Over 10% of Indian ransomware victims extorted for $1 mn: Dell Technologies’ Ripu Bajwa

India remains one of the most vulnerable countries to cyberthreats and data-loss incidents, says Ripu Bajwa, Director and General Manager, Data Protection Solutions, Dell Technologies India. Citing a report, he says that India witnessed the highest number of cyber-attacks in Asia in 2022. “This makes cybersecurity an increasingly critical strategic factor in ensuring continuity of business,” he says, in this interview with Adgully. 

“Organisations who want to realise their digital transformation goals and secure themselves against cyber threats will need to act now. Even the smallest of efforts can help businesses secure their future. Simple measures like choosing a VPN, conducting a password audit and investing in the correct infrastructure solutions, will go a long way in protecting crucial data for businesses in India,” says Bajwa. 

Here he talks about the need for integrated data protection, the importance of air gap cybervault technologies, the data protection trends for 2023, etc. Excerpts from the interview: 

What are the current data protection threats and challenges facing businesses and individuals?

When it comes to data management, Indian organisations have faced frequent cyber attacks. India remains one of the most vulnerable countries to cyberthreats and data-loss incidents. According to a report, India witnessed the highest number of cyber-attacks in Asia in 2022. This makes cybersecurity an increasingly critical strategic factor in ensuring continuity of business. 

The adoption of new-age technologies like AI, IoT, ML and cloud computing, without a robust cybersecurity strategy that can protect data at the perimeter, remains a challenge. Organisations seek out multiple vendors for their security, little realising that it will not only make their data management complicated, but also increase the surface area for attacks. Hybrid work model is contributing to the rise of entry points for malicious actors wherein endpoints and IT infrastructure are not up to date with the increasing sophistication of attacks. With protection strategies remaining an afterthought, workers are at most risk. 

Please share the insights from Dell Technologies 2022 Global Data Protection Index report.

According to the results of the Dell Technologies 2022 Global Data Protection Index Report 2022, 86% of organisations had experienced at least one disruption last year. And 76% of businesses cited lack of data protection solutions for newer technologies like cloud-native applications, IoT, edge, containers, etc., as a challenge to their cyber-resiliency. 65% of the businesses have reported increasing complexities around cyber-resiliency as a barrier to their data protection strategy. Globally, data breach costs rose 10%, from $3.86 million in 2020 to $4.24 million in 2021 due to four process-related activities: detection and escalation, notification, post-breach response and lost business. It was highlighted that 37% of workers had not improved their security awareness even after hearing about high-profile cyberattacks. 

What added to concerns was the fact that 54% of the businesses cited that they were prepared to pay a ransom just because they felt it would prevent further attacks. This opens a vast surface area for cyber attackers to act on. In India, more than 10% of ransomware victims were extorted for more than $1 million in payments.  69% are concerned that they will experience a disruptive event in the next twelve months; however, with 91% of organisations having agreed that they are either familiar with or planning to deploy a Zero Trust architecture, we see hope on the horizon. 

What is the Identify, Predict, Detect, Respond, Recover (IPDRR) framework to cybersecurity?

A cybersecurity programme should increase an organisation’s ability to reduce downtime to critical business functions after a cyber attack. Effective recovery protects critical data, identifies suspicious activity and responds immediately with correction and improvement.

Integrating recovery as capstone of the cybersecurity framework offers any business the true cyber resiliency. The NIST Cybersecurity Framework sets such a strategy across five functional areas:

1. a) Identification:itemise and justify the specific elements to be protected and why
2. b) Protection:determine the specific protection elements needed and how to implement them
3. c) Detection:put in place strategies and actions that detect potential cybersecurity breaches quickly and accurately
4. d) Response:plan the communication, analysis, mitigation and improvements to apply in the event of a breach
5. e) Recovery:construct recovery plans that include improvement contingencies and thorough communication

What is the need for integrated data protection – cloud, server, storage, and 5G environments in India?

Infrastructure as a Service (IaaS) is becoming the go-to choice for businesses of all sizes due to the numerous benefits of the model which offers support in remote-working conditions, streamlined scalability of assets, flexible up-front investment and overhead costs. However, it has its share of potential threats with Internal mismanagement being a big threat to securing infrastructure, especially cloud and edge. With emerging technologies, companies need to keep themselves up-to-date. There may be probable challenges that occur with the interaction of IaaS with existing systems. The complexity heightens the likelihood for errors and puts data at risk if not governed carefully.

