park, Oshiwara, Andheri (west), Mumbai - 400 053. Ph. +91 22 26338546, Fax +91 22 26395581 Mobile: +91 9967 232424 E-mail: Info@smechannels.com Kolkata S Subhendu BC-286, Laxmi Apartment, Kestopur Kolkata-700101 Phone: 9674804389

THE CHANGING IT SECURITY LANDSCAPE /26 Data security continues to become complex with the each passing day, but many companies have the propensity of softpedal the risks.

EDITORIAL OFFICE Delhi: 6/103, (GF) Kaushalya Park, New Delhi-110016, Phone: 91-11-41657670 / 46151993 editor@smechannels.com Bangalore Bindiya Jadhav #28/1, 3rd Floor, Sri Lakshmi Krupa, Near Shamanna Park, Model House Street, Basavanagudi, Bangalore - 560004 Ph. No. +91 88618 21044 E-Mail bindiya@ accentinfomedia.com Skype ID: b1diyajadhav

CASE STUDY MATRIX / 31

”A MANUFACTURING GIANT IN MAHARASHTRA TRUSTS MATRIX VIDEO SURVEILLANCE FOR 24X7 SECURITY”

SECURITY / 40

”Threat Hunting - Need of the hour!”

SECURITY / 38

”The Need for Standardization in Digital Services Delivery”

Printed, Published and Owned by Sanjib Mohapatra

more inside Editorial~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 03

Place of Publication: 6/101-102, Kaushalya Park, Hauz Khas New Delhi-110016

Phone: 91-11-46151993 / 41055458 Printed at Karan Printers, F-29/2, 1st

Snippets~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~ 06

floor, Okhla Industrial Area, Phase-2, New

Products~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~41

SME CHANNELS

All payments favouring: Accent Info

FEBRUARY 2019

Media Pvt. Ltd.

SNIPPETS PRODUCT | CHANNEL | CONSULTING | SERVICES

for more log on to smechannels.com

India Most Digitally Mature Country in the World: Dell According to the latest Dell Technologies Digital Transformation Index, India is the most digitally mature country in the world. However, businesses in India still

have a lot of work to do. Leaders in India are more aware of the need to prioritize digital transformation throughout their organization: 91% of the business leaders believe that

digital transformation should be more widespread, compared to78% globally. Almost half (48%) (51% globally), believe they’ll struggle to meet changing customer demands

within five years. Dell Technologies, in collaboration with Intel and Vanson Bourne, surveyed 4,600 business leaders (director to C-suite) from mid- to large-sized companies across the globe to score their organizations’ transformation efforts. The study revealed that emerging markets are the most digitally mature, with India, Brazil and Thailand topping the global ranking. In contrast, developed markets are slipping behind: Japan, Denmark and France received the lowest digital maturity scores. “In the near future, every organization will need to be a digital organization, but our research indicates that the majority still have a long way to go. Organizations need to modernize their technology to participate in the unprecedented opportunity of digital transformation. The time to act is now” says Michael Dell, chairman and CEO of Dell Technologies.

Fortinet Rolls out Next-Generation Firewalls to Deliver Intent-based Segmentation Fortinet has announced its new high-performance FortiGate Next-Generation Firewalls (NGFWs), comprised of FortiGate 3600E, FortiGate 3400E, FortiGate 600E and FortiGate 400E Series, enabling organizations to implement Intent-based Segmentation into their security architecture.

SME CHANNELS FEBRUARY 2019

Intent-based Segmentation allows organizations to achieve granular access control, continuous trust assessment, end-to-end visibility and automated threat protection. In addition to delivering Intent-based Segmentation, FortiGate 3600E offers 30Gbps threat protection and 34Gbps SSL inspection performance.

FortiGate 3400E offers 23Gbps threat protection and 30Gbps SSL inspection performance. FortiGate has a longstanding trajectory of earning NSS Labs Recommended ratings in the Next-Generation Firewalls group tests given its high SSL inspection performance with minimal performance degradation as one

of the reasons. “The new FortiGate 3400E and 3600E Series provide industryleading threat protection and SSL inspection performance allowing customers to implement a holistic end-to-end architecture” says Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet.

SNIPPETS

Sestek Becomes Avaya DevConnect Technology Partner Sestek, a provider of speech-enabled smart technologies, has become an Avaya DevConnect Technology Partner. Through direct R&D engagement, deep product integration, and strong support relationships, the Avaya DevConnect ecosystem delivers a wider range of technology options for Avaya users to drive their business forward and provide value to their customers, from ready-made solutions validated for interoperability to custom-tailored applications. By joining the Avaya DevConnect Program, the two companies will explore uses of Sestek’s advanced technologies with Avaya’s leading communications platforms. Sestek

will develop enhanced applications for Avaya platforms to provide customers with end-to-end solutions that address the evolving business challenges posed by digital transformation. Avaya’s DevConnect Program is intended to drive expansion of the open and agile Avaya application ecosystem so that more fully formed solutions can be delivered through its platforms. The program is designed to deliver more customer-centric outcomes for technology buyers, who can be confident that they are gaining access to the most advanced and innovative technologies they need to deliver solutions across the business.

NetApp Powers Ducati’s Team for the 2019 MotoGP Championship NetApp confirms second year as official sponsor for the 2019 MotoGP World Championship. NetApp will renew its official sponsorship of the Ducati Team in the 2019 MotoGP World Championship, enabling the digital transformation of motorcycle racing. The new Ducati MotoGP team was presented officially on Friday, January 18, in Neuchâtel (Switzerland). Data-driven technological developments on the racing bikes will boost the performance of factory riders Andrea Dovizioso and Danilo Petrucci, supported by test rider Michele Pirro. As a data-driven company, Ducati began its partnership with NetApp last year to take advantage of the full potential of data in racing within the Ducati Corse division. It recently expanded the partnership to analyze vast amounts of data throughout its business, including in logistics, marketing and customer relationship management. Through the partnership, NetApp’s engineers are working closely with Ducati’s IT team to optimize their data fabric and meet the motorcycle manufacturer’s unique, rapidly expanding data storage and data management needs.

SME CHANNELS FEBRUARY 2019

Cryptominers Hit 10x More Organizations than Ransomware in 2018: Check Point Check Point has published the second instalment of its 2019 Security Report. It highlights how the tools and services used to commit cyber-crime have become democratized, with advanced attack methods now available to anyone willing to pay for them, as part of the growing ‘malware-asa-service’ industry. The Security Report reveals the key cyber-attack trends observed by Check Point researchers during 2018, and shows the significant growth in stealthy, complex attacks designed to stay below the radar of enterprise security teams. It also shows the types of cyberattacks which enterprise IT and security teams’ rate as the biggest threats to their organizations. Cryptominers infected 10x more organizations than ransomware in 2018, but only one in five IT security professionals were aware their company’s networks had been infected by mining malware.

Array Contributes to Smart Cities Mission MY POINT

“NEVER HAVE WE SEEN CUSTOMER EXPECTATIONS OR TECHNOLOGY CHANGING AS RAPIDLY AS IT IS TODAY, WE ARE THRILLED TO BE ADDING THESE PROVEN ENTERPRISE LEADERS TO ZENDESK SO WE CAN HELP MORE COMPANIES AROUND THE WORLD TRANSFORM THEIR CUSTOMER EXPERIENCES.” MIKKEL SVANE, ZENDESK FOUNDER AND CEO.

Array generates $5 million revenue from smart cities projects, targets $9Mn by 2019. Array Networks is supporting ‘100 Smart Cities Mission’ initiated by the Union Government of India. The company has been involved in various stages of implementation for multiple cities namely Nagpur, Ahmedabad, Davengere to name few. Smart cities projects have contributed to Array growth rate in 2018 of 40%. By the end of 2019, Array aims to be part of 20 more smart cities and targets on keeping the growth momentum. Smart infrastructures and smart Data Centers (DCs) are at the core of smart cities and they manage, coordinate, and rationalize the resources demanded. Array has assisted in devising futuristic data centers for smart cities by introducing unique concepts such as Hyperconvergence in networking into the DCs. Their advanced security solutions are designed with network security protocols like ECC. It enhances application security, and provides complete visibility into various threats and performance inhibitors, allowing organizations to make informed and proactive security decisions. Array’s hyper converged solution stack include ADC, Web application firewall , DDoS , Web vulnerability scanner , SSLi & Array MARS Visibility & analytics tool

SNIPPETS

Bosch Opens Center for Data Science and Artificial Intelligence

Aspire Systems acquires UAE-based iApps and the Oracle Business Unit of Valforma

The Robert Bosch Center for Data Science and Artificial Intelligence was inaugurated at the Indian Institute of Technology Madras. Bosch will invest 20 crores over five years in the center. The mission of the new center is to create societal impact through multidisciplinary interactions with government, academic, research and industrial collaborators on core challenges in Data Science (DS) and Artificial Intelligence (AI). The RBC-DSAI will undertake foundational research in many areas of AI and Data Science, including deep learning, reinforcement learning, network analytics, interpretable machine learning, and domain aware AI. The areas of activity include research projects, knowledge management and dissemination, outreach projects, and setting up collaborative facilities and laboratories.

Aspire Systems, announced the 100% acquisition of iApps, an Oracle Fusion Cloud specialist, based in UAE. In addition, Aspire is also acquiring the Oracle Business Unit from Valforma Technology Services Private Limited. iApps is an Oracle Platinum Cloud Standard Partner with deep expertise in Oracle Fusion ERP, HCM CX, Oracle PaaS and Omni-channel Contact Center. The acquisition of iApps and Valforma will help Aspire service mid-size and large enterprises in their move to the cloud from on-premise applications. These acquisitions also enable Aspireâ&#x20AC;&#x2122;s focussed effort to address the postmodern ERP strategy that involves surrounding core ERP solutions with best-in-class cloud solutions to enable faster processing, better collaboration and easier-to-use analytics. Aspireâ&#x20AC;&#x2122;s global customers will now be able to leverage the Oracle Fusion Cloud expertise of iApps and Valforma combined with the highly specialized Cloud & Digital Services capability that Aspire offers. In addition, the capabilities of iApps and Valforma will also help Aspire develop cloud-based IPs including iEstate, iAutodealer, iPublish, iQuote, and iEnergy which are industry-specific Oracle Fusion Cloud implementation accelerators.

GLOBAL IT SPENDING TO REACH $3.8 TRILLION IN 2019

EXECUTIVE MOVEMENT DigitalOcean has appointed Barry Cooks as chief technology officer.

All Segments Forecast to Exhibit Growth in 2019 Despite Recession, Brexit Threat

Table 1. Worldwide IT Spending Forecast (Billions of U.S. Dollars)

2018 SPENDING

2018 GROW (%)

2019 SPENDING

2019 GROWTH

2020 SPENDING

2020 GROWTH (%)

(%)

DATA CENTER SYSTEMS

202

11.3

210

4.2

202

-3.9

ENTERPRISE SOFTWARE

397

9.3

431

8.5

466

8.2

DEVICES

669

0.5

679

1.6

689

1.4

IT SERVICES

983

5.6

1,030

4.7

1,079

4.8

1,399

1.9

1,417

1.3

1,439

1.5

3,650

3.9

3,767

3.2

3875

2.8

COMMUNICATIONS SERVICES OVERALL IT

SOURCE: GARTNER (JANUARY 2019)

10 SME CHANNELS FEBRUARY 2019

mjunction has appointed Vinaya Varma as Managing Director and CEO of mjunction services limited,

Sophos has appointed Gavin Struthers as its regional vice president for Asia Pacific and Japan.

Agrahyah Technologies has roped in Naveen Kallur as Business Head.

STEP UP TO TH 5 GENERATION CYBER SECURITY THE FUTURE OF CYBER SECURITY IS HERE Take a look at the 2019 Cyber Security Report , Threat Trend Analysis : https://www.youtube.com/watch?v=zp6L7tQaNEY Know how you can become Check Point Partner : https://www.checkpoint.com/partners/channel/

CLOUD MOBILE

PARTNER LOGO HERE

T H R E AT P R E V E N T I O N CALL TO ACTION

To know more : Visit www.checkpoint.com Reach us at : marketing_india@checkpoint.com Follow Us:

SNIPPETS

HPE Enables Gujarat’s Largest Public Hospital offer Seamless Healthcare Delivery SVPIMSR has selected HPE SimpliVity 380 for its centralized datacenter infrastructure to host their mission critical applications The recently inaugurated Sardar Vallabhbhai Patel Institute of Medical Sciences and Research Hospital (SVPIMSR), Ahmedabad, Gujarat has selected HPE SimpliVity 380 for its centralized datacenter infrastructure to host their mission critical applications including the integrated Hospital Information System (iHIS), Virtual Desktop Infrastructure (VDI) and more. Managed by the Ahmedabad Municipal Corporation (AMC), SVPIMSR features 32 Operating Theatres, 139 Intensive Care Units, and over 1600 beds spread across 18 floors. In addition to offering high quality healthcare services to the people of the region, the state-of-the-art facility is designed to meet the future demands of patients with a continued focus on their care, safety and satisfaction.

RP tech India Enters into Cloud Business with Acquisition of ZNet Technologies RP tech India (a division of Rashi Peripherals Pvt Ltd) has acquired Cloud Services Provider ZNet Technologies. With this partnership, RP tech India will now offer ZNet’s cutting-edge Cloud services and solutions to potential SMB and Enterprise customers in India. According to the terms of the acquisition, RP tech India will take a majority stake in ZNet and will invest in enhancing R&D capabilities and upskilling technical manpower to support latest technologies like Cloud, IoT, AI etc. ZNet will continue to operate as an independent legal entity and various existing brands of ZNet will continue to operate as normal. Founded in 2009, ZNet Technologies is the leading provider of IT and Cloud solutions. The company offers a wide range of services from domains to high-end Cloud infrastructure managed services under the ZNetLive brand. It offers infrastructure services from leading cloud vendors like Microsoft, AWS, Alibaba, Google and its own Data Centre based offering to its customer base. ZNetLive powers well over 90K+ websites and applications globally and is one of the very first Microsoft CSP in India.

Palo Alto Networks to Boost Channel Growth Palo Alto Networks announced several enhancements to its NextWave Partner Program, which will boost program flexibility, fuel long-term growth and enable the expansion of partner-led services. Palo Alto Networks introduced new options for partners to grow their businesses with streamlined program levels, tiered discount structures, and new partner incentives aimed at boosting margins and profitability. Palo Alto Networks rolled out a new dedicated Managed Services Program, providing partners a clear path for capitalizing on the rapidly growing managed services opportunity. Palo Alto Networks has automated systems and processes to make doing business easier. These advancements simplify the quoting and approval process to accelerate the sales cycle and improve the overall partner experience.

HARMAN Professional Solutions Extends their Indian Enterprise Portfolio Distribution Rights HARMAN Professional Solutions announced their distribution partnership with Brightstar India to include HARMAN installed solutions for their enterprise portfolio in India. Brightstar India has an existing relationship with Harman Lifestyle division and this partnership will enable Brightstar to deal in the complete range of professional Installed audio and video products for the enterprise business. “HARMAN is a global leader in end-to-end AV solutions and we are excited about this partnership, inclusion of complete range of JBL, AMX, SVSi, BSS, Dbx, AKG, Crown, and Soundcraft will now help our partners to supply a complete audio-video automation solution from Harman which end-customers have been asking for a long time. We will also be the onestop-shop for all HARMAN preferred partners in enterprise business” said Sanjeev Chhabra, Managing Director, Brightstar India.

12 SME CHANNELS FEBRUARY 2019

Unistal Launches High Level Security Solution for SMEs Unistal Systems has launched Protegent Enterprise Security Solution/Activity Reporter with an aim to provide high-level security for SMEs and large enterprises. This software is helpful for organizations in complying with GDPR norms by keeping track of the employees’ activities and monitoring all the connected devices in the network. “Nowadays, data has become one of the most important aspects for any company and it is a challenge for them to keep it safe and secure. With our product, enterprises can actively monitor all the connected devices in a network. Activity Reporter also gives the administrator the choice to see the screen of the user’s system with just a single click. Its unique features will act as a foil for anyone who wishes to do any fraudulent activity in the organization” said Alok Gupta, Co-founder and Managing Director at Unistal Systems Pvt Ltd. Activity Reporter is an effective employee performance monitoring software, which captures the data on employees’ active and idle time during the office hours. This software will make it easier for the HR department to ensure that the corporate costs spent on employees are not wasted. The software will also help management to better understand each employee’s strengths & weaknesses and eradicate the unproductive behavior.

WE’RE NOT JUST FIREWALLS. SonicWall automated, real-time breach detection and prevention layers proven cybersecurity across your entire organization. You know SonicWall because of our rich history designing high-performance firewalls. But like your organization, SonicWall has evolved. Today, the modern SonicWall Capture Cloud Platform delivers automated, real-time breach detection and prevention to safeguard your business or organization. With this layered approach, you can stop the most malicious cyberattacks, including ransomware and encrypted threats, from compromising your network and damaging your brand.

Physical & Virtual Firewalls

Multi-Engine Cloud Sandbox

Public & Private Cloud Security

Endpoint Protection

Secure Email

Cloud Application Security

SD-WAN

Web Application Firewall

Secure Remote & Wireless Access

Unified Management & Reporting

For more information about SonicWall solutions, contact india@sonicwall.com or visit www.sonicwall.com

© 2019 SonicWall Inc. ALL RIGHTS RESERVED. SonicWall is a trademark or registered trademark of SonicWall Inc. and/or its affiliates in the U.S.A. and/or other countries. All other trademarks and registered trademarks are property of their respective owners.

SNIPPETS

Xerox Enables Customers to Go Beyond CMYK with Brilliant New Colors at PrintPack 2019 Print providers, designers and marketers in India got a closer look at the business building opportunities presented by the Xerox Iridesse Production Press at PrintPack 2019 which took place from Feb. 1 to 6, 2019. Iridesse is the only digital press that can print metallic gold or silver dry ink, CMYK and clear or white dry ink in a single pass, giving print providers an immediate competitive edge in the growing digital print enhancement market. “The launch of our flagship device, the Iridesse Production Press, and the overwhelming response received from customers is surely one of the key highlights from 2018,” said Vineet Gehani, director, Technology and Channels, Xerox India. “We’re focused on developing the technology and solutions our customers need to boost business opportunities and drive revenue to new heights – and Iridesse is the perfect example as it helps our customers lead the way in beyond CMYK printing.”

Vertiv takes Mission Critical Solutions on Wheels to Next Level with India Partners

Acronis Appoints Sea Infonet as Distributor for India Acronis has appointed SEA Infonet as a key distributor in India. SEA Infonet will be responsible for promoting and distributing the complete range of Acronis’ on-premises, cloud-based, and consumer cyber protection solutions, including Acronis Backup for businesses and enterprises, Acronis Data Cloud for service providers, and Acronis True Image for home users. “We welcome SEA Infonet joining our team and we are excited they will be supporting our presence in India. Both our companies are committed to helping businesses and consumers take advantage of secure and efficient cyber protection solutions – and with this alliance, they now can,” said Maxim Mitrokhin, Acronis General Manager of Channel Sales in APAC. “We are very excited to partner with Acronis. We are emerging as a leading VAD in India with a channel partner base of 650+ across the country – and have a great platform to build the channel ecosystem for Acronis. Advancing our partnerships with managed service providers and cloud providers in India would be one of the key focus business lines,” said Biswajeet Saha, CEO of SEA Infonet.

Vertiv has launched ‘Vertiv Xpress – Partner Drive’ to showcase its complete stack of critical infrastructure solutions to its partner network and customers in India. Kicked off in Delhi on 21st January 2019, the multicity initiative will engage partners through unique programmes, and work on collectively growing the partner’s business in a fast and evolving digital landscape. Vertiv aims to further enhance its engagement in the Indian market and build a strong channel network across the country. The Vertiv Xpress, a 52-foot trailer will showcase a range of infrastructure solutions and give a view of the company’s vision to stakeholders. Announcing the launch of Vertiv Xpress – Partner Drive, Sunil Khanna, president and managing director, Vertiv India, said, “India is a key region for Vertiv and through this traveling Xpress we’re able to work closely with our partners and customers to help them get ahead in the market. Evolving with trends around data centres, we plan to invest more in terms of product innovation as well as research and development in the near future. With the Vertiv Xpress initiative we will showcase our energy efficient solutions that will change the way businesses address their efficiency needs.”

Two-Thirds of Retail Store Associates Can Provide Better Customer Service with Tablets: Zebra

HID Global Retransfer Printer for ID Card Personalization is First of its Kind

Zebra Technologies Corporation has revealed the results of its 11th annual Global Shopper Study, analyzing the attitudes, opinions, and expectations of shoppers, retail associates and retail decision makers. The results show that two-thirds (66 percent) of surveyed associates believe that if they are equipped with tablets, they could provide better customer service and improve the shopping experience. Fifty-five percent of surveyed retail store associates agree that their company is understaffed, and nearly one-half (49 percent) feel overworked. Store associates cite frustration with their inability to assist customers as 42 percent find they have little time to help shoppers because of pressure to get other tasks completed. Another 28 percent claim that it’s difficult to get information to help shoppers. Most surveyed retail decision makers (83 percent) and store associates (74 percent) concur that shoppers can have a better experience with technology-equipped sales associates.

HID Global announced that it’s HID FARGO HDP6600 High Definition Printer and Encoder is the first and only retransfer printing solution for ID card personalization that has GreenCircle certification. The HDP6600 printer achieves its breakthrough energy efficiency using a design that also delivers the fastest overall throughput speeds and shortest time until the first card is printed. Sustainability is further improved through an optional wasteless lamination module that dramatically reduces the waste byproducts that other printers generate. The module cuts consumables costs nearly in half for printed and laminated cards.

14 SME CHANNELS FEBRUARY 2019

SNIPPETS

Kodak Alaris and Newgen Software Announce Global Strategic Alliance Kodak Alaris and Newgen SoftwareTechnologies announced a new global strategic alliance that will provide their customers and channel partners with access to best-in-class solutions to help organizations drive digital business. Under the agreement, Newgen and Kodak Alaris will expand, connect and grow their network by jointly recruiting partners with similar profiles to help sell their solutions. Kodak Alaris scanners are now included on the Newgen certified document scanner list. The alliance is expected to generate new business opportunities for channel partners that work with Alaris and Newgen across geographies, vertical markets, and applications. It positions Alaris and Newgen as partners of choice for customers around the world looking to leverage the power of their information, reduce cost, save time and optimize business processes. Kodak Alaris enables organizations to automate business processes and take complexity out of information capture.

eScan Rolls Out New Deals to Bring Channel Partners More Closer to the Brand eScan has introduced a special incentive program for the channel partners that include various gifts like gold coins, silver coins and gift vouchers to be claimed by the partners. This program is designed to reward the channel partners for their contribution towards the growth of eScan products. The offer is valid for all the sales made from 1st January to 31st March 2019. The specially designed program is valid on purchase of eScan’s products for Small Office & Home segments. This segment includes products like eScan Anti-Virus with Cloud Security, eScan Internet Security Suite, eScan Total Security Suite etc. However the offer is not applicable on eScan Anti-Virus with Total Protection. eScan values its relationship with the channel partners and with this scheme rewards their commitment for their contribution to make the company reach the end users. This special offer has been created to encourage partners to participate in the program and get various gifts with a minimum purchase of Rs.5,000 onwards up to Rs.50,000. The partners have to register themselves on the Touch Point Network (TPN) Reward program, created by eScan for more benefits to the partners.

TechnoBind Empowers Partners TechnoBind conducted 2 city partner’s meet in Mumbai & New Delhi. Attended by over 70+ channel partners, the event was targeted to educate and help partners capitalize on future opportunities in enterprise security space. Being a distributor for Gemalto’s range of solutions since 3 years, TechnoBind has delivered exponential growth in the Indian market. With Gemalto SafeNet Identity and Data Protection solutions for enterprise security, organizations can take a data-centric approach to their security posture, all while controlling access to the infrastructure and applications they rely upon. Not only can they create trust and authenticate their transactions, but they can ensure that sensitive data is protected and controlled – both on-premises and in public and private clouds. In addition to a heightened level of protection, enterprises are also able to improve business efficiencies and scale to the identity and data protection needs of tomorrow.

India Sixth in GDPR Readiness index: Cisco Cisco’s 65% of Indian organizations better prepared for GDPR, making India the sixth leading nation in readiness index its 2019 Data Privacy Benchmark Study which placed India amongst the leading nations globally in their preparedness towards the General Data Protection Regulation (GDPR) According to the report, organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments. The study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data breaches. The European Union’s General Data Protection Regulation, which focused on increasing protection for EU residents’ privacy and personal data, became enforceable in May 2018.

16 SME CHANNELS FEBRUARY 2019

DIGEST UNISTAL CELEBRATES 25 GLORIOUS YEARS OF SERVING EXCELLENCE. Unistal Systems Pvt. Ltd., the developer and provider of Antivirus, data care, data recovery, data security software and Oil & Gas solutions, recently celebrated 25 glorious years of serving excellence. The pompous celebrations started at 7 p.m. at the Crowne Plaza Hotel, New Delhi. The company shared its success stories and recognised the contribution of mentors, employees, partners, vendors, friends and family for their continuous support. The event was graced by the presence of well-known dignitaries from top corporates, partners, OEM heads and media houses.

LARSEN & TOUBRO INFOTECH ACQUIRES RULETRONICS Ruletronics enables businesses to transform and evolve digitally by providing innovative BPM and CRM solutions leveraging Pega Platform. Their current industry strength lies across Insurance, Banking, Healthcare and Retail segments. The company offers unique product based offerings for Disability Claims management, KYC Bulk Remediation, and Insurance Sales & Service applications. The acquisition will strengthen LTI’s rapidly growing digital business with a suite of capabilities in Pega implementation space around establishing BPM Roadmap & Strategy, Customer Services, RPA and Decisioning.

ATEN TURNS 40, CELEBRATES ITS PASSION FOR EXCELLENCE ATEN reached another milestone this year, celebrating 40 years of successful global business. Initially established as HOZN Automation Co. Ltd. in 1979 and later renamed in 1988 as ATEN International Co. Ltd, ATEN is one of the largest KVM switch manufacturers in the world. All ATEN products are ISO 9001 and ISO 14001 certified. Imbued with the core values of Integrity, Caring, Ambition, and Novelty (ICAN), ATEN has been creating new innovative products and solutions to address the changing demands of customers across decades.

BITDEFENDER RELEASES ENDPOINT SECURITY SOLUTION Bitdefender has rolled out its newest software ‘GravityZone Ultra Suite’ a complete Endpoint Security solution that uncovers and stops elusive threats with Endpoint Detection and response (EDR) that works. GravityZone Ultra integrates layered next-gen endpoint protection and easy-to-use EDR platform to accurately protect enterprises against even the most elusive cyber threats. It offers prevention, automated detection, investigation and response tools so enterprise customers can protect their digital assets and respond to these threats. GravityZone Ultra excels where most products are too complex and resources intensive. GravityZone Ultra sharply limits the number of incidents requiring manual analysis, reducing the operational effort required to run a EDR solution. Cloud-delivered and built from the ground up as an unified, single agent/single console solution, it’s also easy to deploy and integrate in the existing security architecture.

SNIPPETS

Check Point Launches Maestro Check Point introduced Check Point Maestro, the industry’s first truly hyperscale network security solution. Check Point Maestro enables businesses of any size to enjoy the power of flexible cloud-level security platforms, and to seamlessly expand their existing security gateways to hyperscale capacity. “Check Point Maestro extends the Gen V security capabilities of our Infinity architecture into hyperscale environments. It ensures organizations can secure their dynamic, evolving environments without limits, now and in the future, The principle behind Maestro is very simple: it enables organizations to start with their existing security implementations, no matter how small, and scale their protection almost infinitely according to their changing business needs” said Itai Greenberg, VP of Product Management, Check Point.

