An interview with Praveen Srinivasan, Head, Security Sales, India and SAARC, CISCO systems (India) Pvt Ltd.
Over the last couple of years, the security landscape has changed very drastically for our customers. Some of the trends we have seen include cloud, nobility, BYOD. That’s something that enterprises are adopting a lot more because of productivity and cost reasons, so that has changed the way they look at security. The number of threats that have come in because of new kinds of business models, mean that enterprises now have to look at security a little differently.
So from the basic viruses or maybe d-DoSS attacks, the enterprise is now looking at how to protect themselves from malware threats, people trying to steal their data. So those are some of the biggest threats that we have seen in enterprise space.
- What opportunities do you see for CISCO in the enterprise security space?
Most enterprises realise that however much prevention you put in the network, it is still not fully secure because most malware gets through.
The focus now is changing to how to detect that malware when it gets through, and how to block it when it actually starts to execute. So our conversations with these customers have changed and the opportunity now is to work with these customers grounds up – to look at what kind of data they have in their organisations, what’s the data that is most at risk, and how do we prevent this from being stolen. So that’s how the opportunity has changed over the last few years.
- What products does CISCO offer to combat the new emerging security threats?
What CISCO follows in the security space is the simple architecture in what we call the before, during and after phases. The thought process is that some threats will get through, so what can you do to prevent these threats. But if the threats do get through, how fast do you detect them, and how fast you block them, which is the doing phase. The after phase is you ensure that re-infection does not happen, and you learn for the future from that breakthrough. So from a CISCO perspective we have products, technologies and processes for each of these phases. Starting from basic network firewalls, to next generation advanced firewalls, next generation IPS, the new product that we have – called Identity Services Engine that is more in terms of doing network admission and control. All of this is in the before phase. We have made a few acquisitions and now we are in a very comprehensive set of products and technologies sin the during phase, which includes Advanced Management Protection, the next generation IPS again.
In the after phase we have products like cyber threat defence, an advanced malware protection – all of it targeted towards visibility, all targeted so you are in the right context, so you are safe from these multiple advanced threats that have come in.
- How do you combat APTs?
APTs is a big area of focus for us. We have a product called Advanced Malware Protection – AMP. Our approach is simple. Advance PT or advanced malware cannot be stopped at on point in the network; you have to have visibility at every point across the network, at the perimeter, at the gateway level, in the data centre level, to be able to detect it. So we have the entire set of technologies and products that provide this level of visibility in firewalls, in IPS devices, in content security gateway devices, in endpoint devices, everywhere on the network. So we use analytics, Big data analytics on the cloud as well, to look at this data, identify threats as and when they come in and creating blocks for them, using remediation devices. So that’s our entire offering on the Advance malware protection.
- What do you think is the level of Advanced Malware awareness and protection strategies among Indian Enterprises?
A lot of customers we are speaking to toady have already come to the realisation that advanced malware is the biggest threat facing them today. Because the idea of AM is not to just bring down your network but also to steal your data. So we have discussions with a lot of customers across verticals – BFSI, It sector, including the commercial and mid market space, they are looking at this kind of protection across their network to ensure that the sensitive data they have does not get breached or stolen.
- The Internet of Things has been touted by CISCO as the next big step in computing. What do you see as far as its security scenario is concerned, once it is fully adopted?
IoT, or Internet of everything, is getting millions and billions of devices getting connected on the internet. While this is extremely great for a smart city or for an enterprise, it allows you to bring a lot of devices online, it helps you get a lot of visibility, it also changes the attack surface for threats, because now you have many more entry points for a malicious attacker or hack, or a malicious file coming into the system.
So security forms the backbone for the IoT, because without a sound security framework, we are opening the whole thing up to a lot more threats. From the CISCO point of view, we are building security into every aspect of the IoT. Our basic network devices, we are looking at physical security as well as every single device that is connecting to multiple sensors, where the security part is built in.
The framework remains the same, the before, during and after concept, so we need to do everything to prevent threats. So if the threats do get through, how do you ensure you detect them, and block them for further damage? So the framework remains the same, the scale changes, and now you are talking about a much bigger scale of a network of devices, and embeddings security into each and every entry point of the network. And the Big Data analytics that go around it also have to be a lot more powerful. So our investments are going into helping build a lot more security.
- Unified communications is another of CISCO’s flagship technologies. What about the security threats on that network?
Over the last few years is that in UC that we started bringing UC and the video, all on the same IP network that data travels on. So as far as the network goes, UC and video is another application. What devices, technology and products we use to secure any other data, applies to VC as well. So basic encryption is done on all our UC products, form IP phone, to our VC equipment to our laptop or desk top, so that prevents malicious hackers or snoops from getting into that particular things. But it’s also about how good your network is safe from attacks. Here too, the same concept applies – before, during, after, so that you don’t have hackers breaking into the network and getting access to such sensitive communication. That’s how we ensure that even UC common the IP networks is well protected.
- With cloud becoming the preferred storage and operations technology, how does CISCO help prevent threats on the cloud?
When enterprises move to a cloud, and they do it for very good reasons- flexibility, helps business, optimises costs, and helps them get off faster. These are very good reasons, however there is much more increased perception of threats as well. When enterprises move on the cloud, data moves outside their own physical premises, out of their sphere of control. They have multiple users connecting to the cloud. So what needs to be done is that connections to the cloud need to be secure, which is usually through encryption mechanisms. But more importantly, when data is being accessed through a cloud through devices which are not within the enterprise parameter, you have people accessing the cloud from an airport wi fi for instance; the same policies that apply in an enterprise setup have to be applied in a cloud based mechanism as well.
That is the way we are helping organisations for cloud security. We have a cloud based web security called Cisco Web security, which has an inbuilt malware protection built into it. We offer hosted email security on the cloud that has advanced malware protection built into it. We have Any Connect which is software that runs on pretty much any device that allows you to do encrypted communication on from the device all the way to the cloud to ensure that data is not leaked.
So we are working with customers in different fields to ensure that when they do adopt the cloud, public, private or even hybrid, their data is safe, their users are safe and more importantly their entire network is safe from malicious attacks.
- What would you tout as the most important security product for Indian businesses?
CISCO firmly believes that security is a continuous paradigm, it’s before, during and after, so talking about a single product may not be accurate.
However, our new product, the CISCO Firepower services for ASA, actually kind of exemplifies what we are talking about. It’s one single product that does multiple functions. It gives a basic network firewall, the world’s best firewall actually, but with the addition of a licence which is actually our acquisition of SourceFire, and that integration, the network firewall new becomes the next gen firewall, it can become the next gen IPS, it is an advanced malware protection and can be placed in multiple parts of the network. It can be in a branch office or smaller office, a retail shop. It gives you the various forms of protection that I have identified. Its preventive, it identifies the threats and when they break, and it can re-mediate that as well.
So if you ask me the one single product that will change the way companies look at security, probably the FirePower Services is it!
10. What role does CISCO see for its channel partners in India?
CICO believes that our Go To Market is firmly linked with our partners. We have the best set of partners n the country, and we work with them very closely not just in security but across our product lines. We are enabling them, training them , providing them with skills and demo equipment necessary to be able to take this messaging out there , to the various customers and be able to sell them a lot more. We also have various incentive programs and go to market programs so their profitability is maintained and that’s why they love doing business with CISCO as well. So with GTM, is completely with the partners. We help them build services around these sets of products so they can offer value added services to customers as well.
That is how we are working with partners to take the security messaging and these products to our customers.