In an exclusive interview with CIOTechOutlook, Balaji Rao, Area Vice President India SAARC, Commvault, shares his views on security problems due to digital disruption, use of cyber deception technologies to improve business security, difficulties associated with data management, and more. Balaji Rao has spent over 20 years developing businesses in the Indian sub-continent for enterprise software companies, resulting in substantial growth. With expertise in Data Protection and its management, Balaji is passionate about coaching and mentoring individuals to achieve high-performance outcomes.

In the era of digitization, cyber-attacks are the main issue at the moment. Which security problems are frequently encountered and need to be fixed in new systems by decision-makers from other enterprises?

Digital disruption has become inevitable as companies continue to make large-scale investments in technology. The expanse of threats has increased multifold, and no organization is immune today! In fact, according to a report by CERT-In, India witnessed 13.91 lakh cyber security incidents in 2022 alone.

What began as data theft is now taking the form of highly sophisticated financial frauds like extortion, sponsored strategic attacks, corporate espionage, and hacktivism. This surge is a result of new ransomware groups, easily available ransomware-as-a-service toolkits on the dark web, and the persistence of older ones. The attackers now include highly sophisticated organizations that use integrated tools and capabilities with artificial intelligence and machine learning. With every passing year, we will be dealing with exponential surges in data breaches and security compromises that could act as economic headwinds. To stay ahead of cybercriminals, it is essential to implement a robust and reliable backup and recovery plan. Understanding the landscape, Commvault offers an extensive SaaS portfolio, Metallic that defends against ransomware attacks and secures vital backup data. Today, security has become a never-ending race, and organizations need to step up their security measures to become more resilient in a vulnerable environment.

According to your opinion, how will the use of cyber deception technologies improve business security?

Attackers are exploiting the vulnerabilities that new-age technologies introduce. Today’s most sophisticated cyber controls will soon be obsolete with the growing pace of threat vectors across the landscape. According to an ESG-Commvault Global Study, only 12% of the IT directors surveyed indicated confidence in having the proper tools and necessary location-agnostic protection to secure data equally across on-premises and the cloud. Organizations need to reinforce their cyber defenses to fast-track their security capabilities and ensure the resilience of their technology infrastructure.

The current priority for most leaders is to fortify their defenses through a multi-layered approach and prevent intrusions altogether. Cyber deception technology is a strong step towards forming a proactive security posture and building over-the-horizon defensive capabilities. We offer a unique solution with Metallic Threat Wise, using decoys and threat sensors to lure bad actors and divert them towards convincing but fake assets. In such a scenario, high-fidelity alerts are immediately sent to security systems and key stakeholders, notifying them of the presence of ongoing threats before the actual system or data is compromised.

According to you, what are the potential difficulties associated with data management and the cutting-edge security tools that can be used to take advantage of it?

Data is a domain that is rapidly expanding to improve and establish effective business operations. According to estimates, by 2025, more than 200 zettabytes of data will be in cloud storage around the globe. With the enormous amount of data being generated, it is difficult to manage it throughout the organization, as the data may be scattered over many locations and multiple applications. Moreover, the new age of work-from-anywhere and large-scale digitalization has increased the urgency for companies to implement a robust data management strategy

One of the major concerns associated with data management can be traced back to the lack of skilled resources available in the market. Despite technological advancements and security, there is a white space in the industry where demand exceeds talent. Additionally, poor risk management decisions, data loss, data breaches, unlawful access, data silos, noncompliance with regulations, an uncontrolled environment, and a rapidly evolving landscape of new-age threat vectors are challenges arising out of a weak data management policy.

Commvault recognizes that many enterprises are straddling the traditional and cloud worlds and hence offers a broad portfolio of industry-leading intelligent data services platforms and future-proof architecture. This provides unprecedented choice to the customers and is available via SaaS with Metallic, integrated appliances with HyperScale X, enterprise software, or managed services with our partners. A complex business environment now calls for CISOs to relook at their data management strategy every two years to combat the challenges of tomorrow.

Which technologies and developments connected to adaptability and cyber security are expected to have the largest markets by 2023 and beyond?

In recent years, the discussion of cyber security has shifted from the IT department to the boardroom. As the threat landscape continues to rapidly evolve, new-age threats are becoming more aggressive in sophistication, impact, and reach. A recent study by Commvault-IDC revealed that close to 49% of Indian enterprises cited malicious attacks as damaging their backup and data recovery. The continual rise of data breaches will force organizations to realign their strategies to implement a proactive, multi-pronged approach to protecting their infrastructure. This is where cyber deception technology will come into play and act as a game-changer in the market.

Moreover, as cloud investments continue to soar in 2023, protection and data recoverability will become essential components in the enterprise security toolbox. The Commvault-IDC survey further stated that 71% of organizations will have backup and disaster recovery as their number one priority for cloud investments in the coming two years. SaaS will continue to be a major disruptor, and organizations will adopt an aggressive approach to SaaS security posture management. Practising a comprehensive cybersecurity strategy is an ongoing process. Thus, we will see significant amounts of the IT budget being allocated and invested in technologies to prevent, detect, and recover from inevitable cyber attacks, not if but when they occur.