Home Blog Page 225

Shift to cloud drives triple-digit spending on cloud security in India

Naushad K. Cherrayil
-
0
Shift to cloud drives triple-digit spending on cloud security in India
  • Security leaders are ready to reinvest in cybersecurity with a renewed and refreshed rigour.
  • Enterprise information security and risk management end-user spending in India is expected to increase by 9.5% to $2.08b this year, from $1.9b last year.
  • India is at an early stage of cloud adoption and the pandemic only accelerated this shift as organisations moved to the cloud to achieve cost efficiency and business continuity.

Enterprises’ rapid shift to the cloud is driving triple-digit spending across all segments of security and risk management in India this year.

Prateek Bhajanka, Senior Principal Research Analyst at Gartner, said that the overnight move to remote-working in reaction to the pandemic exposed organisations’ vulnerabilities.

“While security leaders had to cut down on their security spending in 2020 because of IT budget-cuts, in 2021, this trend is reversing. A secure digital environment is now foundational to organisations’ growth and in preparation for another crisis that may arise. Security leaders are ready to reinvest in cybersecurity with a renewed and refreshed rigour,” he said.

According to the research firm, enterprise information security and risk management end-user spending in India is expected to increase by 9.5 per cent to $2.08 billion this year, from $1.9 billion last year.

Pandemic revs up cloud adoption

Continuing the trend from last year, cloud security and integrated risk management will experience the highest growth in 2021, up 251 per cent and 27.8 per cent, respectively.

Bhajanka said that India is at an early stage of cloud adoption and the pandemic only accelerated this shift as organisations moved to the cloud to achieve cost efficiency and business continuity.

 “In 2020, hyperscalers, such as Amazon Web Services, Microsoft Azure and Google Cloud, increased their investment in data centres in India, further catalysing Indian organisations’ move to cloud during the pandemic.”

Moreover, he said that CISOs and security leaders are aware of the risks and vulnerabilities that their organisations can be exposed to while migrating to the cloud from legacy systems.

Mohammed Al-Moneer, Regional Director for the Middle East, Turkey and Africa at Infoblox, said that the existing enterprise security stack, including security controls such as data loss protection, cannot scale to the cloud and new controls to secure container-based workloads, lockdown cloud configurations and encrypt data in the cloud are still being deployed.

As of the end of 2020, he said that many organisations have still not implemented necessary cybersecurity to protect this far more distributed user base. 

New security controls needed

“Proprietary business information is at risk when workers use personal and business instances of applications such as Office 365 on the same machines, collaborate within clouds and connect to an ever-increasing number of SaaS clouds that are not work-related and not sanctioned by their IT department,” Al-Moneer said.

The on-premises legacy enterprise security stack will not work for remote workers without significant redesign, planning and a move to new security controls to support distributed infrastructure and cloud deployments, he said and added that Domain Name System (DNS) security can be configured to protect teleworkers but many organisations don’t yet have the additional protections and visibility that DNS security deployment would provide. 

However, he said that many cybersecurity procedures and security controls used within enterprise facilities cannot provide the same level of security for remote locations.

Gartner said that cloud access security brokers (CASB) and cloud workload protection platform (CWPP) will be some of the major technologies that CISOs in India will increase their spending on within the cloud security segment in 2021.

In addition, Bhajanka said that Indian CISOs and security leaders will focus on establishing and deploying threat detection and response programs and capabilities, such as endpoint detection and response (EDR), and move to cloud-delivered security capabilities to have consistent security coverage whether working from the office, home or off-site.

Related stories:

Vulnerabilities in Microsoft products mark biggest jump in 2020

Naushad K. Cherrayil
-
0
Vulnerabilities in Microsoft products mark biggest jump in 2020
  • Removing administration rights from endpoints would mitigate 56 per cent of all critical Microsoft vulnerabilities from 2020.
  • Controlling user privileges and employing stronger endpoint management under a Zero Trust framework are prudent initiatives for companies to follow as digital connectivity grows.
  • Windows security subsystem is not built to withstand the use of admin rights, expert says.

Approximately 1.5 billion people use Windows operating systems each day, with various applications for Microsoft’s products reaching into homes, businesses and entertainment venues but 2020 has seen the total number of vulnerabilities in Microsoft products mark the single biggest jump – climbing from 858 in 2019 to 1,268 in 2020, registering a 48 per cent year-on-year increase.

Over the last five years, the total number of vulnerabilities in Microsoft products has skyrocketed, with a colossal 181 per cent increase since 2016.

According to BeyondTrust’s report on 2021 Microsoft Vulnerabilities, removing administration rights from endpoints would mitigate 56 per cent of all critical Microsoft vulnerabilities from 2020.

