With a fast rising digital economy, India today is witnessing sophisticated attacks from organized players. Attacks are becoming more targeted and are increasingly resulting in high-value data breaches. Not surprisingly, India today ranks among the top five countries at risk for cyber attacks. India also is among the top five countries in the world for countries that are affected by ransomware. With a growing number of devices connected to the Internet, a number of organisations in India are facing challenges of ensuring security for connected devices.
Increasing pace of cyber attacks and the inability to keep systems updated and patched, coupled with lack of internal talent, has opened up huge number of opportunities for specialised solution partners. Additionally, smartphone penetration and an exponential rise in IoT devices are leading to newer attack surfaces. As the sophistication of cyber attacks increase, solution partners are finding increasing business opportunities for relatively new services such as managed security services and patch management.
Moving from selling antivirus to security solutions
With plain vanilla security products such as antivirus and firewalls becoming a commodity, solution partners are shifting gears, and are looking at niche solutions that command higher margins. A case in point is Pyramid Cyber Security and Forensic, which offers security as a service, compliance related services and forensics. Sharing his view on the immense potential of this business, Alok Gupta, CEO of Pyramid Cyber Security and Forensic, says, “Compliance in security-as-a-service is turning to be a high profitability business for partners. Being a niche player in forensics, we command a premium as high as 30 per cent in most of the cases. I think there’s a lot of money to be made in adding security services to the offerings of MSPs which can translate into margins of 20 per cent or much more. In addition to the margin on reselling services, MSPs should look to take over their clients’ needs for compliance services, implementation of security policies and procedures, and documenting of those policies and procedures for maintaining this profitability.”
With cyber attacks hitting even small and medium businesses, the need for cyber security specialists who have the requisite skill sets have accelerated. Biswajeet Saha, CEO, SEA Infonet, a value-added security products distributor, says “We see immense growth in the cybersecurity landscape arising from the increase in threat patterns and also the increase in mobile devices and cloud computing. Additionally, technologies like anti-APT and EDR has opened up the perception of cybersecurity needs among SMBs and enterprises.”
“If there’s one lesson to learn from cyber criminals, it is the collaboration and practice sharing. Knowledge is power, as we know, and so keeping a breach secret only helps the attackers – if an exploit isn’t made public, it can be used on the next company and the next. In order to stop it, free sharing of information among business and enterprise, cybersecurity professionals, and security software vendors is essential,” states Raunaq Singh, CEO and Director, Targus Technologies, a Gurugram-based solution provider.
Cloud security is a big bet
Cloud-based security is making a huge impression on the channel. As more security solutions move to the cloud, partners are facing a changing market that often requires them to link up with cloud providers and IT security vendors to broaden the suite of products they offer to customers.
“Organisations continue to adopt cloud technologies at a rapid rate, but information security is not picking up that pace. It is clear that monitoring cloud assets and infrastructure will continue to be a challenge and that’s where the opportunities are. Even smaller companies are looking towards having a shared CISO. It is all about getting the best and also cutting CAPEX at the same time,” says Atul Ahuja, Vice President, Softline Asia.
Increasing complexity of security solutions, lack of in-house expertise and budget constraints is pushing the demand for Managed Security Services, which has now become the most attractive segment both by size and growth. It is expected to be close to 55 per cent of the overall cybersecurity services market by 2025 and is expected to grow at a healthy CAGR of approximately 12 per cent.
Giving a fresh perspective, Krishnaraj Sharma, Director and CEO, iValue Infosolution, says, “Security is not just about technology but a collaborative approach of threat intelligence, prevention technologies, detection technologies, associated services in a collaborative model sharing knowledge and expertise across all players. Hence, security needs to be viewed from a holistic and business risk perspective and not from a product/service or technology view.”
Asserting his views, Vishal Bindra, CEO, ACPL System, says, “Security-as-a-Service is more lucrative than traditional hardware support services. This is because a customer is not outsourcing to reduce cost but to improve efficiency. In this scenario, any solution partner who can showcase the effectiveness, competence, better TCO and maturity in processes bundled with certified manpower will get the mandate.”
Meeting the customer’s need
Customer networks are rapidly evolving to keep pace with new innovations and consumer demands. So is the role of security providers. Digital transformation enables digitisation of all customer-centric services which effectively asks for most of the application to come towards the edge of the network. It’s a huge opportunity for all security partners to work on building products and services around application performance, application availability, and application protection. More and more consumer-centric approach in the business gives larger opportunity in areas of end-point protection and mobility management.
Therefore, network security players can forecast huge business growth and prospects in the enterprise security space in India in the coming years. But are they equipped to embark on this journey? Opines Vishal Bindra, “Large enterprise customers are investing heavily in securing digital assets. Customers are investing in secured user experiences. We are working with them to provide strong and robust security architecture and secured application view so that they have an integrated security overview and not an overlay.”
