During a recent interview with Niloy from BISinfotech, Rakesh Kharwal, Managing Director, India/South Asia & ASEAN, Cyberbit stated, Cyberbit’s Cyber Range solution acts much like a flight simulator used for training pilots. Whereas, he also said that Cyberbit provides military-grade cybersecurity solutions including behavioural-analysis-driven ‘Endpoint Detection and Response (EDR)’, ‘Security Automation, Orchestration, and Response (SOAR)’, ‘ICS/SCADA Security (OT Security)’, and world’s leading ‘Cyber Range’ platform for simulated cybersecurity training. We also highlighted on CyberBit’s take on the vigorous erupting cybersecurity and the company’s niche, Cyberbit’s new SOC Automation and Orchestration offering. Read in here the edited nub.
- What are the current offerings of Cyberbit in the Indian market?
Cyberbit provides military-grade cybersecurity solutions including behavioural-analysis-driven ‘Endpoint Detection and Response (EDR)’, ‘Security Automation, Orchestration, and Response (SOAR)’, ‘ICS/SCADA Security (OT Security)’, and world’s leading ‘Cyber Range’ platform for simulated cybersecurity training. Since India is aggressively digitizing, our vision is to eliminate all emerging cybersecurity challenges so that they do not become a roadblock in this development. We have also envisioned to create India a global hub for cybersecurity training.
- What are the growing cybersecurity challenges and how is Cyberbit helping to empower customers against growing cybersecurity challenges?
At present, the global cybersecurity market is facing an acute shortage of cybersecurity professionals. According to IBM, India itself needs at least 3 million skilled industry professionals as of now, while the supply is short of 100,000. Another study by Cybersecurity Ventures points out that the global economy is estimated to lose $6 trillion annually by 2021 due to cybersecurity exploits and other cybercrimes. This indicates the urgency as well as the scale with which we have to take countermeasures within the industry.
On the contrary, the dynamism within the IT sector is making it all the more difficult to address such challenges. All attack vectors and TTPs (Tactics, Techniques, and Procedures) need to be understood with in-depth expertise in order to counter and remediate an ongoing attack. However, our current cybersecurity workforce is not well-versed with a majority of TTPs, making it all the more difficult for them to effectively remediate an ongoing attack. This is where our Cyber Range product makes a massive difference. It trains cybersecurity professionals in a hyper-realistic simulation environment with SOC-like (Security Operations Center) setting. This effectively amplifies the cybersecurity team’s skills and brings visible improvement in terms of teamwork. Our Cyber Range solution also helps organizations to reduce onboarding time for fresh talent and can further be leveraged by educational institutes to train their students in a real-life atmosphere.
Another challenge that we resolve is the volume of alerts and technological tools that a cybersecurity professional typically has to face. SOAR, also known as SOC 3D, streamlines the security operations by integrating multiple tools in a single screen and automating incident response playbooks. This effectively decreases the time-to-respond by up to 90% while tripling the capacity of a SOC. Cyberbit’s ICS/SCADA Security, on the other hand, addresses the gradual convergence of IT, OT, and IoT networks. It eliminates end-to-end security risks associated with the networks of Industrial Control Systems (ICS) – such as electric grids, transportation systems, manufacturing lines, power plants, etc. – where a cyberattack can put lives on potential danger and cause environmental damages.
Lastly, a number of recent cyberattacks have indicated how easy it can be for evasive attacks to bypass firewalls and anti-malware systems. We have developed our EDR solution with Artificial Intelligence or to be more specific, its subset Machine Learning to detect attacks that can evade conventional systems. This approach is further refined using Behavioral Analytics to detect anomalies and hence, any potential threat.
- How is Cyberbit helping to bridge the cyber skill gaps?
Cyberbit’s Cyber Range solution acts much like a flight simulator used for training pilots. It extends all real-life scenarios to cybersecurity professionals and prepares them to respond efficiently during an actual incident. It also acts as a test-bed for potential products, improves the utility of various tools, positively affects team play and communication, helps in brainstorming, and serves as a breeding ground for organizations to assess and onboard recruits. Using Cyber Range, we can dedicately focus on the shortcomings of the security team and efficiently eliminate them. It also helps in acquainting them the team with unconventional attack vectors as and when they emerge.