For the first time, Elevation of Privilege accounted for the largest proportion of total Microsoft vulnerabilities (44 per cent), almost tripling in number year on year (from 198 in 2019 to 559 in 2020). This might reflect a decreasing availability of easily compromised admin accounts, driving threat actors to utilise different attack vectors in cyberbreaches.

Controlling user privileges

“To adjust to the new work-from-home realities, companies need to better manage the proliferation of desktop and mobile devices, including applying patches and security updates,” Chuck Brooks, a cybersecurity expert and faculty member at Georgetown University, said.

Moreover, he said that controlling user privileges and employing stronger endpoint management under a Zero Trust framework are prudent initiatives for companies to follow as digital connectivity grows.

Morey Haber, Chief Technology Officer & Chief Information Security Officer at BeyondTrust, said that the sheer fact that patching must always occur is cybersecurity basic.

However, he said that deflecting an attack with good cybersecurity policies like the removal of administrative rights ultimately makes the environment, and home workers, even more secure.

And, most importantly, he said that honouring the least privilege can buy your organisation time to patch when critical vulnerabilities are published, and added that threat actors are getting more sophisticated in their attacks.

“Is Microsoft code becoming less secure as they adopt rapid agile releases, or is the bloat in sophistication and features just leading to more vulnerabilities? Realistically, it is probably a combination of all three, but it is counter-intuitive to think if you have fewer products to support then you should have fewer vulnerabilities. That is clearly not the case for 2020 and as we know now, 2020 will go down in history for a variety of events,” he said.

Sami Laiho, Microsoft MVP and Ethical Hacker, said that the Windows security subsystem was not built to withstand the use of admin rights.

“Allow-list will let you run things from your C:\Windows-folder, but an admin can put anything in there. So, to make this work for admins, you would need to create thousands of rules instead of one. The removal of admin rights is a great proactive protection, as you can see from the numbers in this report. “We need to protect the components that execute malicious payloads, so our most important apps to protect are things that browse the web or read email. The numbers in this report tell you the great results removing admin rights will give you in protection for Outlook, Office, IE, and Edge,” he said.

Highlights of the report:

  • In 2020, record-high 907 vulnerabilities were reported across Windows 7, Windows RT, Windows 8/8.1, and Windows 10 operating systems. Windows 10 was touted as the “most secure Windows OS” to date when it was released, yet it still experienced 132 Critical vulnerabilities last year. Of all the Windows vulnerabilities discovered in 2020, 132 were considered Critical. Removing admin rights could have mitigated 70 per cent of these critical vulnerabilities.
  • Microsoft Office vulnerabilities rose from 60 to 79 in 2020. Of the 79, only 5 were considered critical and removing admin rights would have mitigated 4 of them (80 per cent) in all Office products (Excel, Word, PowerPoint, Visio, Publisher, and others).
  • A total of 902 vulnerabilities were reported in Microsoft Security Bulletins affecting Microsoft Windows Servers in 2020 — a 35 per cent increase over the previous year. Of the 138 vulnerabilities with a critical rating, 66 per cent could be mitigated by the removal of admin rights.
  • 87 per cent of critical vulnerabilities in Internet Explorer and Microsoft Edge would have been mitigated by removing admin rights.

3D printing unlocks new design and manufacturing use cases

TCN Bureau
-
0
3D printing unlocks new design and manufacturing use cases
  • The blend of hardware, software and materials innovation is now enabling organisations of every size to evaluate the potential.
  • 3D printing is playing a crucial role in reducing the expenditure required to reach the minimum efficient scale for production.

3D printing has emerged as one of the key enabling technologies driving advancements across industries.

The 3D printing industry is unlocking new use cases in production, planning & design and R&D by enabling industries to flexibly work with numerous plan selections in terms of design complexities, easy replication and design modifications of prototypes.

 “The blend of hardware, software and materials innovation is now enabling organisations of every size to evaluate the potential use of 3D printing within a blended manufacturing model driven by the buy, build and partnership model,” Manish Dixit, Principal Disruptive Tech Analyst at GlobalData, said.

 As enterprises and start-ups turn to 3D printing, he said the technology is playing a crucial role in reducing the expenditure required to reach the minimum efficient scale for production.

Furthermore, he said that 3D printing has moved beyond the technology hype and has an increasingly prominent role by ‘democratising’ technology into the hands of anyone who owns a 3D printer.

A recent analysis from GlobalData’s database compares the top five industries in terms of the adoption of 3D printing:

Aerospace and Defence

Northrop Grumman is leveraging 3D printing to produce end-use mechanical parts. The company has developed an aircraft repair kit using 3D printing technology which can modify and repair aircrafts. 3D printing reduced the need to tear down the whole area of aircraft to replace key parts saving maintenance costs by 10-100 times.