Massive data growth is a problem for any data protection programme. With data volumes growing at exponential rates, there’s a sharp increase in the cost and complexity of backup and data retention, regulatory compliance and data security. Between data centers, colocation facilities, public clouds and edge locations, the IT landscape is certainly complicated. With businesses rapidly moving to the cloud for IT agility and speed, they may have unintentionally led to a wider surface area for attacks that leads to unpredictable costs in security and data governance. 

Similarly, with 5G offering huge performance improvements in bandwidth and connecting more devices to the network a wider attack surface has been created. The security of these endpoints must be managed throughout their lifecycle. A robust integrated cybersecurity plan protects the systems and applications that manage data, from malicious actors and data loss. Effective data protection and data management require organizations to find solutions for a number of significant challenges. 

What is the importance of air gap cybervault technologies, MFAs, SOAR and other upcoming data protection solutions? 

Data protection solutions such as air gap cybervault, MFAs and SOAR are crucial while protecting one’s data.

The term air gap implies physical isolation from an unsecure system or network. The idea behind air gap technology is simple: leave no doors or windows open, and criminals will have no way in and data no way out. There are very few ways to infiltrate air-gapped systems because data can only be shared to and from the ecosystem with limited external channels. The combined power of advanced threat protection and data encryption rolled into a single, on-premises solution means organizations can defend against threats with higher efficiency. We at Dell Technologies offer this technology through Dell PowerProtect Cyber Recovery which provides a logical air gap feature to keep the PowerProtect Cyber Recovery Vault disconnected from the production network. Optimized for SAN/DAS, PowerVault ME5 storage delivers the performance, capacity and operational simplicity that price-sensitive, small to medium-sized businesses demand. 

In SOAR, the response to an attack is automatically initiated when it detects an anomaly. Thus, it is able to reduce response time and control the damage caused by a cyberattack. This platform also has the added advantage of broader aggregates of security data from third-party sources and endpoints, thus a more diverse familiarity with vulnerabilities against which the platform can warn an organization.

Multi Factor Authentication (MFA) provides an extra layer of security by requiring a user to verify their identity with multiple credentials prior to accessing any protected data. Access to customer content and personal data is provided on a need-to-know basis, with restricted access granted only when necessary or required. All access is monitored and audited on a regular basis to ensure compliance with our stringent security measures.

Organisations who want to realise their digital transformation goals and secure themselves against cyber threats will need to act now. Even the smallest of efforts can help businesses secure their future. Simple measures like choosing a VPN, conducting a password audit and investing in the correct infrastructure solutions, will go a long way in protecting crucial data for businesses in India. 

What are the data protection trends for 2023? 

Keeping in mind the data breaches and threats, businesses will need to modify their cybersecurity strategy while structured and unstructured data remain distributed across cloud and edge environments. 

While data, both structured and structured, stays distributed across cloud and edge environments, businesses will move to urgently amend their cybersecurity approach. Zero Trust architecture is going to become the cornerstone of data security in 2023. Business leaders across industries need to take a more holistic approach towards developing robust cybersecurity and data protection strategies with embedded security features designed into the hardware, firmware and security control points. This holistic approach will help organizations achieve Zero Trust architectures to strengthen cyber resiliency and reduce security complexity. 

As businesses transition to multi-cloud ecosystems, it would be important for them to analyze what their edge architecture needs will be. Doing so will vastly benefit end-users in terms of reduced latency and seamless connectivity, as well as enhanced privacy protection and data security. 

5G will create a massive new pool of connected devices or endpoints and a wider attack surface. The security of these endpoints must be managed throughout their lifecycle. Businesses must build effective and long-term cyber resiliency strategies to mitigate potential threats. 

Organisations will be looking for data protection solutions which can secure their workloads across multicloud environments. Cybersecurity solutions will enable multicloud operations as businesses become aware of their risks. 

Today, data protection has transformed itself into a priority for CIOs and organizations are investing heavily to safeguard their IT architecture against any kind of cyber threat or malware attack. Customers will be more keen to invest in specific solutions in data protection for endpoints against malwares, rather than investing in the entire security suite. 

Data sovereignty will become increasingly important. Businesses will soon be expected to integrate to the latest encryption technologies to safeguard customers’ data and to minimize the threats associated with data transfers. 

What is the roadmap for Dell Technologies in India to help businesses and individuals with their cybersecurity needs?

When it comes to cyber security it is important to adopt a cyber resilience approach to deal with threats like ransomware. In addition to working to prevent attacks, a cyber resilience strategy focuses on ways to mitigate the damage from cyber threats and how to achieve a successful data recovery to restore operations after an attack, not simply how to prevent a cyber-attack. 

We at Dell Technologies India, not only plan on sharing infrastructure solutions but will also help Indian organisations and individuals with insights on improving Business Continuity Plans and Data Recovery Road maps for their businesses.