‘Cybersecurity budgets of Indian firms have tripled’

Companies spend more on network safety: A10 Networks

Indian companies are investing more on securing their data rather than pumping money into technology as they try to build comprehensive solutions to prevent hackers from attacking their networks, said Sanjai Gangadharan, regional director SAARC, at U.S. cybersecurity firm A10 Networks.

“IT budgets are shrinking and security budgets are going up,” Mr. Gangadharan said in an interview. “Security investments or budgets in India have doubled or even tripled. There are now security departments under a chief information officer, chief security officer or a risk officer, which are being allocated a lot of budgets. IT budgets are shrinking because it is mostly pay-as-you-go model now, and there is less capital expenditure required.

“Also, overall costs are coming down. Here, the device cost may come down, but the need for building an overall solution which has more components, and upgrading it with more features and functionalities, that is on the rise.”

Global spending on information security products and services will surpass $114 billion in 2018, an increase of 12.4% from last year, researcher Gartner said on August 15.

Key drivers

In 2019, the market is forecast to grow 8.7% to $124 billion. Privacy concerns, persisting skills shortages and regulatory changes such as the EU’s Global Data Protection Regulation are the main drivers, said Siddharth Deshpande, research director at Gartner.

A recent attack on Singapore Health Services (SingHealth) network compromised personal health records of 1.5 million patients in the island and reinforced the need to view sensitive data and IT systems as critical infrastructure, Mr. Deshpande said.

New York Stock Exchange-listed A10 Networks provides networking and security solutions and is based in San Jose, California.

“Today everybody has realised that PCs, servers, networks, applications have all become commoditised. One can go and pick any of it up, very easily. Now what all this generates is a huge amount of data. This data belongs to the enterprise,” said Mr. Gangadharan. “And the security of this data, in terms of who should access this data, where should it be accessed from, where should it be stored, all of this will always be the decision of the enterprise. So what will remain with the enterprise is two things — one is the storage of data, how to store the data, where to store it and in what form, and the second is how to keep this information secure.

“This data becomes information once it is processed, so how to secure this information in terms of security at rest and security while the data is in motion. So for both storage and security of data, the decision will be that of the enterprise and will always remain so. This will not go out of the enterprise. So, investments in these two areas will happen consistently.”

Data leaks

Citing the example of an Australian handbag maker, he said a customer could buy the bags only by invitation. “But, the problem they faced is that the day a product releases on the market, China makes a copy of the same...they wanted to know the leak point. For this, when they dug deep to find out how this was happening, they realised that it was happening from inside the organisation itself. Someone in the company was leaking the information via email. They ended up plugging the issue.

“This is a threat, and these kinds of issues could happen to anyone. In this case, their exclusivity of having an invitation-based purchase was lost when copies started mushrooming in the market.”

Recommended for you