- Can you elaborate about the SCADAShield Mobile and what are its prime features?
Industrial Control Systems (ICS) are the backbone of the global economy. ICS solutions control the operational technology (OT) networks that run large-scale manufacturing facilities, critical infrastructure sites, and many more of the building blocks of modern society. Because of this diverse ecosystem, the legacy solutions that control large-scale OT networks are challenged to provide visibility into exact network structure. This ICS network security blind spot leaves OT networks highly-vulnerable to targeted attacks, malware, and other cyber threats. SCADAShield Mobile helps organizations overcome these challenges within minutes.
For customers in need of rapidly assessing their OT network, while avoiding the integration of a monitoring solution, SCADAShield Mobile provides a portable, non-intrusive, OT network assessment and asset discovery solution. Conveniently packaged in a case weighing less than 30 pounds, shippable as cabin luggage, SCADAShield Mobile plugs into a network switch and provides, within minutes, comprehensive asset discovery, visibility, and vulnerability assessment reports.
Some of the key features of SCADAShield mobile are:
- Within minutes of passive monitoring, SCADAShield Mobile provides Audit data for regulatory and regional critical infrastructure audit requirements (e.g. NERC, NIST, ISO), Comprehensive network mapping, asset discovery, vulnerability assessment, real time threat detection and much more.
- SCADAShield Mobile automatically generates a comprehensive network topology chart that includes All IT/OT network connected to the system and their attributes, Communication protocol analysis, IT/OT network touch points.
- SCADAShield Mobile offers broad IT and OT protocol support for various verticals such as Power Grids, Transportation, Airports, Smart Cities, Water and utility, Manufacturing, Oil & Gas, Pharma, and many more.
- What is driving the Global Security Orchestration Market and your prospective share in this market?
Today, organizations are threatened by complex and persistent attacks from multiple vectors and are required to respond within minutes. On top of this, they are overwhelmed by a massive number of alerts and an ever-growing number of security tools. This required a new layer on top of the SIEM – which resulted in the birth of the SOC Automation and Orchestration platforms. These tools attempt to streamline event management, automate playbooks and procedures, coordinate between SOC team members, effectively manage the SOC shifts and of course, integrate seamlessly the entire portfolio of security tools and feeds. We have seen good traction and won some major end user customers & MSSP players in the SOAR space.
- After your recent appointment to the company’s leadership role, what significant strategies have you opted for the growth of the company?
Cyberbit top management has decided to invest in India market seeing the potential and growth of the Indian market.
- We have scaled our team to 20 people and we are going to scale further as we are going to build our global tech support and professional support organization in India.
- We have very aggressive plans for the year 2019 and coming years. We want to increase our customer base and approach some of the major prospective clients including top private and public banks, government entities, state cyber cells, IT/ITeS, Oil & Gas sector, and many more.
- We offer the Cyber Range platform which is the most widely deployed cyber range platform globally. A report by Data Security Council of India (DSCI) states that by 2025, there is going to be a shortage of a million cybersecurity professionals in India. We take it as a CSR initiative to deploy the cyber ranges across organizations from different sectors. India could be a global hub to train cybersecurity professionals across the world. To me, that is the most exciting part.
- Since India has a very strong footprint of MSSPs and the systems integrators like TCS, Infosys, Cognizant, TechM, TCL, Hexaware and so on, we are seeing that the day-to-day services cost and the profit margins are also shrinking in India. All the system integrators and MSSPs are not limiting themselves to the Indian market but are taking the next logical step by addressing all the RFPs that are taking place across the globe. As an organization, we can understand where the industry is moving towards. So, our focus is to help MSSPs increase their profit margins, remain competitive, and provide best of breed service to retain customers.
- Can you detail on the Cyberbit’s new SOC Automation and Orchestration?