Consul Neowatt Appoints Savex Technologies as National Distributor Consul Neowatt, the Global Indian UPS company has appointed Mumbai based Savex Technologies as National Distributor for its full range of power back up and power conditioning products. This alliance will help Consul Neowatt leverage the strength of Savex Technologies to expand its IT channel reach and for Savex to offer attractive power solutions to complement their Enterprise IT distribution business offerings. Savex is a 32-year-old organisation and is the largest Indian distribution house in India today catering to more than 7000 plus Channel partners/SI’s across India. They are head quartered out of Mumbai with 39 branch offices, 43 warehouses and 105 sales locations across India. Through this alliance Consul Neowatt would leverage Savex Technologies 7000+ partners across the country. The primary intent is to cover a larger region in India with multiple channels while providing access to a larger audience and secondly engage with new partners in larger cities as well as strengthening reach in high growth Tier – 2 and 3 regions.

Eurotech Launches BestNet 2-Post Frame Open Network Racks Eurotech Technologies has launched BestNet 2-post frame open network racks. The racks are suited for cabling and patching frames, intermediate distribution points and safely houses all networking equipment’s, ensuring complete convenience & flexibility. Available in 19” and 23” models the racks come with heights ranging from 27U to 42U. The 2-post frame open racks are made of strong and lightweight aluminium (6063-T6 alloy) extrusion or 2.0 mm steel. These racks have universal 5/8”-5/8”-1/2” vertical mounting hole patterns, which allow mounting of 19”equipment’s. Multiple racks can be bayed with the help of BestNet baying kit. The top and side frames are provided with cable entry cut-outs which allow effective routing of cables. Both the steel and aluminium models can be used to either fit 19” or 23” equipment’s. The units which can either be fitted on the floor or allowed to move are well suited for networking and data transmission applications. Used in open accessibility lab applications, these products can be modified and customized with the help of BestNet accessories to specific user requirements.

GajShield Only Indian Vendor in the Gartner’s 2018 Asia/Pacific Context GajShield Infotech is the only Indian vendor to be named in the Gartner’s 2018 Asia/ Pacific Context: ‘Magic Quadrant for Enterprise Network Firewalls’. GajShield is one of the few companies worldwide and the 1st Indian Firewall Product Company to have earned ICSA Labs Firewall Certification criteria 4.1. They are a leader in innovating security technologies like Context based Data Leak Prevention, Cloud Security, Zero-day Anti-Ransomware, OOPs based Management and more. GajShield’s approach of looking beyond traditional security solutions and focusing on Data First security strategy is a leap forward in the security solution industry that is helping enterprises to secure cloud and SaaS applications by implementing a Next Generation Fire Wall solution.

Portronics Launches “My Buddy Hexa” Portable Laptop Stand Portronics, a leading provider of innovative and portable gadgets has added “My Buddy Hexa” to its existing range of laptop stands. The brand has provided most ergonomically styled, strong and lightweight laptop stands and has set an industry standard over the last 5 years. Taking up to its stride, the company has launched - My Buddy Hexa that boasts of unmatched features like 7 adjustable levels which can be set up as per the user’s convenience. Being fan-less, it’s completely noiseless as it uses natural ventilation of your laptop. One of the best ventilation is the natural air ventilation that works with the laptop’s in-built fan to cool the laptop. Not only has it improved the lives of your laptop battery but also of the internal components like CPU and motherboard. Longer battery life is also caused by less battery charging cycles required. By improving your working posture on the desk and reducing strain on your neck by having right screen viewing angle, you can work longer and without any neck or back pain. Also, your fingers and wrists too get optimum 7 adjustable angles when typing on the keyboard which also reduces the fatigue. My Buddy Hexa is available at an affordable price-point of INR 699/- from online and offline stores.

SME CHANNELS 17 FEBRUARY 2019

SNIPPETS

Compuage & Microsoft Organize Multi-City events Compuage Infocom and Microsoft organized joint partner programs for the launch of Microsoft Cloud Solution Provider. Events were conducted in Mumbai, Pune, Delhi and Lucknow in the month of December. These events imparted knowledge on Microsoft Cloud Solution Provider’s usage and offerings. Speakers from Compuage & Microsoft demonstrated how partners can benefit with the cutting edge technology of cloud empowering the channel partners. Senior members from Microsoft as well as Compuage together made the events engaging and solved one on one queries of the partners. Over 200 unique partners attended the meets making it successful. Compuage& Microsofttogether plan to organize similar meets in Hyderabad, Ahmedabad, Indore and Raipur. Atul H Mehta –Chairman& MD, Compuage said “These meets are a superb platform for effective interaction and optimism for the road ahead. Moving forward, our strong relationships with our channel partners will pave the way for continued success in this important business segment alongside empowering them with cloud business opportunities.”

TSC Launches Cutting-Edge “Print Engine PEX-1000 Series” in India TSC Auto ID Technology has launched of its innovative Print Engine PEX-1000 Series. The latest series offers the Left-hand model (PEX-1100 Series) and the Right-hand model (PEX-1200 Series), to meet comprehensive print requirements. PEX-1000 Series print engine incorporates a robust die-casting structure with a stable media path which ensures outstanding print quality and accuracy. This model is specifically designed for integration with various label applicators making it highly compatible. It features three different levels of models that cover 203, 300 and 600 dpi resolutions. The PEX-1000 Series has a powerful peel-off capability which makes it an excellent choice for printing small labels. This model has a high-performance speed (up to 18 inches per second) and high connectivity which enhances the usability of the model. The rear-side drawer design makes for ease of maintenance and quick replacement. Leveraging the user experience and complex applications across industries, the PEX-1000 Series is ideal for manufacturing and logistics applications where high speed and mission-critical demand label printing is required.

DigitalOcean Launches Managed Databases DigitalOcean announced the launch of Managed Databases, with PostgreSQL as its first offering. The service will allow developers to create fully managed database instances in the cloud quickly and efficiently. DigitalOcean takes care of the setup, maintenance, configuration and security of databases, so developers can remain focused on creating great applications. “Our product development is driven by one vital question: How we empower developers to do more valuable work in less time, with Managed Databases, developers and their teams can focus on creating meaningful applications and sharing them with their communities, without the headache of having to manage the database infrastructure that enables the process. We do this all with an intuitive interface, full API support, transparent pricing, feature richness and flexible scalability” said DigitalOcean’s Senior Vice President of Product Shiven Ramji. As one of the company’s first fully-managed offerings, Managed Databases represents another key step in the company’s mission of becoming the Developer Cloud of choice for building modern apps

ACT Fibernet unveils new brand identity, enriches customer value RaamayaACT Fibernet, launched its new brand identity with the unveiling of the logo and tagline ‘Feel the Advantage’. The new brand identity represents ACT Fibernet’s differentiated approach towards offering innovative customer centric solutions that will enhance user experience and provide maximum value. In 2019, ACT Fibernet will expand its products, service offerings and partnerships across various categories, namely – ACT Advantage Entertainment, ACT Advantage Gaming, ACT Advantage Speed, ACT Advantage Service, ACT Advantage Smart Cities, and ACT Advantage community. ACT Fibernet will partner with content provider like ZEE 5 and Sony Liv amongst others to strengthen its content offerings. Being the preferred choice of every gaming enthusiast, ACT Fibernet is working with popular gaming cafes, gaming OEMs and gaming publishers to provide

18 SME CHANNELS FEBRUARY 2019

the highest quality gaming experience to users. Within the next six months, ACT Fibernet plans to launch its broadband services in multiple cities across North & West India, thereby expanding its footprint in the country. The company will also be launching a 24*7 call center and a unified call center number to address customers’ queries in real time. “We have always believed in providing our customers the best solutions through our products and services. Today, consumer needs and usage behavior is continuously evolving. Newer technologies are constantly being adopted and becoming mass-scale by the day, be it streaming or gaming or smart homes. It is therefore our responsibility to work in conjunction with the rapidly evolving

customer’s expectations and find feasible ways to serve them. We strongly believe that our new brand identity reflects this value and commitment we have towards our customers” said Bala Malladi, CEO, Atria Convergence Technologies Ltd. “Moving forward, we will be launching new products and services that our consumer’s desire. We are confident that with our pioneering fibernet connection, hyper fast speeds, new offerings and industry’s best customer service in place, we will successfully transform our customer’s experience enabling them to do and accomplish more. With ACT you can feel the Advantage” he added.

SME CHAT

ALOK GUPTA MANAGING DIRECTOR, UNISTAL SYSTEMS PVT. LTD.

OUR PRODUCTS ARE DESIGNED TO PREVENT DATA LEAKAGE AND PROVIDE PROTECTION AGAINST VARIOUS TYPES OF CYBER THREATS. Indian security market is growing at a rapid pace and it is going to grow much faster in the years to come. SME Channels spoke to Alok Gupta, Managing Director, Unistal Systems Pvt. Ltd. to know about his perspective.

What are some of the major challenges you see for the Indian market from security point of view? There are various challenges with which Indian enterprises are struggling to deal with. With digitisation and technology revolution going across the country, the Indian security market is most concerned about, l Fear of state-sponsored and financially motivated attacks l Need for security across the supply chain l Fear of corporate espionage, data theft l The sophistication of cyber-attacks, rise of cybercrime as a service l Constant upgradation and keeping abreast to latest/ next-gen developments & technology, thereby avoiding technological obsolescence l Lack of awareness on data protection, privacy and internal security threats l Complying with GDPR norms What will the threat landscape look like in over the next 12 months? The threat landscape will definitely going to rise as the hackers nowadays are much smarter than ever and this will give a sure shot rise in the number

of cyber-attacks and increase in the cases of cybercrime. What will be the biggest drivers for security spending in 2019? In past, we have seen many cyber-attacks where companies have paid billions of dollars to hackers in ransom. Many small and medium-size companies must shut their operations after becoming victim to the cyber-attack. This will certainly prompt companies to increase their spending in security. The other major factors which will contribute as a driver for security spending are, l Internal data thefts l Data Leak l Constant rise in Cyberattacks mainly ransomware l Other cyber threats l GDPR compliance l Proposed Data Protection Bill of India l Digitisation and streamlining the organisation in accordance with the latest technologies How do you see India as a market for your solutions? India has been our biggest contributor in terms of revenue since our inception. Presently, we are

“UNISTAL’S PROTEGENT ANTIVIRUS IS THE WORLD’S ONLY ANTIVIRUS WHICH COMES WITH INBUILT DATA RECOVERY OPTION” more focused on Tier II and Tier III cities as well as in North East India. Our channel partners are lending us great support in expanding our reach as well as taking our products to masses spread across the length & breadth of the country. Our products are designed to prevent data leakage and provide protection against various types of cyber threats. Also, we are providing solutions for data recovery and activity monitoring, which will have a great prospect for Indian markets in the coming days. What is your focus in the market - Channel market and CIOs/ CISOs Unistal believes that the channels are the core of our business, but we are also going ahead with our new products and solutions to target the CIOs and CISOs. With data security being a priority for every organization, we want to help the enterprises in tackling the challenges related to security & safety of their valuable data.

SME CHANNELS 19 FEBRUARY 2019

SECURITY

CYBER AWARENESS Mobiles phones are also part of the cyber space as all these smart devices interact with internet all the time for running various utilities and games.

ANIL CHIPLUNKAR,

LEAD AUDITOR ISO27001 (IRCA ACCREDITED), CERTIFIED FRAUD EXAMINER (CFE), CERTIFIED INFORMATION SECURITY MANAGER (CISM), CERTIFIED FORENSIC ACCOUNTING PROFESSIONAL (CFAP), CERTIFIED ANTI-MONEY LAUNDERING EXPERT (CAME), ASSOCIATE OF BUSINESS RESILIENCY CERTIFICATE CONSORTIUM INTERNATIONAL (ABRCCI). Anil has 33+ years

of experience in Information Systems and has been working in information security space for last 20+ years.

20 SME CHANNELS FEBRUARY 2019

The cyber space or cyber world is typically any the collaboration of all devices connected to internet. The internet provided many benefits to corporates, industries, governments, schools as well as individuals. However, it enabled malicious users to perform their activities using internet from anywhere in the cyber world and try to remain hidden. Today we all use internet services in some or the other forms including email, on-line applications, games on computers and mobiles, social media sites like Facebook, Twitter, and Instagram etc. and for many such functions. This necessitates use of internet in a secured, sensible, and safest possible way to avoid the risks posed by malicious users / applications present out there in the cyber space. Mobiles phones are also part of the cyber space as all these smart devices interact with internet all the time for running various utilities and games. The applications like google map allows the service provider to know mobile phones location including the path the person is taking to reach the destination. The games on mobile phones do ask for accessing multiple utilities like SMS, Address Book, Camera, WiFi etc. but all of the games may not really require these accesses. There is a possibility of a malware being installed by disguising as a game and can misuse these permissions. The popularity of mobile phones provided much wider attack surface that can be targeted by the malicious users. The users of computers and related tools are comparatively more aware about the cyber risks but the mobile phones being used practically by everyone including little children who do not have even a hint of the kind of cyber threats / risks. Theft or misplacing the mobile phones pose various security risks such as the information stored on these devices can be misused by the person getting hold of these devices. As stated by KnowBe4, “today, only about 3% of malware tries to exploit an exclusively technical

flaw. The other 97% target instead users through Social Engineering” RISKS Following is an indicative list of various risks which are posed via internet / because of interconnection of multiple devices to the cyber space i.e. internet. l Phishing / Spamming / Vishing / Executive Targeting – Sending unsolicited emails to a large audience and try to steal information or block the email server access by overloading the server by number of emails. Similar to emails, SMS or indiscriminate voice calls can also be used for carrying out the malicious activities. Advanced techniques in phishing are used to target specific individuals and this technique is called spear phishing or executive targeting l Impersonation – In the cyber space, it is comparatively easy to assume somebody’s identity and project different identity by hiding the original identity of the user. This is termed as impersonation and in the cyber world, it becomes challenging to verify the exact identity of a user unless strict controls are implemented. l Social Media Scamming – As the term indicates there can be various types of scams run by the malicious users using social media. The scams can be fake promotional sales, fake lotteries, fake work-from-home schemes, fake recruitment drives etc. l Targeted Malware (Exploits insertion / Bot Harvesters) – These are the applications targeted to harm specific companies’ / government departments / devices to paralyze the operations of the target. • Credentials theft – Malicious links shared via email, SMS, WhatsApp can be used to trick the user in giving away the user’s credentials like user ID, password, PIN number etc. l Physical access (such as tailgating) – This

SECURITY

BE SAFE – SPREAD THE AWARENESS – PROTECT YOURSELF AND THE COMMUNITY FROM THE CYBER RISKS includes following a legitimate user who has access to a restricted area with the aim of gaining unauthorized access to secured areas. l Shoulder surfing – When operating in public places or even cyber cafes, there is a possibility of someone overlooking the user’s shoulder to get information about the user’s credentials. l Dumpster diving – Is a technique used to gain information from the dustbin of the competitor as there are number of organization / departments just throw away old papers, devices without taking due care. l Social engineering – It is a technique used for exploiting the weakness in human psychology or behavior to gain illegitimate access to devices / information. There are people who are called as ‘social engineers’ and these personnel can use their skills in either way like to steal / misuse the data / information or to test the ‘possibility of exploitation’ and advise users / organizations for suitable

preventive measures. This is a very effective technique where the focus is not on technological weaknesses but more on human weaknesses. Prevention – key is “be ALERT” As discussed above, there are many risks present is the cyber space / world and they can be prevented by being alert, taking proactive care and using technical tools. l Protect devices with known / reputed antimalware application l User strong passwords for application and avoid using same credentials across multiple applications l Do not store user credential on devices including mobile phones l Do not share the credentials with anyone without any specific need l Do not post personal information on social media sites unless necessary or the site is trusted because the information shared over internet is

always available on the internet somewhere Take utmost care while accessing internet in public place as well as while communicating information l Do not join any open forums or reply to messages asking for information / funds without properly verifying the authenticity of the forum / messages l To protect the availability of critical information, take periodic backup of this information l Do not download any applications / games unless verified to be safe (there are various tools available to check the security) and while installing do provide the access to device functions carefully The cyber security can be as strong as the weakest link and in this case the weakest link is ‘human’ (all of us) so it is of utmost important to be a responsible user and follow all the preventive techniques. This will enable a safe cyber working experience. l

SME CHANNELS 21 FEBRUARY 2019

SECURITY

2019 PREPARING FOR CYBER THREATS IN

It is just important to remember that Artificial Intelligence and Machine Learning will soon be the same tools being leveraged against you, and to plan accordingly.