This trend is now extending to SME customers too. States NKR Venkat, Director-Sales, Digital Track, “Today, every enterprise — from the SOHO to the large enterprise are giving importance to cybersecurity. SOHO and SME organisations have traditionally restricted their security investment to A/V and UTM solutions, whereas midsize and large enterprises are trying to have a whole gamut of security solutions, like UTM, A/V, Anti-malware protection, dedicated IPS, DLP, IRM solutions, encryption, SSL-VPN, etc. to ensure that they are highly protected.”
Preparing for next decade opportunities
For security solution providers, it is important to stay ahead of the threat. Many solution partners are conducting comprehensive security audits to assess the current threat scenarios and take IT initiatives for the next three to five years along with compliance needs to arrive at a road map of hardware, software and service needs in a phased manner. Security providers are also investing in skilled resources to use the SDKs provided by OEMs and build their own layer of security on top so that they can use their own IP and create their own unique niche in the market.
A case in point is Targus Technologies. “With Artificial Intelligence, IoT, Business Analytics, and Robotics taking centre stage in the next decade, it is imperative that we give security the attention that is required to make businesses safe. Targus plans to work closely with its OEMs (such as Juniper, Fortinet, etc.) to provide high levels of hardware and advanced threat protection. We intend to secure all seven layers of our customers’ network and business,” informs Singh.
Similarly, Softline is looking at an integrated security solutions approach for on-premise and cloud infrastructure deployments. Softline India has a dedicated CoE for security offerings and has an on-going program with Barracuda to skill its consultants and solution architects. Audit and Compliance are basic needs of customers around security which is driven by governance, risk, and compliance (GRC framework). Using their expertise, channel partners are looking at compliance as an opportunity.
“We have vertical practices around Government and banking which are highly compliance driven and we have service offerings for most compliance needs of all leading industry verticals,” adds Sharma of iValue. Another security partner is trying to build the NOC and SOC setup so that it is able to monitor the customer security infrastructure with 24/7 facility.
Essen Vision is looking at the collaborative approach to deliver best of breed services.
“We are putting a practice in place for every unique service offering we are talking about. This includes internal R&D centres which contribute better in bringing out self-sustained skills from team with innovative cyber use cases. We are also focusing on cloud security this year bringing in solutions that integrate tightly with their on-premise security to simplify management and administration. We are firstly looking forward to exploring machine learning/ AI capabilities available with current technologies like DLP, APT, SIEM and analytics,” says Shetty.
Essen Vision has also invested heavily in manpower for setting up a full-fledged lab and is working hands-on to develop use cases for security. The firm is also developing its own IP to get more success. “Security audits capability has been with us for a long time. Now on ML and AI, we have adopted both of these in our own developed technologies like Klassify and ACRS. Moreover, we are investing heavily in automation and orchestration as well,” clarifies Shetty.
Dealing with security breaches
While partners are upping the ante against cyber threats and becoming the first point of contact for the customers in case of any security breach, they have a serious challenge in terms of educating clients on allocating appropriate budgets for security. Highlights Saha, “Being a security provider, we educate organisations to think differently today. They need to transform from the “security as per budget” mindset to “budget as per security needs” approach. This is important as organisations typically spend huge sums on IT infrastructure but do not have proper financial planning when it comes to securing the same.”
Ahuja of Softline says, “At Softline, we start investigating the incident. Gathering information of the incident is important in validating that an incident has occurred, identifying the suspect cause of incident, isolating the infected system and eradicating the cause of the breach. This is followed by implementing policy, procedures and technology that is necessary to prevent the recurrence. Additionally, a security audit or risk assessment combined with network penetration testing to identify weakness in the network can also be done.”
Partners have helped customers recover from Ransomware attacks, helped prevent prevalent malware in their networks. With the help of vendors, partners have also helped with intelligence on breaches in security, helped in incident forensics and have also collaborated with law enforcement agencies to nail cyber criminals.
“We have various methods available under “operate” pillar which starts from basic incident reporting mechanism and prioritisation as it’s difficult for the on-ground team to identify what needs to be acknowledged first. Later, we tend to follow a mix of NIST and SANS methods to respond, recover and investigate the incident for future references reducing response time,” shares Shetty.
Cyber security needs to be approached with a holistic perspective. In most cases, people and processes are the weakest link in the chain and not technology. Hence it’s critical to look at multiple perspectives such as technology, compliance, threat vectors, key assets, processes, and people with continuous review system to identify new vulnerabilities and fix them proactively.
“The extensive learning over time helps us to prepare customers at every stage to be ahead of the threat. Since threat vector is active all the time, the key is to assess risk and be ready to manage the threat to be ahead of the curve with continuous assessment. In case of the breach, we have forensic tools and solutions for analysing and preventing further loss of critical info and clean up the entire ecosystem from malware,” says Sharma.
With new threats evolving every second, this space will continue to see many new niche technologies coming into the market. To stay relevant, solution partners will have to constantly upgrade their skill sets, and take advantage of new and emerging technologies. – CRN