Demand for security threats, monitoring surges in India

Technology solutions company Verizon Business Group (VBG) grew between 8 percent and 10 percent in India last year.

A lot of the demand was to guard against security risks, as a high number of employees work from home, and companies increased the use of personal and mobile devices since the outbreak of the COVID-19 pandemic.

VBG provides IT, communications, security and network solutions to enterprises and governments around the world. Its customers include banks and financial institutions, and companies in the e-commerce, pharmaceutical and manufacturing industries.

Organisations have had to strengthen their security to steer clear of security breaches and hackers, says Anshuman Sharma, Principal Consultant - Investigative Response, Verizon Business Group.

In India, it entailed providing services related to security operation centres (SOC), governance, risk and compliance, threat and vulnerability, penetration testing, and investigative response.

SOC has become one of the main revenue drivers for Verizon in India, as companies got set on digital transformation journeys and cloud migrations.

A SOC is a centralised unit that is responsible for monitoring a company’s functions to detect and prevent any security issues that may arise on all levels. Verizon, through its advanced centres, provides customised threat and monitoring, and gives curated daily threat intelligence feeds. 

As enterprises integrate endpoint detection and response (EDR), network detection and response (NDR), and user behaviour response in the SOC, large organisations are outsourcing this. SOC deals have evolved from being six-month or one-year engagements, to deals of three years to five years. 

“Organisations have been investing in these for a considerable amount of time, but now they have eased up. Rather than managing it themselves, they are now giving it to someone who does it day in and day out,” Sharma tells EnterpriseStory.

EDR provides real-time threat monitoring and collection of data from endpoints, while using automation to quickly identify and respond to threats. On the other hand, NDR scans the organisation’s network for malicious actors or suspicious behaviour.

Vulnerability management and penetration testing constitute another revenue driver in India. Penetration testing is an authorised simulated cyberattack on one’s own system to check for exposed vulnerabilities.

“Penetration testing is no longer a one-time business," Sharma says. "Organisations want to run these tests again and again because the threat landscape is always increasing and always changing.”

He cited the example of the Reserve Bank of India, which is pushing for blue team exercises for most banks in India. These exercises simulate attacks to gauge the strength of an organisation’s existing security capabilities and identify areas of improvement in a low-risk environment.

In order to be prepared for these drills, banks approach Verizon for a combination of penetration tests along with red team and blue team exercises. 

A new growing segment of cybersecurity in India is that of threat intelligence. Traditionally, organisations have either depended on government agencies to provide threat intel, or on open sources. “Now, they are slowly shifting to having a professional feed coming from a professional,” Sharma says.

Verizon provides threat feed through its threat intelligence platform service, VTIPS. It analyses data from a wide range of sources and Verizon’s trained dark web hunters proactively search for company-specific threats.

Sharma reiterates the importance of frequency when it comes to training employees and running data breach stimulations. In a WFH setting, Sharma recommends that organisations set a clear set of policies and procedures that help employees uphold the security.

“Most organisations miss out on skills training," Sharma notes. "They focus on awareness training, but not on skills of the support team. Is your support team trained enough to handle incidents and breaches? Because they are the first responders.”

He gives the analogy of first responders in health and medical spaces, and how their training and skills enable them to save lives. It is imperative to create robust processes that are communicated with everyone in the organisation. If nobody bypasses the process, the chances of a security compromise reduce.