With 1,850 attacks a minute, how 25-year-old Quick Heal is solidifying its cybersecurity presence

Quick Heal Technologies, a name synonymous with antivirus software in India, has had a one-of-a-kind success story. Sanjay Katkar, CTO of the Pune-based tech company, looks back at his journey into cybersecurity and the future.

The robust technological evolution has led to the proliferation of cybercriminals and antivirus softwares in digital society. As the former figure out ways to avoid being detected, it is imperative for the latter to evolve and identify such threats.

Most antivirus solutions now follow a multi-layered approach to threat defence, by leveraging signature-based scanning, heuristics-based scanning, behavior-based detection, and sandbox implementation.

Next-generation antivirus softwares now implement cloud-based scanning as one more layer of detection. This gives the users an advantage since their databases are always on the cloud and up-to-date.

Kailash Katkar (L) and Sanjay Katkar (R)

While the evolution is rapid, the cybersecurity market continues to face challenges around awareness. Users across multiple geographies, whether individuals, businesses or even governments, remain unaware about the need for robust cybersecurity.

“Even if they track fresh developments in the cybersecurity space, they do not have a complete understanding of how these threats could possibly impact them,” says Sanjay Sahebrao Katkar, Chief Technology Officer (CTO) at Quick Heal Technologies.

Quick Heal, which started as a bootstrapped startup with a consumer antivirus product in 1995, has evolved into an end-to-end cyber security solutions provider. With its clientele spread across retail, enterprise, SMB and governments, the company is leading the domain with its flagship products: Quick Heal and Seqrite.

While the former caters to retail with antivirus and internet security products, Seqrite deals with enterprise security solutions for endpoint security, network security, server protection, enterprise mobility management, data encryption and data loss prevention (DLP).

Silver jubilee in cybersecurity

Sanjay’s elder brother and CEO Kailash Katkar’s expertise in screen printing, ledger posting machines, radio and TV repairing since Class 5 has stood him in good stead. At one time, Kailash was known as the only calculator repairer in Pune, earning Rs 400 a month.

In the early 1990s, Kailash realised that computers were eventually going to replace calculators and persuaded his younger brother, Sanjay, to opt for a bachelor’s in computers course.

Owing to user requests that involved fixing virus-infected computers, Sanjay wrote the required utilities to kill the Michaleangelo virus, which was designed to infect DOS systems in the early 90s. While the brothers started selling sets of these utilities, a product eventually materialised, resulting in the birth of QuickHeal antivirus software in 1995.

The company raised funding only by August 2010: $12 million from Sequoia Capital. India has been the primary market for Quick Heal for 25 years, with more than 90 percent of its revenues coming from the sub-continent alone.

“In the enterprise segment, Seqrite is protecting millions of endpoints for more than 32,000 enterprises across the world. The pan-India channel network now has over 25,000 partners. The gross turnover for FY19 was around Rs 385 crore,” Sanjay says.

Expansion of tech = expansion of vulnerability

Much has been spoken about the antivirus market and its prospects. Yet, the thin line between a plethora of exciting opportunities and the expansion of the attack surface area is where the real magic of cybersecurity resides.

Sanjay points to the influx of new malware that is now targeting any and every online user, and the challenges that follow the scale at which the malware can grow. As a result, malware research will have to be fast-paced, with new updates released within hours of a new threat being detected.

"It also leads to a ‘bloating’ of antivirus software in terms of resource utilisation, and it can become heavy and hamper the user’s day-to-day activities. This is the biggest technological challenge for Quick Heal and, for that matter, any antivirus vendor - keeping the solution both lightweight and effective enough to defend from all the cyber threats. We solved it by integrating our product range with data analytics, machine learning and cloud-based AI."

Speaking about the BYOD (bring your own device)-led work culture becoming more prominent at Indian workplaces, Sanjay avers that none of these developments have security at their core. Besides, enterprises are naturally increasing the adoption of new-age digital technologies, and are storing sensitive data on digital devices and the cloud.

This is the reason that Indian citizens and businesses have emerged as a lucrative target for threat actors across the globe. In Q2 2019 alone, Quick Heal detected more than 242 million threats on PCs and laptops. This translates to around 2.5 million attacks a day, or more than 1,850 attacks every minute.

Considering that a single breach can potentially threaten an entire business, an enormous responsibility falls upon the chief information security officers (CISOs) to bring in sensitivity on their own boards and with decision-makers about such rampant threats. Cybersecurity in the current age is no longer only an IT issue, but an enterprise imperative.

“The spending for cyber security in India is less than 10 percent of the overall enterprise spending, a number that is way below the international standards,” Sanjay adds.

Quick Heal to the rescue

Sanjay says the company has now moved beyond just endpoint protection, and developed better capabilities in cloud, mobility and data protection. The new inclusion has products like unified endpoint management (UEM), secure web gateway (SWG), enterprise mobility management (EMM), and data encryption and data loss prevention.

“We are now looking at further strengthening our product offerings with solutions such as endpoint detection and response (EDR), and are also looking at developing security capabilities to introduce XDR solutions,” he adds.

The company recently launched GoDeep.AI, a proprietary AI-backed threat hunting engine that attempts to identify and eliminate existing and emerging threats globally. Sanjay elaborates that the team is now using security automation to ensure smoother threat detection and response for all its products, while releasing a free anti-ransomware tool.

For retail consumers, there’s the 'lighter, smarter, faster' range, which builds upon existing offerings to provide amplified threat defence, but at a lower system-resource consumption.

Considering the ongoing digital transformation where more and more systems are going digital, the sheer scale of security challenges is huge.

“Enterprises need to wake up to this challenge and adopt a multi-layered, security-first approach for their operations. Business leaders need to understand the specific security needs of their respective enterprises and deploy security solutions that best fit that requirement. Only by doing so will they remain competitive in a fast-changing business landscape and derive the maximum benefits,” Sanjay says.

(Edited by Suruchi Kapur Gomes)