The exponential increase in endpoints in the last nine months has hugely contributed to a dramatic rise in network and endpoint perimeter breaches. However, there is one man who seems to be fighting fire with fire by providing a unified solution that is changing the face of network and endpoint cybersecurity not just in India but around the globe. Meet Karmesh Gupta, the change that you may know, but the man you didn’t.
Karmesh is the CEO of the Indian cybersecurity-based product suite provider, WiJungle. Honored by Forbes as the best “30 Under 30 Asia 2020,” he has not always had a smooth ride. It was rough, patchy, full of bumps, and only after two failed attempts, did he make it big. Karmesh humbly says, “Persistence did pay.” His company’s unique cybersecurity offering in the network and endpoint security domain is ringing bells around the globe (which already has a product reach in 30+ countries).
It is the end of the year and endpoint security has grabbed headlines almost all year round. So, in a fireside chat with Mihir Bagwe, Tech Writer at CISO MAG, Karmesh helped us gain deeper insights into the trenches of network and endpoint security.
The edited excerpts of his interview follow:
1The Readiness Quotient
A.
Yes, in the case of large businesses, who already had the required infrastructure for business continuity during the pandemic.
No, in the case of SMBs, who either didn’t have the required products for remote work enablement or were managed by third-party vendors. In both these cases, the movement started happening around the first week of lockdown.
Specifically referring to our customer base, only 12% of the people were using the remote work enablement function of our product before COVID, while within the initial 10 days of lockdown, this number rose to 80%.
2Pre and Post-COVID Strategies
A. Between the pre-COVID and post-COVID era, there has been a shift from network security-centric policies to endpoint-centric policies as endpoints have become the first entry point for any threat. Policy enforcement around Endpoint Data Leakage Prevention (DLP), Host-based Intrusion Prevention Systems (IPS), Ransomware Protection & Application Filter have been the prime adoptions/amendments in the overall strategy.
3Hidden Risks of Remote Working
A.
Due to complete remote working, there has been a significant increase in usage of Virtual Private Network (VPN). As multiple endpoints from around the globe are connecting the corporate network daily, the entry points for perimeter breaches have risen. Moreover, neither every official endpoint in the pre-COVID phase was configured for such utilization, nor the newly added personal devices during this scenario were equipped with concrete BYOD policies.
That’s the reason attackers have shifted their focus to breach the network via making an entry through vulnerable endpoints. It is one of the prime reasons for increased cyberattacks post-pandemic. The only way to resolve this is by having proper endpoint protection policies.
4Including Endpoints in Our Security Perimeter
A. Enforcing the security policies on these endpoints is a challenge, and hence a comprehensive or unified product holds the key to bringing them under the security perimeter. Cloud-based solutions like SDPs or Unified Network Security Platforms could simplify these aspects to a huge extent.
5Reason to have a Unified Solution
A.
The reason is simple. Unified products give you the leverage to efficiently manage the policies and monitor the traffic.
As an example, the unified client application that we provide does the work of both VPN as well as Endpoint Protection. If you already have our network security product, then on subscribing to the endpoint protection, end users are just required to update the client app and endpoint security functions get enforced immediately. The admins are only required to enable the option of applying the user network security profile on endpoints, and 80% of their configuration task is done by default.
Now imagine the same implementation if an organization would have opted for separate stand-alone products for network and endpoint. It would have doubled the task and turnaround time.
One thing to remember is that SCCs are used in many countries where the protections are significantly less than in the U.S.
6What’s in the Cloud?
A.
‘As a service’ model, for sure, is the key to the future but having said that, cloud comes with its challenges. Whether you are hosting some data on a public/private cloud or using third-party applications, businesses adopting cloud for hosting their data or using third-party applications or both have different challenges.
One of the biggest misconceptions I have witnessed among the small and medium business owners is – ‘Hey, we use AWS or Azure or GCloud and they, by default, provide required security’ or ‘Hey, we use Gmail and it, by default, provides every kind of security.’ They do not understand what kind of security these platforms are talking about and conveying. It makes their cloud open for potential threat actors.
Since the cloud utilization is higher than ever, it needs to be ensured that SMBs at least have basic DDoS protection enabled for their data hosting along with the right access configurations provided by the platform. Moreover, if suitable, they should go for a Cloud WAF and Virtual Firewall.
In the case of third-party applications, if the number of such applications is less, then they still could be managed by proper access configurations, which should be provided by the platform itself. In any other case, one should deploy a CASB.
7Choosing a Network and Endpoint Security Solution
A.
For sure, number one is to go with a unified synchronized solution for easy management and scalability. The form factor of the solution could be cloud or appliance depending on the business operations need. If they have plans to work 100% remotely for some years, then cloud-delivered security makes sense for them.
Number two on the consideration list is the part where we discuss the capabilities. Ensure that network solution includes Zero-Day Protection, and the Endpoint Security Solution has features of DLP along with ransomware protection.
8Prevention is Better Than Cure
A.
As mentioned earlier, there are two aspects.
Firstly, the majority of ransomware attacks in enterprise networks happen as attackers can traverse through the remote endpoints. Hence, the foremost need is to have the right policy and security at both, network as well as the endpoint level. It is a kind of proactive defense.
Secondly, if the above seems to be a difficult job then one could opt for deception technology such that threat actors could be deceived and their network scan time could be increased to make IT admins aware before a possible security breach occurs. It is a reactive defense.
9Current Trends
A.
The most trending forms that we have observed are:
Malware Attacks (majorly ransomware, Trojans, and spyware): Via phishing, messaging platforms & freeware.
Payment Frauds: Via fake mobile apps, websites, calls, and emails.
10Future Challenges
A.
I don’t think any. The world is already witnessing all the possible permutations and combinations of the challenges during the pandemic.
About the Interviewer
Mihir Bagwe is a Tech Writer and part of the editorial team at CISO MAG. He writes news features, technical blogs, and conducts interviews on latest cybersecurity technologies and trends.
Ensuring that you get the best experience is our only purpose for using cookies. If you wish to continue, please accept. You are welcome to provide a controlled consent by visiting the cookie settings. For any further queries or information, please see our privacy policy.
This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
Cookie
Duration
Description
cookielawinfo-checkbox-analytics
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional
11 months
The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance
11 months
This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy
11 months
The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Date: November 6, 2024
Location: Millennium Al Rawdah Hotel, Abu Dhabi, UAE
Join us in Abu Dhabi this November for the CIS Critical Infrastructure Cyberforge Summit,...