Saket Verma, the Cybersecurity India Practice Leader at Kyndryl India, is immersed in the ever-evolving world of cybersecurity. In an exclusive conversation with The Cyber Express (TCE), Saket delves into his illustrious career journey, shedding light on how he has revolutionized the realm of cybersecurity by focusing on business expansion and innovative security solutions.
Having honed his expertise in strategy and client satisfaction as the President of Aujas Cybersecurity, Saket brings over 25 years of experience from renowned companies such as IBM and HP/HPE. His leadership has been instrumental in managing substantial business units and leading diverse teams across the Asia-Pacific region.
Beyond his professional endeavors, Saket’s interests range from exploring cutting-edge tech trends to delving into Vedantic philosophy and immersing himself in the adventures of Tintin.
When questioned about the evolution of cybersecurity in the Indian context, Saket highlights the remarkable shift from considering cybersecurity as a mere checkbox item to a top priority for organizations across various sectors. With India emerging as a global IT hub, the landscape faces unique challenges exacerbated by advancements in IoT, machine learning, 5G technology, and hybrid work environments. These factors have led to a proliferation of sophisticated cyber threats, as per a notable 2023 DSCI report revealing over 400 million cyber threats detected by Indian respondents.
As cyber threats continue to evolve, the focus has shifted towards developing robust methods for identifying, detecting, and managing risks. While India has made strides in transitioning from traditional security measures to employing advanced tools like Cloud Access Security Brokers (CASB) and behavioral analytics, vulnerabilities persist, allowing cybercriminals to exploit them.
In navigating the critical realm of Attack Surface Management (ASM), Saket emphasizes the importance of continuous identification, analysis, and reduction of an organization’s attack surface across various elements, including network infrastructure, software applications, cloud services, endpoints, and combating social engineering tactics. The approach adheres to a zero-trust framework that prioritizes the security of critical components aligned with business objectives.
Regarding the integration of Threat Intelligence into cybersecurity strategy, Saket advocates for an approach centered on gathering relevant data, real-time threat monitoring, and automation for actionable insights in security tools. He stresses the significance of high-fidelity threat feeds, contextualizing data, and continuously updating mechanisms to counter evolving threats effectively.
Dark Web Monitoring emerges as a pivotal component in the cybersecurity arsenal, alerting businesses to ongoing threats, data breaches, and risks associated with partner breaches. Saket elaborates on the challenges of conducting dark web monitoring effectively, where advanced tools, such as keyword searches, pattern recognition, and machine learning algorithms, are employed to track activities. However, the clandestine nature of the dark web and the sheer volume of information pose challenges in assessing credibility and tracking threats.
The cybersecurity skills gap emerges as a global concern, particularly in India, where initiatives like the Cyber Rakshak program aim to bridge this gap by training women in rural areas in essential technology skills to create Cybersecurity Ambassadors. Collaborations with educational institutions, businesses, and government agencies are advocated to foster inclusive opportunities for new talent and address the skills deficit.
Discussing the alignment between business leaders and cybersecurity priorities, Saket underscores the evolving landscape where security has transformed into a strategic imperative across all industries. While traditional cybersecurity methods are questioned for their efficacy against modern threats, a collaborative approach among CISOs, CIOs, leaders, and stakeholders is crucial to navigating the digital economy effectively.
In observing the evolution of cybercrime, Saket discusses the escalating threats posed by AI-driven phishing and ransomware attacks. The transition from encryption-based ransomware attacks to sophisticated methods like “double extortion” underscores the urgency for implementing strong authentication measures, continuous monitoring, incident response, and employee training to combat the evolving threat landscape effectively.
In conclusion, Saket Verma’s insights shed light on the dynamic cybersecurity landscape, emphasizing the need for continuous innovation, adaptive strategies, and collaborative efforts to thwart emerging cyber threats and safeguard organizations in an ever-evolving digital landscape.