BY SANJAY MOHAPATRA sanjay@smechannels.com

o manage increasingly distributed and complex networks, organizations are adopting artificial intelligence (AI) and machine learning to automate tedious and time-consuming activities that normally require a high degree of human supervision and intervention. To address this transformation of the security ecosystem, the cybercriminal community has now clearly begun moving in the same direction. For many criminal organizations, attack techniques are evaluated not only in terms of their effectiveness, but in the overhead required to develop, modify, and implement them. As a result, many of their attack strategies can be interrupted by addressing the economic model employed by cybercriminals. Strategic changes to people, processes, and technologies can force some cybercriminal organizations to rethink the financial value of targeting certain organizations. One way that organizations are doing this is by adopting new technologies and strategies such as machine learning and automation to take on tedious and time-consuming activities that normally require a high degree of human supervision and intervention. These newer defensive strategies are likely to impact cybercriminal strategies, causing them to shift attack methods and accelerate their own development efforts. In an effort to adapt to the increased use of machine learning and automa-

22 SME CHANNELS FEBRUARY 2019

tion, we predict that the cybercriminal community is likely to adopt the following strategies, which the cybersecurity industry as a whole, will need to closely follow. 1. AI Fuzzing: Because they target unknown threat vectors, exploiting zero-day vulnerabilities is an especially effective cybercrime tactic. Fortunately, they are also rare because of the time and expertise needed by cyber adversaries to discover and exploit them. The process for doing so involves a technique known as fuzzing. Fuzzing is a sophisticated technique generally used in lab environments by professional threat researchers to discover vulnerabilities in hardware and software interfaces and applications. They do this by injecting invalid, unexpected, or semirandom data into an interface or program and then monitoring for events such as crashes, undocumented jumps to debug routines, failing code assertions, and potential memory leaks. Though using fuzzing to discover zero-day vulnerabilities has, so far, been beyond the scope of most cybercriminals, as AI and machine learning models are applied to this process it will become more efficient and effective. As a result, the rarity of zero-day exploits will change, which in turn will have a significant impact on securing network devices and systems.

2. Continual Zero-Days: While a large library of known exploits exists in the wild, our cyber adversaries are actually only exploiting less than 6% of them. However, to be effective, security tools need to be watching for all of them as there is no way to know which 6% they will use. Also as the volume of potential threats continues to grow, performance requirements will continue to escalate as the scope of the potential exploit landscape continues to expand. To keep up, security will need tools to be increasingly more intelligent about how and what they look for. While there are some frameworks like zerotrust environments that may have a chance at defending against this reality, it is fair to say that most people are not prepared for the next generation of threats on the horizon â&#x20AC;&#x201D; especially those that AI-based fuzzing techniques will soon begin to uncover. Traditional security approaches, such as patching or monitoring for known attacks, will become nearly obsolete as there will be little way to anticipate which aspect of a device can be potentially exploited. In an environment with the possibility of endless and highly commoditized zero-day attacks, even tools such as sandboxing, which were designed to detect unknown threats, would be quickly overwhelmed. 3. Swarms-as-a-Service: Advances in swarm-based intelligence technology

SECURITY

RAJESH MAURYA, REGIONAL VICE PRESIDENT, INDIA & SAARC, FORTINET.

“IN AN EFFORT TO ADAPT TO THE INCREASED USE OF MACHINE LEARNING AND AUTOMATION, WE PREDICT THAT THE CYBERCRIMINAL COMMUNITY IS LIKELY TO ADOPT THE FOLLOWING STRATEGIES, WHICH THE CYBERSECURITY INDUSTRY AS A WHOLE, WILL NEED TO CLOSELY FOLLOW.”

are bringing us closer to a reality of swarm-based botnets that can operate collaboratively and autonomously to overwhelm existing defences. These swarm networks will not only raise the bar in terms of the technologies needed to defend organizations, but, like zero-day mining, they will also have an impact on the underlying criminal business model, allowing them to expand their opportunity. Currently, the criminal ecosystem is very people-driven. Professional hackers build custom exploits for a fee, and even new advances such as ransomware-as-a-service requires black-hat engineers to stand up different resources. But when delivering autonomous, self-learning swarmsas-a-service, the amount of direct interaction between a hacker-customer and a black-hat entrepreneur will drop dramatically, thereby reducing risk while increasing profitability. 4. A la Carte Swarms: Dividing a swarm into multiple tasks to achieve a desired outcome is very similar to virtualization. In a virtualized network, resources can spin up or spin down virtual machine as needed to address particular issues such as bandwidth. Likewise,

resources in a swarm network could be allocated or reallocated to address specific challenges encountered in an attack chain. In a swarm-asa-service environment, criminal entrepreneurs should be able to pre-program a swarm with a range of analysis tools and exploits, from compromise strategies to evasion and surreptitious data exfiltration that are all part of a criminal a la carte menu. And because swarms by design include self-swarms, they will require nearly no interaction or feedback from their swarm-master or need to interact with a command and control center, which is the Achilles’ heel of most exploits. 5. Poisoning Machine Learning: One of the most promising cybersecurity tools is machine learning. Devices and systems can be trained to perform specific tasks autonomously, such as baselining behaviour, applying behavioural analytics to identify sophisticated threats, or taking effective countermeasures when facing a sophisticated threat. Tedious manual tasks, such as tracking and patching devices, can also be handed over to a properly trained system. However, this process can also be a two-edged sword. Machine learning has no conscience, so bad input is pro-

cessed as readily as good. By targeting and poisoning the machine learning process, cybercriminals will be able to train devices or systems to not apply patches or updates to a particular device, to ignore specific types of applications or behaviours, or to not log specific traffic to better evade detection.

Preparing for Tomorrow’s Threats Understanding the direction being taken by some of the most forward-thinking malicious actors requires organizations to rethink their current security strategy. Given the nature of today’s global threat landscape, organizations must react to threats at machine speeds. Machine learning and AI can help in this fight. Integrating machine language and AI across point products deployed throughout the distributed network, combined with automation and innovation, will significantly help fight increasingly aggressive cybercrime. Disrupting the criminal economic model, however, can only be achieved by tightly integrating security systems into a cohesive, integrated security fabric framework that can freely share information, perform logistical and behavioural analysis to identify attack patterns, and then incorporates that intelligence into an automated system that can not only respond to attacks in a coordinated fashion, but actually begin to anticipate criminal intent and attack vectors.

SME CHANNELS 23 FEBRUARY 2019

SECURITY

VINAYAKA B S

CHANNEL ALLIANCE LEAD INDIA &SAARC CHECK POINT

CHECK POINT’S INFINITY ARCHITECTURE PROVIDES GEN V SECURITY SECURING ASSETS OF ORGANIZATIONS Check Point is 100% channel focused and we are constantly striving to empower our channel with solutions & architecture to address the gap in terms of the attack vector & the solutions, says Vinayaka B S, Channel Alliance Lead, India &SAARC, who also talks about Cyber Security and the state of security in India.

What is the state of security in India? Despite several steps undertaken by CERT-IN & multiple initiatives by Industry Bodies(e.g. RBI, SEBI, IRDA etc.,) & regulations, the state of security in India needs a lot of improvement as this is a continuous process & organizations need to keep themselves equipped to handle the latest threats. While the security threats are presently of GenV&above, sadly the security controls adopted by a majority of organizations are b/n Gen II & III which highlights the gap in a big way. Prevention becomes the key as against detection & having centralized visibility & monitoring is the key which, in fact, is not followed by many leading to this state where there are multiple gaps in Security Postures. Need of the hour is Centralized monitoring with quick visibility with actionable information. Organizations need to look at this aspect & choose right Security Solutions when they are planning/augmenting Security controls. What are some of the major challenges you see for the Indian market from security point of view?

24 SME CHANNELS FEBRUARY 2019

With rapid digitization push by Govt of India, we see that the country has opened up big way in IT/ ITeS Services with rapid adoption of Computers & we now have the ubiquitous Mobile revolution penetrating even the remote corners of the country in the form of Smartphones. Advent of –e-payment mechanisms have brought many risks with gullible users falling prey to phishing attacks everyday which has not spared even the educated class. Rapid proliferation without adequate security controls have showcased the pitfalls with multiple attacks happening in not only traditional sectors like IT/ITeS, BFSI etc, but also in emerging verticals like Healthcare, ICS/SCADA etc., Need of the hour is to look at holistic security with adequate precautions taken to secure Network, Cloud, Mobile devices, End Points as well as protection against Zero Day attacks & ransomware. With recent security breaches like WannaCry, has this made people more aware of the importance of security today? Security breaches like WannaCry have again brought to the fore the discussion of securing

against Zero Day attacks & advanced threats, but organizations still think that their sector is immune or that they are not so well known that they would be targeted. Security by Obscurity is a long dead concept & today security is a must have for customer of any size, any vertical & any geography. Multiple instances of data breaches in emerging verticals like healthcare, manufacturing have brought the focus back on security of all the digital assets & more and more organizations today are seeking central visibility & actionable information so that they can prevent attacks & handle any with confidence. Education is very important & Check Point Research has been forefront in terms of educating against pitfalls from the unlikeliest sources e.g. Faxploit – where Cyber criminals could infiltrate any home or corporate network by exploiting all-in-one printerfax machines. In fact, while our world becomes more connected through IoT devices, the cloud and mobile platforms, there still remain simpler technologies which can allow potential hackers to infiltrate IT networks and provide unauthorized access to sensitive information. As a result, maintaining a frequent patching schedule and segmentation infrastructure, along

SECURITY

2019 will be a fresh year & in the recently released World Economic Forum’s (WEF’s) Global Risks Report 2019, cyber attacks and data breaches are ranked as the fourth and fifth most likely global risks. We see that rapid adoption of Cloud followed by ever increasing adoption of IoT poised to bring a huge change in the way we perceive security. With perimeter disappearing the threat landscape is completely different. In Cloudification, it becomes very important to showcase the shared responsibility model & provide solutions for Securing the applications. Mobile Threats have to be prevented as employees are connected to Corporate Networks 24x&. Rapid adoption of Smartcities& attacks on Critical Infrastructure necessitates the need of securing Smartcities& Critical Infrastructure at a much rapid pace. Check Point with our Infinity Architecture coupled with our new product offerings help augment the threat by staying ahead of the threat curve by providing Gen V Security focusing on Prevention & providing customers with actionable information.

with a high level of IT hygiene in general, is essential for protecting data from potential attacks, from wherever they may come. By following best practices such as these, organizations can stay safe. Discuss the latest technology/ solutions from your company and the impact in the market? Check Point has continuously improved & innovated on our Infinity Architecture. In fact, we have launched new technology solutions recently apart from increased focus on Cloud Security. The Maestro is a revolutionary new architecture that enables businesses of any size to enjoy the power of flexible cloud-level security platforms, and to seamlessly expand their existing security gateways to hyperscale capacity. Maestro enables a single gateway to expand to the capacity and performance of 52 gateways in minutes, giving companies elasticity and enabling massive Tera-

bit/second firewall throughput. The impact in the increased threat landscape is tremendous as Maestro extends the Gen V security capabilities of our Infinity architecture into hyperscale environments. It ensures organizations can secure their dynamic, evolving environments without limits, now and in the future. Further, with the acquisition & integration of Dome9 &ForceNock, the Cloud Security offerings are strengthened with additional capabilities. On the Mobile Front, Check Point has been named as a leader for the second year in a row in IDC Marketscape report on Mobile Threat management which gives us an edge over the threat landscape as well as solution offerings. Customers can embrace our Infinity offering to ensure future proofing their Security. What will the threat landscape look like in over the next 12 months?

What will be the biggest drivers for security spending in 2019? Regulations from regulatory bodies like RBI, IRDA, SEBI etc, followed by increased vigilance on Healthcare Segment, close monitoring of Compliance in IT/ITeS Segment, rapid adoption of Cloud & Mobile Devices are all set to increase the Security Spending in 2019. Further, increased push on Industry 4.0 including Cyber Physical Systems &IoT also have brought to fore IT security issues, which are greatly aggravated by the inherent need to open up those previously closed production shops. Recent attacks on customers in BFSI, hospitals & other organizations have brought fore the need for proactive Security showcasing the emerging importance of Prevention with actionable information. In fact, Check Point research is in the forefront of looking at threats & vulnerabilities and attacks in its numerous findings showed that attackers can use seemingly innocuous information in terms of penetrating into customer networks which included Fortnite, Adobe PDF Reader and DJI Drones. We also published new findings about malware families including multiple types of Ransomware, malware on computers and mobile devices. Check Point’s Infinity Architecture provides Gen V Security securing assets of organizations future proofing their security requirements.