With an increasingly complex incident response environment, enterprises and MSSPs are seeking ways to scale their operations, shorten their mean time to respond, improve quality of services, handle the overwhelming volume of alerts, time-sensitive attacks, multi-vector IT-OT-IoT threats, and streamline incidence response capabilities. It helps in bringing the Mean Time to Respond (MTTR) by up to 90% through the optimization of NIST-defined incident-response lifecycle. Simultaneously, the user interface is enhanced and all tools are integrated into a single screen for seamless access and higher productivity. It helps in accelerating resolution with playbooks for various incidents such as phishing, ransomware attacks, DDoS attacks, or any user-defined playbook. The automated solution also prioritizes incidents as per their precedence and resolves them accordingly.
- What are your strategies to expand in the Indian market and what is your business model for the indigenous market?
Our primary strategy is to mitigate the biggest challenge that the Indian market is facing at present, i.e. the skill gap in cybersecurity segment. Subsequently, we envision to make India the global hub of end-to-end cybersecurity needs of global organizations. Here, we have to understand that India right now has the perfect ingredients to turn the tables globally. It is one of the largest markets, is rapidly digitizing, is as diverse and dynamic as it can get, and there is substantial room for novel approaches in the market. The nation is further home to the world’s second-largest population which is also the youngest. This positions India brilliantly amongst its competitor markets and the need of the hour is only to equip people with relevant skills. So, after India’s local cybersecurity challenges are addressed, it will unlock the avenues for the country and its market players to avail the global opportunity. This is the overarching objective that we have envisioned at Cyberbit.
In order to achieve this objective, our approach is to make the military-grade cybersecurity a norm within the country. Secondly, using our Cyber Range product, we are trying to enhance the skill set of all current cybersecurity professionals while also familiarizing our college students, i.e. upcoming workforce, with real-life cybersecurity challenges. This approach will take us away from the bookish knowledge, which normally becomes redundant given the very dynamism of the cybersecurity industry. Our business model, as already explained, is a confluence of these approaches.
- has extensive digitalization plans across the country, how does your company aim to align with them?
Presently, we are seeing a paradigm shift in India with the boom of digitalization and the advent of smartphones is familiarizing everyone with digital tools and technologies including UPI, MyGov, DigiLocker, Aadhar Pay and so on. These initiatives focus on transforming India into a digitally empowered society and a knowledgeable economy. But this leaves India vulnerable to wide-ranging threats that underlie with going digital. Cyberbit portfolio provides a complete product suite for detecting and mitigating attacks in the new, advanced threat landscape, and helps organizations address the related operational challenges.
We are looking to work closely with government entities to strengthen their cybersecurity team by providing simulation-based training i.e. Cyber range. Our SCADAShield product has been securing the most sensitive infrastructures since 2010, with proven, battle-hardened technology that detects and mitigates cyber threats across the entire OT and IT stack—stopping known and unknown ‘‘zero-day’’ threats before they can cause physical harm. Hence, we are looking to work with publicly held oil and gas, airports, power generation firms, manufacturing firms and many more. Our EDR supports 100% Air-Gapped networks by focusing on behaviour-based analytics and allows sensitive organizations – such as public financial institutions, government agencies to keep their infrastructure isolated and protected from the open internet-based threats.
- ‘Education and Awareness’ still haunts Indian cybersecurity market, what are your comments to it and how is your company helping to foster the term, ‘cybersecurity’ in the country?
As already indicated, our vision is to make India a global hub for cybersecurity training. This can only happen if we bring positive reforms across all aspects that affect the industry. Both education and cybersecurity awareness are integral in this context. In terms of cybersecurity awareness, we believe that the entire industry is working collectively to apprise organizations and individuals about the consequences that such a cybersecurity exploit can have on an organization. Organizations are also becoming more attentive to cybersecurity challenges as large-scale cyberattacks are surfacing across the horizontal market. In terms of education, state-of-the-art solutions like Cyber Range are bringing positive change on the ground. They are also being deployed by forward-looking educational institutes given the value it adds for their students and to their subsequent career.