In an interaction with Dataquest, Sanjai Gangadharan, Regional Director, SAARC, A10 Networks points out the enterprise security issues in the Indian financial sector, factors influencing security budget allocations and how organizations can take a holistic approach to enterprise security
What is the current state of enterprise security in the Indian financial sector? On an average, what is the cost of security threat to an organization?
The Indian financial sector is one of the most innovative and technologically advancing space. Yet there is a huge threat of security risks involved – phishing, spyware or malware attacks, keylogging, and data theft, to name a few. There needs to be concrete cyber security measures in order to safeguard the critical information in the financial infrastructure. The Information Technology Amendment Act, 2008 is a proposed subsidiary that handles the data security and privacy of this space.
The average total cost of a data breach worldwide is about $3.8 million. The average cost of a breach to an organization in India is about $1.5 million.
Which are the major factors/areas influencing enterprise security budget allocation? Do you see any mismatch here?
As we are moving towards a completely cash- less transaction era, security becomes the most important concern for any bank. Banks in the region are governed by guidelines given by authorities and most of the banks are spending money ensuring they are complying with these guidelines. On a daily basis, the threat landscape is evolving and is challenging the existing security systems. While the guidelines are good to ensure there is some level of standardization, individual banks must have the liberty to look forward and be allowed to build measures that can help them protect customer information and assets better. Security budgets allow only provision to do catch up to compliance and do not have the scope for trying out new technology.
What is the unique value proposition of A10 Networks? Can you site an example?
A10 Network’s application delivery and security solutions have helped thousands of business in their digital journey by keeping their applications, users and infrastructure Secure, Responsive and Always “On”, be it on premise or in the cloud. A10 has two major advantages over the competition. First being our Advanced Core Operating System (ACOS) that leverages a shared memory architecture that efficiently utilize multi-core processors, allowing customers to meet rapidly growing application networking performance scalability requirements. Scale and performance is key. Take for example SSL inspection. According to an NSS Labs report, most firewall performance drops 81% when firewalls decrypt SSL traffic. With A10, customers can inspect SSL traffic without degrading security performance. Second being having an all-inclusive licensing where customers get multiple features in one product, ranging from application acceleration to protecting the business from malicious threats that can steal data or disrupt access, be it inbound or outbound.
Please share some suggestions on how the financial sector at large should be doing better at handling security threats in the future.
A holistic approach to security is missing. Keeping in mind the business objectives and the new applications that will be rolled out to enable these objectives, possible security issues should be predicted. The security infrastructure that is being built should be capable of handling most of the anticipated security issues. What we will see in the near future is volume growth of online transaction. The infrastructure that is being built should be able to handle this growth without any compromise in security. A reactive approach will cost the business not only in monetary terms, but damage brand reputation as well.