SME CHANNELS 25 FEBRUARY 2019

COVER STORY

THE CHANGING

IT SECURITY LANDSCAPE Data security continues to become complex with the each passing day, but many companies have the propensity of softpedal the risks.

n today’s cyber threat landscape, every organization, large or small, is at risk of an attack. Every industry has suffered multiple high-profile breaches, making it clear no one is safe. Security is becoming complex with the each passing day and IT managers are under pressure to secure the company’s digital assets and network. Securing yesterday’s network/infrastructure for the technologies of today is an uphill battle. As we move towards

26 SME CHANNELS FEBRUARY 2019

a digital economy of Apps across web and mobile, with always on mode, the risks have geometrically increased. Hackers are also leveraging on all the tools such as cloud, analytics and known vulnerabilities in popular application to launch focused attacks with financial gains in mind. Sophisticated malwares enter network and lie low for a long time before launching itself making detection and prevention increasingly difficult. Threats are evolving by the second and technology to

COVER STORY

“CYBERSECURITY IS NOW BEING VIEWED AS A HIGHER PRIORITY BY BUSINESSES.” RAHUL KUMAR, COUNTRY MANAGER INDIA AND SAARC, F-SECURE

“AS INDIA IS TAKING HUGE STRIDES IN TRANSFORMING INTO A DIGITAL ECONOMY, CYBERSECURITY THREATS COULD POSE A SERIOUS RISK FOR ITS SUCCESS.” VISHAK RAMAN, DIRECTOR, SECURITY, CISCO

prevent and detect are lagging. “Even more serious is the lack of awareness at user level making it the weakest link,” says Krishna Raj Sharma, Director & CEO at iValue InfoSolutions. “As India is taking huge strides in transforming into a digital economy, cybersecurity threats could pose a serious risk for its success. Companies and governments alike should consider adopting advanced security technologies that include machine learning and artificial intelligence capabilities and also look at bridging the gap of skilled cybersecurity professionals in the country through relevant training and support,” says Vishak Raman, Director, Security, Cisco. Cybersecurity has traveled a long way from where it was a few years ago and now realization has downed on the businesses that they can softpedall the issue of Cybersecurity at their own peril. This has been driving demand and the industry is expected to experience a CAGR of 19% from 2018 to 2023. “It is now being viewed as a higher priority by businesses,” says Rahul Kumar, Country Manager India and SAARC at F-Secure. The industry growth is on a positive trajectory with more businesses coming under the ambit of digital infrastructure. “Our constant efforts have been able to keep cyberattackers on the hook

SME CHANNELS 27 FEBRUARY 2019

COVER STORY

“WE CONTINUE TO ATTRACT CUSTOMERS ACROSS ALL MAJOR VERTICALS, INCLUDING HIGHER EDUCATION, RETAIL AND HOSPITALITY, MANUFACTURING AND HEALTHCARE” DEBASISH MUKHERJEE, DIRECTOR, SONICWALL SALES

this year and we are determined to do the same in 2019. We believe that 2019 will gain superior traction amongst Indian businesses. NEED FOR CLOUD COMPUTING SECURITY TO GROW FURTHER With minimum operating cost, the cloud has emerged as the most cost-effective option to manage the workloads and processes, says Rajesh Goenka, Director, Sales & Marketing, RP tech India. Consequently, many small and mid-level organizations are shifting on the cloud. Globally, Trend Micro expects to see more breaches to stem from misconfiguration during cloud migration. “India, as a market of bustling cloud migration activities, is at a high risk to this. With the rise of DevSecOps and the use of cloud containers across the world, we also anticipate a growing volume of vulnerabilities to be discovered in the cloud environment,” says Nilesh Jain, Vice President, Southeast Asia and India, Trend Micro.

The Internet of Things is another area which will see greater attacks emerge. “Some attacks which target the IoT are likely to be complex and difficult to defend against,” says Avinash Garg – Director, Channels & Alliances, FireEye, India. Cyber-villains are increasingly targeting IoT devices to deploy cryptomining malware. “IoT (Industry of Things Internet of things) has produced different ways to interact and exchange data which makes it easy for the hackers to take advantage of the situation and gain access to all the information that is being exchanged online. Hence, this has given rise to botnets in the internet world,” says Zakir Hussain Director, BD Soft, Country Partner – Bitdefender. There are other major upcoming technologies that will change the threat landscape drastically. One such example is artificial intelligence, which has been a buzzword for a while. Imagine artificial intelligence being used to not only probe, but to specifically tailor attacks against organizations and other targets. “We’re already seeing some of

“IT’S BECOMING EVIDENTLY CLEAR THAT FOCUS ON PREVENTION IS BECOMING IMPOSSIBLE AND EQUAL IMPORTANCE IS ALSO REQUIRED IN QUICK DETECTION TOOLS TO MINIMIZE DAMAGE POST BREACH” KRISHNA RAJ SHARMA, DIRECTOR & CEO AT IVALUE INFOSOLUTIONS

28 SME CHANNELS FEBRUARY 2019

“CYBERSECURITY IS BECOMING A STRATEGIC PART FOR EVERY VERTICAL TODAY” SANDIP KUMAR PANDA, CEO & CO-FOUNDER, INSTASAFE.

this with deep fakes, the ability to copy the voice and mannerisms of a person to create something that looks and sounds as though the real person said it,” says Avinash Garg. VERTICALS LIKELY TO INVEST MORE IN 2019 Cybersecurity is becoming a strategic part for every vertical today, says Sandip Kumar Panda, CEO and Co-Founder, Instasafe. In fact, cybersecurity is becoming the cornerstone of innovative and well organized IT infrastructures of every vertical in the market be it BFSI, Manufacturing, Retail, Education, Healthcare and others. “The MSME sector will be a prime growth driver in 2019. Other market verticals that will be aggressively investing in cybersecurity will be the BFSI sector, manufacturing sector, and IT firms alongside others,” says F-Secure. Ransomware is a real concern, due to which PC users need to improve their data security. Many incidents of ransomware attacks are reported quite frequently across the globe. “However a lot of people adopt a careless attitude and forget to update their OS and software due to which devices become vulnerable to ransomware attacks,” says BD Soft. “This is a real risk as cyber criminals always try to find the gap to launch an

COVER STORY

“IN 2019, WE WILL SEE CHANNEL PARTNERS EXPANDING VERTICALS AND STEPPING INTO THE SECURITY AREA FOR BETTER ROI AND SUSTAINABLE BUSINESS IN A BIG WAY” RAJESH GOENKA, DIRECTOR, SALES & MARKETING, RP TECH INDIA.

attack.” The impact of WannaCry and NotPetya ransomware attacks have led Indian enterprises to realize that security must be part of the regular boardroom discussions rather than be treated as a technology issue. The pace of such breaches has increased in the recent past, forcing individual and corporates to enhance awareness at their level. “It’s becoming evidently clear that focus on prevention is becoming impossible and equal importance is also required in quick detection tools to minimize damage post breach,” says Krishna Raj Sharma of iValue InfoSolutions. “WannaCry and similar security breaches caused chaos, but at the same time raised awareness about ransomware,” says Priya Kanduri, Vice President, Head of Innovation and Security Services at Happiest Minds Technologies. Enterprises learnt about the importance of something as simple as patching. Of course, there is room for improvement. Organizations need to take cybersecurity more seriously and

should invest in gaining better visibility of their critical assets—making sure everything is safe, patched and updated. “But yes, I do believe recent security breaches along with new regulatory mandates opened a lot of organizations’ eyes to the importance of data and cybersecurity,” says Priya of Happiest Minds. “Without a strong security and data recovery policy organizations remain vulnerable to Wannacry’s in future. This is sure to escalate to database and applications, further making our life difficult,” says Shibu Paul, Vice President – International Sales at Array Networks. Zakir Hussain Director, BD Soft, Country Partner – Bitdefende, says “Unfortunately awareness of security risks is not enough. It is very important to adopt security practices for the same. There is little awareness of security practices in India.” REVE Antivirus says “Some of the Cybersecurity challenges in India include lack of awareness, lack of cyber security guidelines, and poor cyber security practices.”

“WITH THE RISE OF DEVSECOPS AND THE USE OF CLOUD CONTAINERS ACROSS THE WORLD, WE ALSO ANTICIPATE A GROWING VOLUME OF VULNERABILITIES TO BE DISCOVERED IN THE CLOUD ENVIRONMENT” NILESH JAIN, VICE PRESIDENT, SOUTHEAST ASIA AND INDIA, TREND MICRO.

“WANNA CRY AND SIMILAR SECURITY BREACHES CAUSED CHAOS, BUT AT THE SAME TIME RAISED AWARENESS ABOUT RANSOMWARE” PRIYA KANDURI, VICE PRESIDENT, HEAD OF INNOVATION AND SECURITY SERVICES, HAPPIEST MINDS TECHNOLOGIES

“We continue to attract customers across all major verticals, including higher education, retail and hospitality, manufacturing and healthcare,” says SonicWall Sales Director Debasish Mukherjee. “We have also seen much wider adoption with distributed and mid-tier enterprise as when we expanded capabilities through our SonicWall Capture Cloud Platform, which delivers integrated cloud-scale management and true end-to-end security that protects networks, email, endpoints, mobile and remote users,” says Debasish Mukherjee. DRIVERS FOR SECURITY SPENDING IN 2019 The biggest driver of security spending in India is likely to be very public, highly damaging incidents which raise awareness, and the possibility of new regulations to strengthen compliance requirements. Cloud migration continues to ramp up in India with many enterprises moving to cloud. India will lead globally in hybrid cloud usage and adoption over the next two years, says the Nutanix Enterprise Cloud Index report. “In this context, the spending by Indian enterprises in

SME CHANNELS 29 FEBRUARY 2019

COVER STORY

“SOME ATTACKS WHICH TARGET THE IOT ARE LIKELY TO BE COMPLEX AND DIFFICULT TO DEFEND AGAINST” AVINASH GARG , DIRECTOR, CHANNELS & ALLIANCES, FIREEYE, INDIA

securing their cloud environment would see an acceleration this year,” says Nilesh Jain, Vice President, Southeast Asia and India, Trend Micro. Cybersecurity will never be solved, because the cybercriminals will never stop trying to find and exploit vulnerabilities. With the advent of growing awareness about security, the IT security industry will continue to grow in 2019. The government initiatives like Smart City and Safe City projects have triggered a huge demand for security hardware such as CCTV cameras, storage and solutions such as cloud and AI. “As the IT business is growing through stagnancy, security is the next growth destination, channel partners should head to. In 2019, we will see channel partners expanding verticals and stepping into the security area for better ROI and sustainable business in a big way,”

says Rajesh Goenka, Director, Sales & Marketing, RP tech India. Cybersecurity is affordable when compared to losing your business. If sensitive data is compromised, businesses faces huge loss not just the business but also the customers. “Hence, it important to invest in Cyber Security rather than taking the risk,” says Zakir Hussain. FINALLY... In 2018, cybersecurity was more widely accepted as a board level topic and senior executives became more aware about its impact on achieving business goals and brand protection. Looking toward 2019, boards will want to see objective measurement and validation of program effectiveness and will continue to bring on independent cybersecurity advisors or add team

“WITHOUT A STRONG SECURITY AND DATA RECOVERY POLICY ORGANIZATIONS REMAIN VULNERABLE TO WANNACRY’S IN FUTURE. THIS IS SURE TO ESCALATE TO DATABASE AND APPLICATIONS, FURTHER MAKING OUR LIFE DIFFICULT” SHIBU PAUL, VICE PRESIDENT – INTERNATIONAL SALES, ARRAY NETWORKS.

30 SME CHANNELS FEBRUARY 2019

“IOT (INDUSTRY OF THINGS INTERNET OF THINGS) HAS PRODUCED DIFFERENT WAYS TO INTERACT AND EXCHANGE DATA WHICH MAKES IT EASY FOR THE HACKERS TO TAKE ADVANTAGE OF THE SITUATION AND GAIN ACCESS TO ALL THE INFORMATION THAT IS BEING EXCHANGED ONLINE” ZAKIR HUSSAIN , DIRECTOR, BD SOFT.

members with experience in cybersecurity. Cybersecurity was listed as one of the top three areas of increased technology investment where it is seen higher spending in 2019 than in 2018. Further evidence is in the increase in security spend as a percentage of total IT spending. While still a fraction of total IT spend, security is on the rise, representing 6.2 percent in 2017 vs 5.6 percent in 2015. Security leaders are striving to help their organizations securely use technology platforms to become more competitive and drive growth for the business. “Persisting skills shortages and regulatory changes like the EU’s Global Data Protection Regulation (GDPR) are driving continued growth in the security services market. Security and risk management has to be a critical part of any digital business initiative,” says Zakir Hussain.

