As the world continues to work from home amid the Covid-19 pandemic, cloud and data security will continue to remain important for both companies and individuals. The digitisation that would normally take up to five years has taken place at an unprecedented speed during the pandemic-induced lockdown. However, there are chances that once things are back to normal, the focus on cyber and cloud security may dip a little compared to now, Venkat Krishnapur, vice-president of engineering and managing director of McAfee India, said in an interaction with Aashish Aryan. Edited Excerpts:
One of the collateral benefits of the current work from home scenario is that there has been an exponential increase in the use of digital services. Is there a corresponding increase in awareness of digital security?
The needs have significantly increased in terms of the digitisation and the virtualisation that one would have normally seen after the pandemic. We have a lot of data to support that. Some of the spam-based Covid-related URLs (uniform resource locator), which were in single digit in February, that goes up to more than 40,000-50,000 by now over these months. The whole threat landscape just changed in favour of the bad actors in cybersecurity due to the whole work, school and everything from home scenario.
Corporates, small and medium-sized enterprises were not prepared for this kind of remote working, which was never heard of before. The needs of the people and everything associated it with became digital. There is the whole explosion of misinformation on the internet today, which makes it much more important to have the right kind of cybersecurity solutions. You need to make sure the endpoints are protected, the data, device and person need to be secured.
Will this pandemic trigger a behaviour change as far as cybersecurity is concerned? Or will it be one of those periods when people will implement short-term solutions?
The kind of digitisation that has happened during the pandemic would have taken almost five years in our view. That’s the scale that has happened because of the one-of-a-kind unique event. When you look at the data today, there is a significant amount of surge in digital security services and their needs.
Chances are that once we get back to normal, there is going to be that lowering of the guard, so to speak, potentially that is possible. The reality is this is not something that we expect, even with the vaccination, that it will go away in a month or two. It is possible to live into this kind of situation right through 2021 and beyond 2021 into 2022 as well. We are talking of at least two years where people will continue to remain working where this kind of digitisation has happened. There is that awakening in terms of how much digitisation can help people. I think the immediate threat is not going away. We are in for a long haul.
The behaviour has to change because digitisation has brought something new, people have tasted something new, of the possibility of infinite things to happen. Therefore, the security needs will continue to be there.
During the pandemic and once the race for vaccine got underway, there were a lot of state-orchestrated or individual cyberattacks on companies, especially in the pharma and the logistics sectors. How do you see this trend panning out?
This is not new. What we have seen today is a certain instance of what has been happening for many, many years. The Iranian nuclear reactors were attacked by a cyber state as early as 2010, which hacked their control system. The nuclear program was impacted. We have been seeing state-driven cyber attacks for a long time. The attack on pharma companies is one example of that.
Some countries have armies of people specifically devoted to determining where you have these gaps and vulnerabilities that could be exploited. The attack on pharma companies is to gain more knowledge from other countries and companies in the current situation.
Would it be fair to say that companies were under- or unprepared to face these kinds of cyber-attacks?
If companies did not have the right cybersecurity or risk mitigation measures in place, chances are there could have been a lot of data loss. To a large degree, all these big companies are prepared for these kinds of attacks. Because it is also related to their intellectual property (IP). So IP is so critical in this situation.
I think there could have been an element of unpreparedness as we rushed to create cybersecurity, but most of these big companies are aware of the kind of consequences that can actually result from getting exposed, even in normal conditions. It will get better as we understand the nature of these attacks. It is a cat-and-mouse game.
Where does India stand globally as far as cybersecurity preparedness is concerned?
The cybersecurity services industry spend in India is around $4.3 billion, and we expect it to grow to $7.6 billion by 2022. We are almost doubling. When you look at cybersecurity market in India, it is growing twice as fast as the global market. From a consumer business point of view, over the last few months, the number of new customers, India is the second-largest country in terms of downloading our products and services.
The number of attacks on cloud-based services has increased by 630 per cent since March. Companies would be naive not to invest in cybersecurity in this kind of environment.
📣 The Indian Express is now on Telegram. Click here to join our channel (@indianexpress) and stay updated with the latest headlines