Pharma and Medical

In the wake of Covid-19 pandemic, Chiari Hospital in Italy witnessed several patients requiring respirator valves. However, the use of 3D printed respirator valves from Isinnova helped the hospital overcome supply chain issues and meet urgent need for treating severely ill Covid-19 patients. The hospital also had about 100 3D respirator valves produced and supplied to it in a day, at a cost of less than one Euro each.

Oil & Gas

Due to the nature of the operations within the oil & gas industry, several facilities, plants and rigs are situated in remote areas and transporting spare parts or maintenance crews to them is a drawn-out process. To overcome these issues, Shell employed 3D-printing technology for creating a prototype of turret buoy to decrease production time and assembling complexity. It helped the company to design the model within four weeks and helped Shell in saving approximately US$40m by identifying design and assembly flaws at an early stage.

Automotive

Already taking hold of the automotive industry, 3D printing can accelerate the prototyping process of car parts and components. In addition, cars themselves can now be printed. Italian electric car company XEV and 3D printing material company Polymaker have produced what they claim is the world’s first mass-producible 3D printed electric car with more than 70 per cent reduction of the investment cost in comparison with a traditional production process.

Construction

Greater use of 3D printing by construction firms could reduce labor costs and increase efficiency, given the speed at which an object can go from the design phase to being produced.  Amsterdam-based start-up Aectual has launched a commercial web shop for custom-made and 3D printed architectural products for the Architecture, Engineering and Construction (AEC) market.

The design-to-delivery platform enables customers to access and order Aectual’s 3D printed interior design and architectural products.

Data centres have become as critical as water, electricity and gas due to Covid-19

Naushad K. Cherrayil
-
0
Data centres have become as critical as water, electricity and gas due to Covid-19
  • Market growth expected to rise to $948b by 2030 from $466b in 2020, GlobalData says.
  • Accelerating shift to the cloud to drive the adoption of new architectures and software-defined, programmable infrastructures within data centres.
  • Next few years will see increased mergers and acquisition (M&A) data centre activity, with special purpose acquisition companies (SPACs) being created to buy up data centres.

Data centres have become a fifth utility that is as critical as water, electricity, gas and telecoms, according to an industry expert.

David Bicknell, Principal Analyst in the Thematic Research team at research firm GlobalData, said that data centre-provided cloud services have allowed remote workers to collaborate with colleagues, provide entertainment for locked-down citizens, deliver online learning and enable online shopping.

At the same time, he said that the pandemic-driven accelerating shift to the cloud has put a premium on flexibility and this will, in turn, drive the adoption of new architectures and software-defined, programmable infrastructures within data centres.

The Covid-19 pandemic has highlighted the vital importance of data centres and businesses are increasingly reliant on data centres to provide cloud services, which will drive a significant market expansion over the next decade.

Need for AI processing capabilities

GlobalData forecasts that data centre revenues will hit $948 billion by 2030, up from $466 billion in 2020 and growing at a compound annual growth rate (CAGR) of 6.7 per cent over this period, much of this growth will come from the building of massive hyperscale data centres.

Bicknell said that new edge data centres will also cater to increasing levels of enterprise-generated data being created and processed outside remote data centres or the cloud.

“The next few years will also see increased mergers and acquisition (M&A) data centre activity, with special purpose acquisition companies (SPACs) being created to buy up data centres,” he said.

Moreover, he said that data centres have gone from anonymity to seeing their staff now designated as key workers.

But this new-found utility status, he added may be a double-edged sword.

“Governments will now have higher expectations of the data centre sector. The expansion of data centres reflects the need for increased AI processing capabilities, but these have a poor carbon footprint. With governments focused on climate change, meeting stringent sustainability targets will be an unwelcome reward for an industry that excelled during the pandemic,” he said.

Indian body urges government not to ban cryptocurrency

Naushad K. Cherrayil
-
0
Indian body urges government not to ban cryptocurrency
  • Good governance and regulation of the cryptocurrency ecosystem in India is critical and will give impetus to the Government of India’s Digital India vision, IAMAI said.
  • Proposed move to ban will have an adverse impact and will lead to loss in investments and hit 10m Indian crypto customers.
  • The government will take a “calibrated” approach to crypto trading and “negotiations and discussions” are going on with the Reserve Bank of India on how to regulate cryptocurrency in India, Finance Minister says.

Internet and Mobile Association of India (IAMAI) on Wednesday urged the Government of India not to ban cryptocurrency and proposed to develop robust mechanisms to regulate the ecosystem.

IAMAI strongly feels that India needs smart, robust and pragmatic crypto regulation, which can lead to the financial revolution and contributes to India’s growth story. 

Given the scale and diversity, the good governance and regulation of the cryptocurrency ecosystem in India is critical and will give impetus to the Government of India’s Digital India vision, the association said.

India is also witnessing a considerable rise in digital assets  and cryptocurrency has been generating jobs across a variety of functions — legal, compliance, tech, marketing, business development, finance, etc. — in India and abroad. 

 “The crypto community consists of over 10 million crypto holders holding over $1 billion worth crypto assets, more than 300 startups generating tens of thousands of jobs and hundreds of millions of dollars in revenue and taxes. There’s a daily trading volume of $350 million-$500 million,” IAMAI said.

“The proposed move to ban will have an adverse impact and will lead to loss in investments and hit 10 million Indian crypto customers. Hence, we are urging the government to define the cryptocurrency regulation framework after due consultation with IAMAI and stakeholders such as India crypto-asset user groups and the exchanges that facilitate buying and selling,” it said.

The Government of India has listed the Cryptocurrency and Regulation of Official Digital Currency Bill, 2021 for introduction, consideration and passing in the current session of Parliament.

India plans own digital currency

Under the Cryptocurrency and Regulation of Official Digital Currency Bill, 2021, reports indicate that India probably aims to launch its own digital currency i.e. Central Bank Digital Currency (CBDC). This measure will be in line with many central banks which have begun planning to issue their own digital currencies. 

India’s Finance Minister Nirmala Sitharaman’s said that the government will take a “calibrated” approach to crypto trading and “negotiations and discussions” are going on with the Reserve Bank of India (RBI) on how to regulate cryptocurrency in India. 

Members of IAMAI, including India’s leading cryptocurrency players, while welcoming the Finance Minister’s statement, voiced their opinion and apprehensions against the proposed ban on cryptocurrency.

Nishith Desai, Founder of Nishith Desai Associates, said that the US, Japan and other developed countries have a positive outlook towards crypto and are considering setting up of regulations for crypto.

Potential of the digital economy

Moreover, he said that India should develop balanced and positive crypto regulations that will both ensure consumer protection as well as lead to more startups building in blockchain, more jobs, wealth creation for investors, and more tax revenue for the government.

“All types of crypto-asset activity should be encouraged, both government and private. We’re confident that our government will take notice of this technology and its potential to contribute to our $5 trillion economy vision,” he said.

Sumit Gupta, CEO & Co-founder of CoinDCX, remained confident about the outcome and said that India is at a threshold of a fintech breakthrough.

“India already has 560 million online users today. In FY20 alone, India as a country registered over 21 billion digital transactions. The government sees this and understands the potential of the digital economy,” he said.

Volume of M&A deals in AI space rises 6% in 2020 despite a 17.3% fall in value

Naushad K. Cherrayil
-
0
Volume of M&A deals in AI space rises 6% in 2020 despite a 17.3% fall in value
  • Covid-hit 2020 saw the announcement of some big-ticket VC deals due to which deal value increased by 18.7% compared to 2019.

The number of mergers and acquisitions (M&A) deals in the AI space grew by six per cent year on year in 2020 but the corresponding value shrank by 17.3 per cent.

While 2019 saw the announcement of around sixty $100 million-plus deals, 2020 saw the announcement of around fifty $100 million-plus deals.

According to GlobalData, venture capital funding deal volume in the AI space showed consistent growth from 2016-2019 until 2020 when the Covid-19 pandemic reversed the trend and deal volume shrank by 7.1 per cent.

However, funding value managed to maintain the growth trajectory.

On the other hand, M&A deal volume registered consistent growth during 2016-2020, while M&A deal value continued to fluctuate.

After recovering from the decline in 2017, M&A deal value registered growth in 2018 and 2019 before declining again in 2020.

Despite the fluctuation in deal activity, there is a notable growth when comparing 2020 numbers with 2016. VC deal volume and value increased at a compound annual growth rate of 19.4 per cent and 39.9 per cent, respectively, during 2016-2020.

Significant investment boost

VC deal volume in the AI space shrank by 7.1 per cent from 3,075 in 2019 to 2,856 deals in 2020. Despite the decline in volume, the Covid-hit 2020 saw the announcement of some big-ticket VC deals due to which deal value increased by 18.7 per cent compared to 2019.

Some of the notable VC deals announced during 2020 included $1.9 billion secured by SpaceX and $1.7 billion secured by Manbang Group.

On the other hand, M&A deal volume and value increased at a CAGR of 44 per cent and 5.6 per cent, respectively, during the past five years.

Aurojyoti Bose, Lead Analyst at GlobalData, said that despite the fluctuating trend, investors’ interest and deal-making sentiments for AI grew significantly in the past few years.

“With global organisations replacing their conventional operations with disruptive technologies such as AI, space managed to gain a significant investment boost,” he said.

1...224225226...271Page 225 of 271