CASE STUDY

A MANUFACTURING GIANT IN MAHARASHTRA TRUSTS MATRIX VIDEO SURVEILLANCE FOR 24X7 SECURITY

PROJECT HIGHLIGHTS: l 350+ Cameras at 13 Locations l Centralized Viewing from Single Location l 5 Years of Service Support Warranty l Industry: Manufacturing COMPANY PROFILE: A Manufacturing giant in Maharashtra has the distinct mark of making India’s 1st Diesel Engine and Iron Mold Ploughs. The company’s legacy dates to 1922. This company is the reason behind a new wave of industrialization in some of the towns in Maharashtra while preserving their rich heritage. CHALLENGES Large Area to Monitor - The company is spread across a wide area employing more than three thousand people. Being an established and trusted brand, maintaining quality is crucial and therefore, every area needs to be under surveillance. For this reason cameras producing good quality image and can cover a greater area for monitoring was the requirement. Centralized Control - The company is divided into various branches which are located at various places in Satara. This gave rise to the need for a

centralized solution at a centralized location from where all other sites can be monitored at a time. SOLUTION OFFERED To cover the large monitoring area, Matrix provided IP Bullet and Dome Cameras that have greater Field of View when compared to other brands. According to the requirement, various cameras were installed at different locations such as reception area, canteen, security area, entrance, production area, etc. These cameras also provide exceptional low light images which aid in providing high-class security. For storing the streamed videos, Matrix offered Network Video Recorders. These NVRs have features such as Adaptive Recording which aid in storing more data in a dened space. Moreover, it has Intelligent Video Analytics such as Intrusion Detection and Motion Detection which were also applied. Instant notifications and alerts ensured real-time security of the premises. RESULTS: Centralized Control l 24X7 Real-time Surveillance l Higher Security with Intelligent Video Analytic l

ABOUT MATRIX Established in 1991, Matrix is a leader in Security and Telecom solutions for modern businesses and enterprises. As an innovative, technology driven and customer focused organization, the company is committed to keep pace with the revolutions in the Security and Telecom industries. With around 40% of its human resources dedicated to the development of new products, Matrix has launched cutting-edge products like Video Surveillance Systems - Video Management Software, Network Video Recorder and IP Camera, Access Control and Time-Attendance Systems as well as Telecom Solutions such as Unified Communications, IP-PBX, Universal Gateways, VoIP and GSM Gateways and Communication Endpoints. These solutions are feature-rich, reliable and conform to the international standards. Having global footprints in Asia, Europe, North America, South America and Africa through an extensive network of more than 2,500 channel partners, Matrix ensures that the products serve the needs of its customers faster and longer. Matrix has gained trust and admiration of customers representing the entire spectrum of industries. Matrix has won many international awards for its innovative products.

SME CHANNELS 31 FEBRUARY 2019

SECURITY

REETWIKA BANERJEE,

(MBA IN CYBER SECURITY CERTIFIED DLP ADMIN (SYMANTEC & RSA), CLOUD SECURITY AUDITOR, ISO 31000 RISK ASSESSOR, ISO 27001 LI, PIMS WITH GDPR LI, PCI DSS LI

AUTHOR’S BIO

REETWIKA BANERJEE IS A PROFESSIONAL CYBER SECURITY EXPERT, PRESENTLY ASSOCIATED WITH ACCENTURE AS THEIR ENTERPRISE DATA PRIVACY CONSULTANT. HER PRINCIPAL ROLE IS TO ADVOCATE SENIOR MANAGEMENT ON HI-TECH CYBER SECURITY THREATS AND HOW TO PREVENT CONFIDENTIAL DATA LEAKAGES OUT OF THEIR ORGANIZATION’S NETWORK. SHE IS ALSO AN INTERNATIONALLY AWARDED AUTHOR. HER LATEST BOOK ‘CYBER SECURITY AT YOUR FINGERTIPS’ WAS RELEASED AT THE NEW TOWN BOOK FAIR 2018 BY EMINENT JUDGE (RETD.) OF BANGALORE HIGH COURT MR. GAUTAM RAY AND SENIOR ADVOCATE OF CALCUTTA HIGH COURT MR. BIMAN SAHA. TO CHASE HER PASSION AND EDUCATE COMMON PEOPLE ABOUT SECURITY THREATS, NEED OF DATA PRIVACY, PREVALENT CYBERCRIMES AND THEIR PREVENTIONS, REETWIKA CONTRIBUTES AS A REGULAR COLUMNIST TO THE ESTEEMED MULTINATIONAL NEWS PORTAL ‘DIFFERENT TRUTHS’. YOU MAY WRITE TO REETWIKA AT: REETWIKAB@GMAIL.COM.

32 SME CHANNELS FEBRUARY 2019

PREVENT ENTERPRISE DATA REACHES THROUGH DATA LOSS PREVENTION (DLP) PROGRAM One of the most critical success factors of DLP program management is the appointment of a proficient DLP administrator who will be able to continuously measure the effectiveness of the implemented solution.

INTRODUCTION Data Loss Prevention (DLP) is the method of monitoring, detecting and blocking of sensitive data leakage out through organization’s various communication channels. It can be done using a set of scientific tools, processes and techniques which we will discuss here. However, DLP must be looked upon as a tailored security strategy rather than a readymade security appliance. The most common application area of Data Loss Prevention is to comply with the requirements of various data security standards and international privacy laws like General Data Protection Regulation (GDPR), ISO 27001, Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) etc. Other use cases may include protection of Intellectual Properties (IP) and enhanced data visibility into the internal data movement which in turn can prevent insider threats to a large extent. DLP can also be used as a tool to carry out entity behavior analysis, study user browsing pattern, do

silent email monitoring, etc. WHERE DO DATA LEAKAGES HAPPEN Sensitive data (example: Social Security Number, Employee records, Payment Card info, Intellectual Property, Customer Data, Patient health records etc) may reside in different forms scattered across the environment, residing mainly in three states – in-use (at endpoints like desktops, laptops, printers, end user machines, screenshots etc), inmotion (network traffic through wireless hotspots, intranet, websites, telephony, mobility solutions, emails, exchange servers etc) or at-rest (archived data at databases and external data storages like USBs, pen drives, discs, magnetic tapes, unused hard drives, external hard disks, memory cards etc). Ex-filtration or transmission of company’s sensitive data can happen through any of these sources posing immense risk to IT assets and company data. The leakage can be intentional or unintentional, but the risk of breach can have

SECURITY

a variety of ways outside the company’s network. All of these get identified by the DLP tool and actioned upon by a layered remediation team. The first level (L1) remediation team does the gating analysis and escalates their incidents to the higher level (L2) to investigate. The respective end user whose action triggered the DLP incident is then educated by the L2 team with Remediation Plans and policy exceptions if backed up with a justified business reason. The DLP lifecycle typically comprises of seven phases – end user tries to send sensitive data outside the company, DLP tool identifies and actions against the unauthorized data transfer, Remediation team triages the incident, educates end user about the action taken (allow/ block/ quarantine/ exception) and finally closes the incident. If it is found to be a false positive trigger, the L1 analyst closes the incident with appropriate comments.

CRITICAL SUCCESS FACTORS OF DLP PROGRAM

DLP System Integration Once that is done, the next step is to choose and define the internal DLP policies and regular expressions (RegEx) as accurately as possible because that will determine the level of effectiveness of the overall DLP program. Few additional system components might need to be integrated with the chosen DLP suite to ensure comprehensive results.

ciency is tested through incident management, initially with a pilot run and then spanning across slowly throughout the enterprise. Actions can be taken in four ways – Detect the breach and notify the user, block the data transfer, quarantine it or encrypt the sensitive data suitably and then allow the data movement out of the enterprise. A DLP incident is defined as any inadvertent loss of sensitive information. A Data Loss Prevention solution comprises of policies to prevent any unauthorized transmission or disclosure of sensitive information to illegitimate users. If there are any policy violations, the solution will auto generate incidents which need to be addressed by the support team immediately. Whenever any suspicious activity is noticed within the internal data environment, the DLP tool flags a security incident. The DLP Management security solution ensures monitoring of the security events logged by the system. The reported incidents generated by the business applications, operating systems, network and security devices, wireless access points and databases are analyzed in near real time by the Compliance team and the right business owners are alerted for immediate action. Respective team then gears up as per the priority of the incident. This DLP incident management process is typically termed as Data Loss Prevention Remediation.

Incident Remediation After the DLP operating model is set up, the effi-

SEVEN PHASES OF DLP LIFECYCLE An end user may send or share sensitive data in

detrimental impacts on the organization and its clients. DATA LOSS PREVENTION PROGRAM MANAGEMENT DLP program management is a three stage process – Sensitive Data Discovery, DLP System Integration and Incident Remediation. Sensitive Data Discovery The DLP program management starts with the identification of sensitive data and their respective locations in the entire ecosystem (Data in Motion, Data in Use and Data at Rest) which is technically termed as Data Discovery. Different hi-tech tools are available in the market which can be integrated with the DLP solutions to carry out data discovery; some even come with a bundled discovery offering along with the DLP tool.

One of the most critical success factors of DLP program management is the appointment of a proficient DLP administrator who will be able to continuously measure the effectiveness of the implemented solution. With increase in data volume and number of users, the count of false positives may go abnormally high, slowly diminishing the overall efficiency of the DLP process. Lack of proper balance would indicate the time to fine tune the DLP policies. Only an expert will be able to determine the appropriate time to call for reconciliation. The DLP admin must be well trained in conducting incident trend analysis and policy exception handling on a regular basis. Any indicative premonitions must be discussed immediately with company’s security leadership. However, the success of DLP execution lies with the selection of the most appropriate DLP tool in the initial phase of the program. Innumerable DLP service providers are available in the global market, each specializing in different aspects of data management with varying degrees of flexibility and licensing models. The business and security leads of the organization must take an envisioned call in selecting their DLP implementation partner as per company’s needs, countries of future operation, data types and targets to achieve by implementing the DLP solution. Let me highlight here, implementation of DLP is a pricey, vigorous, long term and resource consuming technical solution. So, essentially choosing the right partner becomes immensely critical in the long run.

SME CHANNELS 33 FEBRUARY 2019

SECURITY

CYBER SECURITY INCIDENT RESPONSE AND MANAGING RISK Incident response must not be treated as an isolated event and therefore incident simulations, tabletop exercises and reporting is key process to incident response planning.

ANUP KANTI DEB,

RESILIENT SEGMENT BUSINESS LEADER â&#x20AC;&#x201C; IBM RESILIENT -CYBER RESPONSE IBM SECURITIES (APJ)

Incident Response is an ongoing process, a lifecycle which requires a risk mitigation strategy covering operational, legal and reputational risk .A typical cybersecurity attack can result in a combination of attack across target segments within an organizational network and data that can result in critical infrastructure being exposed lacking security controls to mitigate risks. A good cybersecurity framework is therefore an imperative keeping into consideration how an organization builds

34 SME CHANNELS FEBRUARY 2019

its cybersecurity strategy that encompasses an integrated and holistic approach centered around security orchestration, analytics and incident response , It is fundamental for an organization to have critical controls in place across prevention , detection and response environments that can help organizations build resiliency in providing a consistent and predictable recovery experience that can seamlessly respond to IT complexities and interdependencies across all environments.

Incident response plan must be designed in a way that can help organization respond quickly and efficiently in the event of a breach involving stakeholders and other lines of business (LOB) including the InfoSec and IT teams .Involving stakeholders across the organization helps in facilitating accountability and transparency with an objective to mitigate and minimize risk , The incident response team should expand beyond responding to security threats but should include

SECURITY

AUTHORâ&#x20AC;&#x2122;S BIO ANUP LEADS THE CYBER SECURITY - INCIDENT RESPONSE BUSINESS FOR IBM ACROSS ASIA PACIFIC HE COMES WITH A RICH BACKGROUND OF WORKING IN THE CYBER SECURITY INDUSTRY HAVING SPECIALIZED IN THE AREA OF CYBER SECURITY -RISK AND COMPLIANCE . HE IS ALSO A SUBJECT MATTER EXPERT IN INCIDENT RESPONSE. HE IS CURRENTLY EXPANDING IBM RESILIENT BUSINESS FOOTPRINT WITHIN THE REGION . ANUP HAS ALSO PREVIOUSLY WORKED WITH EMERGING TECHNOLOGY STARTUPS AND LEADING IT COMPANIES INCLUDING HEWLETT PACKARD , ORANGE BUSINESS SERVICES, WIPRO AND HCL.

management , human resources , legal ,audit and risk management specialist ,general council and public relations. A case in point for example is in the case of insider threat a response plan mandates involvement of HR to check employee background, responsibilities and credential fundamentally key to minimizing risk .Similarly a response process should include a general council attorney to ensure that any evidence collected maintains its forensic value in the event that the company chooses to take legal action. Target, Yahoo are case studies illustrating the importance involving team early from the legal, compliance and public relations that can address risk. In essence incident response is about managing risk and incident response must be a holistic approach to managing risk which can impact operational, legal as well as Reputation of an organization. Incident response must not be treated as an isolated event and therefore incident simulations, tabletop exercises and reporting is key process to incident response planning enabling teams to test response plans, identify gaps, and refine response processes that defines an incident response preparation. In order to address incidents it is important to ensure that an IR plan include a) Documentation and establishing policies, procedures, and agreements for incident response management b) define communication guidelines key to incident response preparation c) incorporate threat intel feeds for enrichment and better prepare of investigations to identify indicators of compromise ( IOC ) d) conduct operational threat hunting exercises to have a an alert and prepared team security team helping response to be more proactive . Another very pertinent aspect of Incident response is Communication. Communication strategy must encompass both internal and external stakeholders. In order to know what to communicate to whom, an organization should assess the potential impact of the cyber security incident; for example if it concerns to only internal or also external stakeholders. The magnitude of

the incident including evidence of data leakage may involve external stakeholders. Depending on impact of the cyber breach, an organizations cyber security incident communication will have different objectives. For example a Privacy data breach would involve notification and adhering to the privacy www.infosecglobal.co.in Page 13 of 50 data breach regulation of the respective country regulations. In todayâ&#x20AC;&#x2122;s context some of the external regulatory guidelines may be complex (ex GDPR) and would need a proper communication strategy in place in order to comply with regulatory obligations. Global, national, and local privacy breach requirements are more complex than ever before and is continually evolving. Privacy and legal teams can spend days working to meet regulatory obligations after an incident .Communication therefore is the key to mitigate any risk both from a reputational and legal standpoint. In a digital age communication is an important strategy to mitigate risk and an extremely critical component to the basic operations of a company and therefore incorporating a communications strategy that takes into account business, legal and regulatory requirements should be a priority. Containment and Recovery of security incident is an important step for any incident response plan keeping into consideration business continuity demands and disaster recovery solution. This includes prioritizing which assets to rebuild first and ensuring business continuity. Recovery process should include addressing the attackers point of penetration or associated vulnerabilities to be eliminated on priority and systems restored. Here it is important to ensure identified CIRT members or owners to work hand in hand with the Business continuity planning team together to ensure smooth running of business operation. Post containment of a breach, the next phase of an incident response plan is to eliminate the root cause of the breach. An Incident plan eradication program need to be designed to ensure malware be

securely removed, systems be hardened, patched and most importantly updates being applied. This is critical given that any trace of malware or security issues if remains in the affected systems the risk will continue existing and liability could increase. Eradication and recovery should be done in a phased approach so that remediation steps are prioritized. Post incident event analysis is a critical component of any incident response plan as it provide an opportunity for the stakeholders to reflect an incident and apply lesson learnt in order to make an incident response place proactive and efficient. It also helps to improve security measures, identify early potential gaps and be more prepared in future. Conclusion and the Future State of Incident Response: Given the explosion in autonomous and other devices connected to the net, access to smart phones even in emerging economies and service providers in transformation, social networks in ferment and organizations digitalization relying on DevOps, we must be prepared to have a matrix for positive possibilities but increasing threat surfaces exposed. This will lead to multivector threats being executed on corporate as well as private targets and risk factors will become even more exposed. Therefore the state has to make private citizens aware on cyber safety. As far as enterprises and corporations are concerned they will need to deploy appropriate counter measure incident response technology that can be real time anticipate and proactively respond, subscribing to threat intel feeds and intel sharing across verticals combining the capability to bring in people , process and technology together to response from attackers . This can happen possibly through Artificial Intelligence and Intelligent Orchestration. AI combined with intelligent orchestration will help to drive added capability that will help in shortening the triage and proving expert knowledge at the point of Cyber decision making that can Outsmart, Outpace and Outmaneuver Cyberattacks.

