Here’s the interview snippet from the interaction with Mr. Sudhansu M Nayak – Head Cybersecurity & Cyber Forensics, CMS IT Services: –
IT Voice Spokesperson: What are CMS IT services’ key offerings?
Sudhansu: Spread over 300 customers with a robust ever-evolving legacy of more than 40 years, in varying complexities, maturity, and duration, as key offerings, CMS IT Services deliver Cybersecurity, Cloud, and data transformation system integration and managed services. CMS IT Services’ enterprise-grade solutions provide phenomenal 24×7 Always-ON visibility, threat-intelligent multi-signal behavioral actionable observability, and outcomes-based collaborative transformation across Cloud and on-premises workloads and data oceans of our customers’ businesses.
IT Voice Spokesperson: How the company is addressing the demand for Cyber security across industries?
Sudhansu: Business-specific cybersecurity use- cases, critical and sensitive data protection, and compliance needs present different challenges, but the underlying energy flow is similar across layers in all verticals. CMS IT services not only solve these complex problems with outcomes-based holistic solutions but also bring cybersecurity operational excellence and best practices for seamless compliance.
At the endpoint layer, designed per endpoint per month as a SaaS, CMS IT provides Endpoint Security as a Service. Endpoint Security as a Service offers signature-less endpoint protection and control, super-automated enterprise-grade endpoint detection and response functionalities, integration, and engaged operations and governance.
To provide secure Zero Trust Network Access to distributed, cybersecurity-fragmented, varied IT devices and users in a multi-cloud heterogeneous IT/ ICS environment, CMS IT provides a software-defined perimeter powered by 4096-bit RSA encryption, blockchain technology, and integrated administration. To offer comprehensive, integrated identity and access management, CMS IT provides application-layer cloud-based identity lifecycle governance, privilege access management, seamless user and entity behavior analytics, digital forensics, and incident response.
For comprehensive 24/7 managed cybersecurity services, CMS IT uses the VOILA solution framework. VOILA stands for Visibility, Observability, Incident Response, Low-code integration, and Automation based on analytics. Platformation, integration, and flexibility are the VOILA framework’s primary tenets.
IT Voice Spokesperson: What are the emerging technologies in Cybersecurity?
Sudhansu: Zero Trust Network Access solutions to manage cyber-phygital risks, Comprehensive Identity and Access solutions to provide identity threat detection, forensics, and response, and Security at the Edge cybersecurity mesh solutions covering information technology, and industrial control systems are the front-runner emerging technologies in Cybersecurity.
Soon, 5G- and IPv6- compliant security solutions integrating into Security at the Edge cybersecurity mesh solutions will become a mainstay.
Quantum cryptography, Quantum-secure communications (especially quantum key distribution (QKD)), and quantum machine learning may render existing encryption protocols obsolete and artificial intelligence immensely enhanced. These technologies will be the tipping point to usher in multifarious cybersecurity complexities and hence, a transformation of communication security, data privacy, and organizational resiliency.
IT Voice Spokesperson: How will the evolving trends impact the growth of the Cybersecurity Market
Sudhansu:
“Malicious threat actors currently enjoy a skewed defence. According to Cybersecurity Ventures, global cybercrime costs approximately $ 6 Trillion now and is projected to grow to around $ 10 Trillion by 2025. In contrast, the global cybersecurity market is currently at $ 200 Billion and is projected to grow to $ 350 Billion by 2025. The evolving trends in quantum computing have the potential to considerably expand this chasm. Immense skill-shortage can play a powerful catalyst.
However, strategic investments on not only creating or consuming cybersecurity solutions but also creating the volume of skilled human and machine resources in the emerging technologies globally can bridge a lot of gaps.
IT Voice Spokesperson: How companies are strengthening their own cybersecurity
Sudhansu: Depending on the current business and cybersecurity maturity, many companies are following CMS IT Services’ Cybersecurity Chakras model for strengthening their cybersecurity posture. Many customers try to discover their open attack surfaces and build a balanced Protect-Detect-Respond portfolio, starting with a definitive and involved defensible cybersecurity assessment.
Most of them have realized the importance of signature-less Endpoint Security as a Service for endpoints, Zero Trust Network Access and Comprehensive Integrated Identity and Access for enterprise resources, and VOILA (Visibility, Observability, Incident Response, Low-code integration, and Automation based on analytics) Services are essential for their sustained cybersecurity protection and hence, are buying these services.
CERT-In, Reserve Bank of India, National Critical Information Infrastructure Protection Centre (NCIIPC), various ministries like the Ministry of Health and Family Welfare, Ministry of Power, Ministry of Finance, Ministry of Education, Indian Parliament, and many more are trying to build guardrails for protecting confidential business and citizen data and release acts, master directions, and guidelines periodically. Compliance with these norms inspires and influences various companies and enterprises to procure cybersecurity solutions to strengthen their Cybersecurity.
IT Voice Spokesperson: Your views on cybersecurity laws?
Sudhansu: In the Indian context, we see tremendous regulation and 360 degrees focus on streamlining laws and regulations to protect confidential business and citizen data and building a symbiotic cybersecurity environment. To curb cyber-crimes and create an enabling environment for effective use of the cyberspace, our cybersecurity laws and their drafts are not only going through immense public involvement and scrutiny (at citizen, think-tanks, and enterprise layers), but they are also being deliberated (at legislative, executive, and judiciary layers of government) on approaches to orchestrate a multi-dimensional defense covering laws and sector-wise cybersecurity reference architectures, building testing and verification agencies to test supply-chain applications and products, and strengthening cybersecurity education and skilling not only to build a cyber-trained workforce but a cyber-aware citizenry. As more cyber-aware citizens start involving themselves in the process, they become more collaborative and well-rounded in the legal, regulatory, and administrative cybersecurity macro- and micro- environments.
