What’s keeping CIOs up at night? The challenge of securing their networks and infrastructure against a rapidly evolving threat landscape, of course. I have been speaking with customers from across our global markets and everywhere I go I find that customers want to understand strategies to best secure their enterprise from escalating threats. I was in India in April 2023 for the first ever VMware Explore in the country, and the Indian CIO is on par with their counterparts from other regions when it comes to security concerns. It was interesting to hear from Indian enterprises about their security concerns in a business environment where hybrid working, remote access, and on-demand access are the enduring trends.
Across the world there are geo specific concerns that enterprises want to address. But in India, CIOs are not just aware of the global threat landscape, they also want to understand how other companies in the same sector across the world are dealing with similar issues. This interest in global best practices is quite unique to India and their concern is understandable considering that there was a 38 percent increase in cyber-attacks in 2022. For a country that is betting big on multi cloud, and cloud native applications, this is a troubling statistic made worse by some concerning shifts in attacker’s behavior.
Five years ago, when attackers breached the perimeter, they went in quickly, took the data that interested them, or inflicted the damage they intended to and left quickly. Now times have changed. First, they are coming in quietly and lying low while using AI and ML applications to scan the network and plan their attack. Second, they are increasingly using legitimate ports and protocols like the Remote Desktop Protocol (RDP) to breach a company’s defences. The RDP is used by system administrators for patches and updates and there is no way they can be switched off. Third, new age attackers no longer make numerous lateral moves once in the network. After understanding the lay of the land, they make one or two calculated moves to get to the monetizable prize, which they then hold for double extortion – demand ransom for the data, as well as exfiltrate and sell it. This new behaviour poses a significant threat to enterprises as it makes it difficult to prevent, or even detect breaches until it is too late.
In a multi cloud world, this challenge is compounded further. As companies accelerated their cloud first journeys, they rapidly adopted multiple cloud platforms to meet different requirements. Each cloud came with its own set of tools and security protocols. As the number of workloads across clouds grew, so did the complexity of the infrastructure, with little to no interoperability, and no single pane of glass view into security or networking. And this is why it is essential for organizations across sectors in India to move from cloud chaos to cloud smart strategies.
VMware has been a trusted advisor to the country’s digital transformation effort for the last 15 years and has the right tools and solutions in place to help India turbocharge the next phase of its growth journey. The AI powered Carbon Black remains our most formidable defence mechanism in a multi cloud world. We recently announced the expansion of network detection and visibility to the Carbon Black endpoint protection platform that will enhance its threat mitigation capabilities. We also have 3 new security solutions. The first of these is Project Northstar on the NSX platform that is built for multi-cloud networking, security and end-to-end visibility. The second is Project Trinidad that extends and advances our API security and analytics. And the third is Project Watch that presents an innovative approach to multi cloud networking and security with advanced app to app policy controls.
It is now evident that threat landscape is only going to evolve further and faster. And bad actors are going to increasingly use emerging technology trends to fine tune their attack strategies. India is facing the same challenges as every other region in the world and needs to ramp up its security posture to meet emerging new threats.