SME CHANNELS 35 FEBRUARY 2019

SECURITY

EMERGING CYBER SECURITY CHALLENGES – NEW THREAT LANDSCAPE The new generation of attacks are complex, use multiple attack vectors to maximize the chances of breaking through defenses.

Cyber Security Challenges have increased manifold & there is paradigm shift in Threat Landscape. In spite of substantial spending on legacy security products, advanced attackers are bypassing these defenses at ease making the life of Security Professional miserable. There’s no single technical answer. Attackers will always exist and innovate and find a way into any organization data no matter how secured is the defense mechanism. Breaches are inevitable. The shift in security outlook needs to change from “keep them out” to “early detection and response before damage is done”. NEW THREAT LANDSCAPE Attacks have changed in form, function, and sophistication. The main difference is the new threats (advanced attacks, APTs etc.) are actively driven by humans, as opposed to previous generation attacks which were malware based attacks (viruses, Trojans, worms etc.) These advanced attacks utilise both malware designed to infect many systems as well as sophisticated, zero-day malware to infect targeted systems. They use multiple attack vectors like Web, email, and application-based attacks. And today’s attacks are aimed at getting valuable data assets—sensitive financial information, intellectual property, authentication credentials, insider information—and each attack is often a multi-staged effort to invade networks, spread, and ultimately hack the valuable data. LIMITATIONS OF TRADITIONAL SINGLEVECTOR DEFENSES Most of the Security organizations are looking for malware based attacks instead of human attackers who may use malware as part of their advanced attacks. Hence new generation of threats are able to bypass traditional security defense. • Firewalls: Firewalls allow generic http Web traffic. Next-generation firewalls add layers of policy rules based on users and applications & consolidate traditional protections such as IPS and AV but do not add dynamic protection that can detect threat content or behavior. • IPS: Works on Signatures, packet inspection, DNS analysis. It will not detect anything unusual in a zero-

36 SME CHANNELS FEBRUARY 2019

day exploit, especially if the code is heavily disguised or delivered in stages. • Anti-virus and Web malware filtering: Since the malware and the vulnerability it exploits are unknown (zero-day), and the website has a clean reputation, traditional AV and Web filters will let it pass. The volume of vulnerabilities in browser plug-ins like Adobe and the exponential combinations of these browsers with operating systems make it hard for AV vendors to keep up. • Email spam filtering: Spoofed phishing sites use dynamic domains and URLs, so blacklisting lags behind criminal activities. It takes more than 26 hours to shut down the average phishing site. Malicious code can also be carried in laptops, USB devices, or via cloud-based file sharing to infect a machine and spread laterally when it connects into the network. It is common for mobile systems to miss updates to DAT files and patches, so they are vulnerable to both known and unknown exploits. In general, even up-to-date machines can be infected using zero-day exploits and social engineering techniques, especially when the system is off the corporate network. Once in place, malware may replicate itself—with subtle changes to make each instance look unique—and disguise itself to avoid scans. Some will turn off AV scanners, reinstall after a cleaning, or lie dormant for days or weeks. Eventually, the code will pass on login credentials, financial data, and other valuables. Many compromised hosts provide a privileged base so the criminal can explore further or expand his botnet with new targets. Most companies don’t analyse outbound traffic for these malicious transmissions. Those organizations that do monitor outbound transmissions use tools that look for “known” bad actor addresses and regulated data. • Web filtering: Most outbound filtering blocks adult content or time-wasting entertainment sites. Many enterprises restrict social networking sites. “There is widespread agreement that advanced attacks are bypassing our traditional signature-based security controls and persisting undetected on our systems for extended periods of time. The threat is real. You are compromised; you just don’t know it.” – Gartner, Inc., 2012 “

SUDIPTA BISWAS,

VICE PRESIDENT AND CHIEF INFORMATION SECURITY OFFICER, PRIME INFOSERV LLP

AUTHOR’S BIO

A GRADUATE ENGINEER WITH 32 YEARS INDUSTRY EXPERIENCE IN THE DOMAIN OF INFORMATION TECHNOLOGY & INFORMATION SECURITY. HIS PAST ASSIGNMENTS WERE IN COMPANIES LIKE GEC & BHEL. HE IS AN EXPERT IN INFORMATION SYSTEM SECURITY DOMAIN WITH DEEP EXPOSURE IN GOVERNANCE, COMPLIANCE, PROCEDURES & STRATEGIES. HIS KNOWLEDGE COVERS A WIDE SPECTRUM WITH A HOLISTIC VIEW ON PEOPLE, PROCESS AND TECHNOLOGY, FOCUSING ON INFORMATION SECURITY, DATA PROTECTION , PRIVACY ,INCIDENT MANAGEMENT AND AUDITS.

THE FIVE STAGES OF MULTI-VECTOR ATTACKS The new generation of attacks are complex, use multiple attack vectors to maximize the chances of breaking through defenses. Multi-vector attacks are typically delivered via the Web or email. They leverage application or operating system vulnerabilities, exploiting the

SECURITY

inability of conventional network-protection mechanisms to provide a full-proof defense. In addition to using multiple vectors, advanced targeted attacks also utilize multiple stages to penetrate a network and then steal valuable information. This makes it far more likely for threats to go undetected. The five stages of the attack life cycle are as follows: System exploitation : The attack attempts to set up the first stage, and exploits the system using casual browsing. It’s often a blended attack delivered across the Web or email with the email containing malicious URLs. Malware executable payloads are downloaded and long-term control established: A single exploit translates into dozens of infections on the same system. With exploitation successful, more malware executables—key loggers, Trojan backdoors, password crackers, and file grabbers—are then downloaded. This means that criminals have now built long-term control mechanisms into the system. Malware calls back : As soon as the malware installs, hackers establish a control point within organizational defenses. Once in place, the malware calls back to criminal servers for further instructions. The malware can also replicate and disguise itself to avoid scans, turn off anti-virus scanners, reinstall missing components after a cleaning, or lie dormant for days or weeks. By using callbacks from within the trusted network, malware communications are allowed through the firewall and will penetrate all the different layers of the network. Data exfiltration : Data acquired from infected servers is transmitted via encrypted files over a commonly allowed protocol, such as FTP or HTTP, to an external compromised server controlled by the criminal. Malware spreads laterally : The hacker now works to move beyond the single system and establish long-term control within the network. The advanced malware looks for mapped drives on infected laptops and desktops, and can then spread laterally and deeper into network file shares. it will map out the network infrastructure, determine key assets, and establish a network foothold on target servers. HOW THE NEW GENERATION OF THREATS BYPASS TRADITIONAL SECURITY Cybercriminals combine Web, email, and file-based attack vectors in a staged attack, makingW it far more likely for their attacks to go undetected. Today’s firewalls, IPS, AV, and Web gateways have little chance to stop attackers using zero-day, one-time-use malware, and APT tactics. These blended, multi-stage attacks succeed because traditional security technologies rely on fairly static signature-based or pattern matching technology. Many zero-day and targeted threats penetrate systems by hiding newly minted, polymorphic dropper malware on innocent Web pages and in downloadable files like JPEG pictures and PDF documents. Or they use personalized phishing emails sent to carefully selected victims with

a plausible-looking message and malicious attachment targeting a zero-day vulnerability. Or they use social media sites embedding tweets that include a shortened URL masking the malicious destination. Each time a victim visits the URL or opens the attachment, a malware payload installs on the victim’s computer. This malware code often includes exploits for multiple unknown vulnerabilities in the OS, plug-ins, browsers, or applications to ensure it gains a foothold on the system. NEXT GENERATION THREAT PROTECTION(NGTP) Today’s Corporations, Financial Institutions, Educational Institutes, Government agencies are experiencing unprecedented cyber-attack activity — both in number and severity. In a never-ending game of cat and mouse, the cat currently has the upper hand. And unless your organization is prepared, you may be its next victim. By now it is pretty evident that how serious today’s next-generation threats are and why traditional security defenses are helpless to stop them. Now it’s time to unveil a new category of network security defense ie Nextgeneration threat protection - What is really needed to combat today’s most sophisticated cyber attacks. SIGNATURE-LESS DEFENSES Organizations today need to explore a new threat protection model in which their defense-in-depth architecture incorporates a signature-less layer that specifically addresses today’s new breed of cyber attacks. Although traditional security defenses are critical for blocking known cyber-attacks, experience has shown that it’s the unknown cyber-attacks that are most dangerous, and on the rise. And since these zero-day, polymorphic, and APTs are largely unknown and becoming the new norm for successful breaches, the world needs a signature-less solution to stop them. PROTECTION — NOT JUST DETECTION In earlier days there were intrusion prevention systems (IPS) & intrusion detection systems (IDS). An IDS, by design, can only detect known threats (or unknown threats targeting known vulnerabilities). As time progressed, organizations demanded that their IDS not only detect but also block cyber attacks. Thus, IPS was born. In that vein, the world needs an advanced threat protection platform that not only detects the threat, but blocks it, too, across all potential entry vectors. MULTI-STAGE PROTECTION ARCHITECTURE In a perfect world, IT would maintain full control of every computing device on the network. Then only worry about cyber attacks originating from outside the network and attempting to penetrate it through the perimeter. Of course, with mobile computing on the rise and IT being compelled to implement bring your own device (BYOD) policies, sometimes cyber attacks are hand-carried right through the office front door.

What the world needs is an advanced threat protection solution that not only monitors cyber attacks from the outside in, but the inside out, as well — across all stages as they attempt to communicate out or spread laterally through the network. If you can’t stop threats from entering through the Web, email, or the office front door, then at least stop them from communicating out and spreading further. Highly accurate detection engine www.infosecglobal.co.in Page 18 of 50 As with traditional signature-based defenses, detection accuracy is king. What is required to adequately defend against next-generation threats is an advanced threat protection solution that is highly accurate, with no false positives (good files classified as bad) and no false negatives (bad files classified as good). False positives and false negatives are products of security platforms with poor detection capabilities. False positives are mainly a “nuisance” as they consume valuable security analyst cycles time after false alarms. False negatives, on the other hand, can be dangerous as advanced malware passes right through the network security device completely undetected. Backed by global threat intelligence Every cyber-attack has a “ground zero” — a single host that is the first target on Earth to ever experience a given cyber-attack. What is really needed , is a mechanism for allowing advanced threat protection systems to share intelligence, not only within a single organization, but also among different organizations globally. We may not live in a perfect world. But there is an ideal solution for combating today’s most sophisticated attacks. Defining Next-Generation Threat Protection Next-generation threat protection (NGTP) is a new breed of network security technology specifically designed to identify and defend against today’s new breed of cyber-attacks. Intended to augment — not replace — traditional security systems, NGTP represents a new layer in the defense-in-depth architecture to form a threat-protection fabric that defends against those cyber-attacks that go unnoticed by common signaturebased defenses. NGTP platforms customarily ship on high-performance, purpose-built rackmount appliances. Preferred NGTP vendors offer an integrated platform that inspects email traffic, Web traffic, and files at rest, and shares threat intelligence across those attack vectors. NGTP platforms are unlike any network security offering on the market. NGTP appliances inspect traffic and/or files looking for thousands of suspicious characteristics, including obfuscation techniques like XOR encoding and other disguising behavior. Sessions are replayed in a (safe) virtual execution environment (think virtual machines, but using a custom-built virtualization engine specifically designed for security analysis) to determine whether the suspicious traffic actually contains malware

SME CHANNELS 37 FEBRUARY 2019

SECURITY

THE NEED FOR STANDARDIZATION IN DIGITAL SERVICES DELIVERY SUNDEEP OBEROI Dr. Sundeep Oberoi has 35 years of industry, research and entrepreneurial experience in diverse areas of Information and Communication Technology. He has a Ph.D. in Computer Science from I.I.T Bombay, an M.Tech in Computer Science from I.I.T. Delhi and a B.Tech in Chemical Engineering from I.I.T. Kanpur. Currently, Dr. Oberoi is Global Head for Delivery of the Enterprise Security and Risk Management Unit in TCS.

ANUPAM AGRAWAL Anupam is a Cheveninig Fellow on Cyber security. Additionally, he has Finance Degree from ICAI & ICWAI, India; IT Security Degree from ISACA, USA & Internet Governance Certification from University of Aarhus, Germany & Next Generation Leaders Program of Internet Society in association with DIPLO Foundation. He is the Co founder of India Internet Foundation also.

38 SME CHANNELS FEBRUARY 2019

Finally, when a human service agent is connected to the user, there may be a call drop and there is no method to reconnect the call and resume the conversation where is was interrupted.

