Targeted ransomware, cyber insurance to trend in 2020: Check Point Software CTO
Bengaluru: The advent of new technologies also opens doors for more complex cyber security threats. As the world gears up for newer challenges in 2020, Nasdaq-listed cyber security firm Check Point Software Technologies Ltd aims to address these threats with a unified and automated approach. In an interview with Mint, Tony Jarvis, Chief Technology Officer, Asia Pacific, Check Point, talks about the threat predictions, role of emerging technologies, and how the company is addressing these. Edited excerpts:
What are the top cyber security trends for 2020?
In the wake of growing incidences of cyber security threats, enterprises need to be prepared more than before. By looking at security developments over the past few years, it’s quite possible to forecast what’s likely to happen in the cyber security space over in 2020. Targeted ransomware, phishing attacks going beyond email, increase in mobile malware attacks, rise in cyber insurance, and a move to the hybrid cloud environment are some of the top cyber security trends for 2020.
How is Check Point aiming to address these threats?
Most businesses are trying to protect their IT environments against current attack technology with security technology from 10 years ago that relies on detection only. They are stuck in the world of 2nd and 3rd generation security, which only protects against viruses, application attacks, and payload delivery. Networks, virtualised data centres, cloud environments, and mobile devices are left exposed. Check Point leaves the patchwork, best-of-breed deployments of the past behind through ‘Infinity’, its security architecture that unifies all networks, cloud, and mobile. It offers automatic and immediate threat intelligence through new techniques that analyse behaviour at the OS (operating system) and CPU (central processing unit) levels to prevent malware at the exploit phase before it has an opportunity to deploy. Also, proactive file sanitation offers true, powerful prevention without processing delays.
What is the role of emerging technologies like automation and artificial intelligence (AI) in cyber security?
Most security solutions are based on detection engines built on human made logic, but keeping this up-to-date against the latest threats and across new technologies and devices is impossible to do manually. AI dramatically accelerates identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities and develop more ever more evasive malware.
What’s the demand for cyber security professionals globally and in India?
Global IT security skills shortages have now surpassed four million, according to (ISC)2. The number of unfilled positions now stands at 4.07 million professionals, up from 2.93 million this time last year. This includes a staggering 2.6 million shortfall in APAC. India’s cybersecurity market is projected to grow to $35 billion by 2025, according to Nasscom. Currently, more than 30,000 cybersecurity jobs are available in the country, according to HR experts. Job portal, Indeed, reported a jump of 150% in cybersecurity jobs between January 2017 and March 2018.
As 5G network is expecting to gain momentum in 2020, how do you see threats emerging out of this?
As 5G becomes a commercial reality, the use of connected IoT (internet of things) devices will accelerate dramatically, and will massively increase networks’ vulnerability to large scale, multi-vector Gen V cyber attacks. The growing volume of personal data will create more opportunities for cyber criminals. For example: eHealth applications will collect data about users’ wellbeing, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This is the kind of personal data that will need protection against breaches and theft. IoT devices and their connections to networks and clouds, are still a weak link in security that means, it is hard to get visibility of devices, and they have complex security requirements. We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors.