Generative AI can take a lot of burden off the security team: Sharda Tickoo, Trend Micro

To counter the growing cyber threats, Indian enterprises need to adopt a proactive approach and also develop skill sets around cybersecurity, said, Sharda Tickoo, technical director for India & SAARC, at Japanese cybersecurity company Trend Micro, which sees India as one of its key growth markets. In an interview with TechCircle, Tickoo discusses the cybersecurity landscape in India, role of generative AI in cyber security, the company’s overall business plans for the India market and more. Edited excerpts: 

In your opinion, what are the most concerning emerging threats in cyberspace that organisations should be aware of? 

Digital transformation has inevitably led to new cybersecurity threats. In the last 2-3 years, companies had to adapt to remote working and this created more possibilities for cybercriminals. Needless to say, ransomware attacks continue to be one of the main cyber threats. They are also getting more complex and sophisticated. Ransomware-as-a-service (RaaS), a pay-for-use subscription model that is advertised on the dark web with varying price points where anybody can simply login and buy ransomware kits off-the-shelf to launch an attack is a dangerous phenomenon. 

Organisations are also becoming more vulnerable to supply-chain attacks. Even if a single piece of code gets compromised, the entire supply chain could suffer. And not just proprietary software, even open-source cannot be trusted completely, as anyone can inspect, or even modify open-source software, leading to supply chain attacks. 

At the same time, the increasing sophistication and volume of operational technology or OT/IT cybersecurity threats also call for heightened protective measures. These attacks often extend beyond IT systems, impacting production operations. A proactive and robust approach to cybersecurity is no longer an option — it’s a necessity for the survival and success of companies in this digital age. 

What advice would you give Indian businesses to be future-ready in the current dynamic threat landscape? 

There is no second thought today that they should treat cyber security as a top priority and invest in it. This means investing in the right tools, technologies, and expertise to protect against cyber threats. It also means building a cybersecurity culture within the organisation, where employees are trained to recognise and respond to potential cyber threats. 

Since many businesses have moved to the cloud especially in recent times, they should ensure having the right security measures in place to protect their data in the cloud. This means adopting a multi-layered approach to security, which includes encryption, access controls, and monitoring. 

Overall, businesses in India need to be proactive and stay informed about the latest cybersecurity threats and trends in order to be future-ready in this evolving threat landscape. By investing in the right tools, technologies, and expertise, and collaborating with trusted vendors, businesses can protect themselves against cyber threats and ensure they are prepared for the challenges of the future. 

What made Trend Micro acquire security operations centre (SOC) firm Anlyz? Please tell us more about the acquisition that was completed in April this year and whether it has given you an edge over other security vendors in the market? 

Trend Micro has been actively enhancing its products and capabilities to safeguard customers from the increasing risk of cyber-attacks. As part of this approach, the company has acquired Bangalore-based Anlyz, a specialist in SOC solutions that enable organisations to detect and respond to cyber threats in real time. Anlyz's expertise in this field complements our existing capabilities, such as endpoint and network security, threat intelligence, and cloud security. 

Also, Trend Micro and Anlyz have been technology partners for more than a year, serving over 30 customers together. The acquisition allows us to further broaden our SOC offerings and offer customers with a comprehensive range of security solutions. The acquisition will also help Trend Micro offer managed security service provider (MSSP) services to customers. Moreover, it will enable the development of an open and hybrid XDR (Extended Detection and Response) platform that supports non-Trend Micro products. 

What plans do you have for the India market in the next 2-3 years? 

India being one of the key markets for Trend Micro, our go-to-market strategy for 2023 is focused on delivering targeted security solutions to mid-sized enterprises. We are also expanding our presence in large enterprises, including banks, manufacturing, and the government sectors and also advancing our efforts in smart city security. To address the increasing adoption of cloud technologies in the country, we are continuously upgrading our XDR and cloud security offerings (This unified platform provides organisations with a centralised view of their digital attack surface, and reduces response time). And while we have already transitioned to a software-as-a-service (SaaS) model, offering a flexible pay-as-you-go option, we realise the importance of certain regulated sectors in India that need an on-premise approach. Therefore, we will continue to maintain a hybrid strategy for specific segments (such as banking and government). 

Do you see large language models, generative AI as a security threat or an enabler? 

We have been integrating artificial intelligence (AI) and machine learning across our threat defense platforms and internal business operations. Generative AI can take a lot of burdens off the security team. With the help of large language models cybersecurity teams can accelerate processes, better analyze data, and in turn strengthen an organisation’s posture. The fact that LLMs can analyze and process huge amounts of information, would result in much faster response times and a focus on significant and specific threats that can be mitigated. Having said that, it is critical to have a system that is based on relevant data. Proper training is needed for helping employees create effective prompts. There also needs to be human validation and reviews. We are still at the very early stages and a lot of experimentation is still underway. 

India’s cyber security industry is grappling with an ongoing skill shortage. Why there is a skills gap and what can companies do about this? 

In order to reduce the ongoing skills gap, the changes must come from the fundamental level. It is the responsibility of the government as well as academia and corporate to provide skills at a sensible cost, which becomes especially challenging. Also, lack of a comprehensive cybersecurity regulation is a key factor hindering the progress. With ransomware and other attacks continuing to become more complex, organisations need actionable cybersecurity education program. But most training programmes and curriculum often do not match the pace of digitalisation, technology advancements and also techniques of cyber threats which is constantly evolving. While organisations are now recognising the significance of upskilling their employees and prioritising workforce training, to actively address the skill gap, we still have a long way to go.