Today a significant of portion of services are being delivered digitally to consumers. The consumer interaction channels may be via a web application, a mobile app, a mobile POS terminal or an IVR interface or a combination of these, in addition to delivery mechanisms for physical goods. Each service provider uses a different combination of interaction channels with widely differing user interfaces and experiences. These are implemented with various degrees of usability, reliability, security and privacy. Poor implementation results in very high levels of time wasted and possible risk of security breaches leading to financial loss and privacy impact. Since many of these services are essential services such as banking and citizen services delivered by Government departments, there will be significant benefit in standardizing certain important aspects of this service delivery. This note identifies the following important areas for digital service delivery standardization. The issue of payment systems has been left out of this note since the authors believe that electronic systems are incorporated into digital service delivery in a reasonably modular way and there is a whole regulatory and standardization regime that adequately covers this aspect. • Registration and Identity Proofing Many digital services require registration and of those several require an Identity Proofing process that may involve uploading of electronic copies of documents, submission of hard copies of documents, authentication based upon data already

available with the service provider of (like mobile number, personal details like birth date, mother’s maiden name, postal code etc.) or the use of Aadhaar identity authentication. • Recovery of Authentication Credentials Currently the most prevalent method of recovery of authentication credentials is via a “forgot password” functionality which may authenticate the user over and IVR channel or via an SMS based OTP to a registered mobile number. If authentication is successful a temporary password (or a link that permits an initial login and the creation of a new password) is sent to the registered email-id. In a small number of instances a new credential like a temporary password or new PIN is delivered via post or a courier company. • SLA on Synchronous Channels In many instances the interface for interaction is via an IVR channel. There are deep menus and indeterminate wait times. There may not be a distinction between and emergency type interaction and a routine type interaction. Finally, when a human service agent is connected to the user, there may be a call drop and there is no method to reconnect the call and resume the conversation where is was interrupted. • Issue Redressal Systems Some providers provide a method to log issues either via a web interface, email, a phone interface or by physical post. A few providers may assign an issue/problem/request number and that may allow for limited follow up and tracking.

SECURITY

4 WAYS TO PROTECT YOURSELF FROM CYBER CRIMINALS WHEN SHOPPING ONLINE With companies fighting for your attention, scammers have plenty of camouflage for their phishing emails and fake sites.

nline shopping deals are everywhere. There are deals in windows and on TV; deals on the web; deals on Instagram, Twitter and Facebook, deals via SMS, WhatsApp and Messenger; and deals in email, as online retailers attempt to lure shoppers to buy from them instead of the competition. With companies fighting for your attention, scammers have plenty of camouflage for their phishing emails and fake sites. They can dress them any which way, whether it’s fake offers that really are too good to be true, or any number of excuses for drumming up a bit of false urgency and demanding a login (Check your order! Verify your account! Register now!). Scammers will do whatever it takes and won’t stop trying to dupe you or take their foot off the gas until you give in and fall for the scam. So, while it’s tempting to tell you to do things differently while shopping online this republic day, there’s no reason you should. Even if you’re planning to join me and log off for the next couple of days, the scammers will still be there when you come back. Cybersecurity is 24/7, every single day of the year, because so is cybercrime. Want to protect yourself? Then follow these simple tips, every day: • Use a web filter: Web filters, like the one included in Sophos Home, stop you from browsing to websites that are known to be used for scams, phishing or spreading malware. • Use a password manager: Password managers create, remember and enter passwords for you, and they won’t enter your password into a phishing site, no matter how convincing it looks. • If it looks too good to be true, it is: Scams make wild claims and use familiar brands or friends and family to make them seem trustworthy. Stay alert, and if something seems off, it probably is. • Check your bank statements regularly: You can reduce the chance that you’ll become the victim of a scam but you can’t eliminate it, so make a habit of checking your bank statements regularly.

39 SME CHANNELS FEBRUARY 2019

MOHIT PURI

DIRECTOR SALES ENGINEERING, INDIA & SAARC, SOPHOS

“SCAMMERS WILL DO WHATEVER IT TAKES AND WON’T STOP TRYING TO DUPE YOU OR TAKE THEIR FOOT OFF THE GAS UNTIL YOU GIVE IN AND FALL FOR THE SCAM.”

SECURITY

THREAT HUNTING - NEED OF THE HOUR! To understand about compromised system, there is a wonderful saying by Mr. John Strands, i.e., “Beaconing + Blacklisting=OMG! We are in trouble”.

ADITYA KULLAR,

CO-FOUNDER OF CALIFORNIA-BASED CYBERSECURITY COMPANY TANIUM

AUTHOR’S BIO

WITH NEARLY NINE YEARS OF EXPERIENCE IN NETWORK AND INFORMATION SECURITY, ADITYA KHULLAR HOLDS A UNIQUE BLEND OF VISIONARY LEADERSHIP WITH EXPERTISE TO LEAD STRATEGIC PLANNING, DIRECT MULTI-FUNCTIONAL OPERATIONS, AND RE-STRUCTURING BUSINESS MODELS. PRIOR TO HIS STINT AT PAYTM, KHULLAR WORKED FOR VARIOUS GLOBAL FIRMS AND PROJECTS SUCH AS ARICENT TECHNOLOGIES, HCL INFOSYSTEMS, BANK OF AMERICA AND INTERGLOBE ENTERPRISES. IN HIS PRESENT ROLE, KHULLAR LEADS THE TECHNICAL ASPECTS FOR CYBER SECURITY VERTICALS IN PAYTM AND ITS SUBSIDIARIES.

40 SME CHANNELS FEBRUARY 2019

Threat Intelligence - It is the one word we all have heard various times recently. The subject has been under constant scrutiny for a while now, but do we understand it? Moreover, since it has been viewed very differently from different viewpoints of various security professionals, To start with let’s get to the crux of it. The ultimate goal is to provide a binary answer to the question, “Do I have a compromised system in my Infrastructure?” This system can be a server or an EUD (A End user device). To understand about compromised system, there is a wonderful saying by Mr. John Strands, i.e., “Beaconing + Blacklisting=OMG! We are in trouble”. This means that any system that makes a continuous connection to a blacklisted IP is a compromised system. In simple words, threat hunting is the black box that takes input and gives output. What are all the things it encompasses? Well, we need some way to collect info and figure out whether we are already compromised or not. We also need to understand that those outputs may be a formalized incident handling process put in place, or a team that does forensic investigation of subject, or it might be just a simple policy which says, “Hey, when a system gets compromised throw it away and put a new system on the wire.” Even though that may sound silly but that is a possible answer for most of the organizations. The process of threat hunting spans throughout various technology teams. For Example: ‘I just found a system which is beaconing to unknown/ blacklisted IP?’ Now to reach that point, we need a lot of work before and after identifying the system. We require complete scanning of the system, leading to putting in incident response plans in place and after that we turn to forensics mode to get to deeper end of the cause. To resolve this chaos, it is beneficial to implement Pro-active Threat Intel rather than reactive mode monitoring. All in all, Global threats can be listed in 5 types: l Remote Exploits (Public/Private)

Local Exploits/ Insider Threats Browser Based attacks (Malicious advertising campaigns) l Document based attacks (Malicious attachments like excel files, PPT , Word docs delivered through Phishing campaigns) l DOS/DDOS (Volumetric/Computational and Asymmetric attack vectors) Then the next Question that arises is, “We have a lot of tools which gives a lot of feeds, so what is different in threat hunting which makes it difficult to implement?” In a typical security tool, the process is to collect a lot(I mean tons) of data because it is satisfying to see whole network on a single dashboard, ‘it will give data to the management team’ and then ‘the team will educate itself and find threats out of it’. And this last part is the distinguishing element of the threat hunting process, in comparison to other mainstream tools. So going further, what are the basic frameworks that could to be used as the helping hand for the threat hunting process? One of the most common framework that is taken into consideration when talking about the tool is- MITRE ATTACK framework. It is a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s life cycle and the platforms they are known to target. Secondly, while rating a vulnerability always do a manual assessment basis NIST/NVD calculations with an automated scan using tools like Qualysguard, Nessus etc. In the end We should understand that - The process of threat hunting may seem to be a great alternative to proactively monitor assets but a threat hunting program cannot be Implemented by every organization. To build a Threat hunting team, one needs threat intelligence mindset, excellent technology engineers and pro-active tools which can give threat feed of an exploit/attack vector being seen in world space.. l l

REVIEW

PRODUCT

EPSON ECOTANK M1100

NETGEAR M4300-96X MODULAR SWITCH

Epson EcoTank M1100 is targeted at the office printing market and comes equipped with a host of features that are likely to tempt mono laser printer users to shift to Epson’s EcoTank printers. It is specifically designed to lower business printing costs when compared to mono laser printers.

THE NETGEAR M4300-96X IS THE WORLD’S ONLY 2U RACK height modular switch that comes either empty or pre-populated and scales up to 96 ports of 10G Ethernet or up to 24 ports of 40G Ethernet, or a combination. With 12 open slots and two redundant power supplies, the M4300-96X supports maximum granularity between copper, PoE+ and fiber and unrivalled headroom for organizations buying infrastructure for the long term. To truly converge, IT and AV networks, pre-configured 10 Gbps infrastructure is ready with NETGEAR SDVoE-ready M4300 switches. Instant installation with pre-enabled IGMP/multicast, scalability and affordability gets your ProAV deployment running in no time, with optimal 4K no-compromise quality. To take unnecessary complexity out of AV-over-IP deployments, NETGEAR created M4300 switches that are preconfigured for easy, true AV and multicast Zero Touch network configuration.

SWITCH: • Streamlines AV-over-IP SDVoE solutions, replacing 48×48 circuit switchers • 1.92Tbps Non-blocking fabric for 96x10G or 24x40G or a combination • 12 empty slots in 2RU for 8x10G or 2x40G port expansion cards • Two empty slots for redundant power supply units (PSU) • PoE over 10G is supported in first 6 slots (48x10G PoE+ 30W each) • Use the M4300-96X online configurator to design your modular switch • Zero Touch AV-over-IP with pre-configured L2 Multicast (SDVoE-ready) • Advanced Layer 2, Layer 3 and Layer 4 feature set – no license required management, USB storage • Easy-to-use Web browser-based management GUI

series printers make printing 23 times lower as compared to mono laser printers, which cost Rs. 2.74 per print with original toners. Over the life of the printer this translates into very significant savings for any organization. Epson says its monochrome EcoTank printers are also designed with an eye on the environment and keeping the UN Sustainable development Goals (SDG’s) in mind. The refill ink bottles provide an ultra-high page yield of up to 6,000 pages per bottle as against laser printers that provide an original toner yield of just 2,000 pages per toner. This can help businesses eliminate the frequent changes of toners and thereby help them significantly reduce their carbon footprint.

PRICE On request

WARRANTY On Request

KEY FEATURES OF THE M430096X MODULAR MANAGED

With an ultra-low printing cost of

12 paise per print, the new Epson EcoTank M

CONTACT

Price: INR 12,099 Warranty: On Request Contact: www. eid.epson.co.in

https://www.netgear.com/

SME CHANNELS 41 FEBRUARY 2019

PRODUCT

NEW ARRIVALS

HIKVISION

HIKVISION SMART POLES FOR SMART INFRASTRUCTURE MATRIX

MATRIX PRASAR UCS MATRIX PRASAR UCS, an Enterprise Unified Communication Server connects internal and external decision makers at multiple locations for effective communication and real-time collaboration. It enables enterprises to enhance business processes by unifying communication mediums to simplify the daily workflow and increase their response time. Being a pure IP solution, PRASAR UCS is a single box solution, scalable up to 2,100 users, as per future communication needs of the organization. Bring people together anytime, anywhere, and on any device with our integrated collaboration infrastructure for voice and video calling, messaging, and mobility.

HIKVISION SMART POLES for Smart Infrastructure solution uses cutting-edge Hikvision technology to secure people while keeping them connected while they are on the move for work or travel. Hikvision Smart Poles better safety and security solution to keep public areas secured in day as well during night. Integrated with PTZ Camera to capture Live View and Zoom Areas the poll comes with emergency Call Box with HD camera, to raise Panic Alarm / Emergency Alarm. It helps to realize alarm and aid as soon as possible and provides more efficient service for building social stability. It also supports TWOWAY audio for communicating with Command Control. Plus, it also supports scheduled turning on/off the alarm lamp in case of emergency. It is mainly applied to the scenarios of school, square, tourist attraction, hospital, supermarket gate, market, station, parking lot, etc. Price: On Request, Warranty: On Request, Contact: : https://www.hikvision.com/en

DIGISOL

DIGISOL DG-VG2300N VDSL ROUTER DIGISOL DG-VG2300N complies with IEEE 802.11n to provide a faster and secure data transfer. With 300 Mbps Wireless speed over the 2.4GHz band, the DG-VG2300N provides seamless HD video streaming, online gaming and other network tasks. DG-VG2300N VDSL Router Comes with the Latest ITU-T G.993.2 VDSL2 standard, provides up to 100 Mbps Speed downstream and upstream, and backward compatibility with ADSL. The device covers you in terms of network security, offering the highest levels of wireless security to ensure your safety and privacy. In addition to guest network access and parental controls that you can tailor to each device, you have VPN support for secure access to your home and office network. Its Easy Setup Assistant enables one to get quick & hassle-free installation.

42 SME CHANNELS FEBRUARY 2019

Key Features: • High Internet Access throughput. Downstream upto 24Mbps and Upstream up to 1Mbps (ADSL) • High Internet Access throughput. Downstream upto 100Mbps (VDSL) • Wireless speed up to 300Mbps • Robust WLAN Security • Dedicated WPS and WLAN push button • Dynamic DNS and VPN Pass through support n Pricing: Rs.1999/- , Warranty: On Request, Contact: : www.digisol.com

RNI NO: DEL ENG/ 2010/ 31962 Postal Reg. No.: DL-SW-1/4145/16-18 Licensed to Post without pre-payment U(SW)/19/2017-18

Date of Publication: 13 of Every Month Date of Posting: 15 & 16 of Every Month

THE BEST JUST GOT BETTER

NOW WITH EDR

DETECT, INVESTIGATE, AND RESPOND TO SUSPICIOUS ACTIVITY BETTER THAN EVER BEFORE. Ì Add expertise, not headcount with built-in machine learning and threat intelligence from SophosLabs Ì Understand the scope and impact of security incidents Ì Detect attacks that may have gone unnoticed Ì Search for indicators of compromise across the network and prioritize events for further investigation Ì Guided incident response: Understand your security posture and respond with the click of a button

Learn more at : sophos.com/interceptx