[paragraph] Our exclusive Interview series with tech & business leaders continue with the focus on Cyber Security this month. To dive deep into the topic we have Mr. Keith Martin, Head of Asia Pacific (Corporate Business) from F-Secure. Keith talks about the security challenges in India as it goes through the ongoing technology transformation. Security solutions for technology startups and Internet of Things based developers. And how F-secure is offering services for a broad variety of customers solving problems related to privacy, personal security to enterprise-grade solutions for various industries including their recent offerings for the aviation industry. [/paragraph]
Interview With Mr. Keith Martin, F-Secure Head Asia Pacific and Japan for Corporate Business
Q1. The use of Cloud-based platforms and Internet things are rising within startups as well as traditional businesses. What is F-Secure’s approach towards the security of these emerging technologies? Are you already offering security solutions for these technologies?
[K.M] The basic security measures of software as a service (SaaS) providers like Google, Salesforce, Facebook, or Microsoft will often protect you from security breaches. But these rudimentary features are insufficient for security professionals aiming to uphold their obligations under the Shared Responsibility Model.
Even the best SaaS security is no replacement for good habits like using multi-factor authentication and being skeptical of strange links or files. But these foolproof institutional policies are just the start. You may also strongly consider additional security measures such as antivirus software for endpoint devices and perhaps even firewalls or cloud access security brokers (CASBs).
The additional security layer provided by a CASB is beneficial, but downtime of a CASB server means a total loss of this security layer. Perhaps worse yet, your cloud services may be inaccessible when your CASB is unavailable.
The many headaches that come with external third-party solutions like CASBs become obvious when compared with the ease of robust native third-party security applications like F-Secure Cloud Protection for Salesforce. This class of security solutions has one key advantage with a series of related benefits — native security solutions operate from within the SaaS cloud. When a security application and SaaS are within the same cloud, the security application is always available when the SaaS is available. Downtime will still happen, but it will be simultaneous downtime of both services and will not leave you vulnerable.
Q2. What is your take on cybersecurity scenario of India, considering the ongoing tech transformation?
[K.M] India has worked incredibly hard on the cybersecurity front. The National Cyber Security Policy was incorporated as early as 2013. The policy aimed at developing a secure and resilient cyberspace for Indian citizens and businesses. Additionally, it launched its own Computer Emergency Response Team (CERT-In) back in 2004. But supported the nation’s determination to dynamically address the burgeoning cybersecurity challenges. MeitY (Ministry of Electronics and Information Technology) launched Digital Swachhta Kendra, a botnet cleaning and malware analysis centre, in 2017 as botnet based attacks increased on a global level. It had also instituted a federal CISO to spearhead and monitor cybersecurity policy, planning, and implementation.
Something that isn’t recognized on a macroscopic level is that India is also equipped with two factor authentication for online payments. This decreases its exposure to fraudulent transactions. The country also constantly collaborates with industry partners, as well as international players, and is benefitted by this threat intelligence collaboration. These initiatives and collaborations add to the nation’s defensiveness as it emerges as a promising digital market across the globe.
Q. What are the various industries F-Secure is working in for cybersecurity? As they have recently got into Aviation cybersecurity, as well?
[K.M] we are working on very broad range of industries, from general cyber security for companies to specialized sectors, such as manufacturing industry, energy, banking, medical, aerospace, automotive and maritime cyber security.
If it has importance for the proper functioning of a modern society, we are there to protect it.
Q. Since demonetization, Digital payments have taken off at massive scale in India. Considering this event, what are the major steps taken for the Mobile cybersecurity?
[K.M] India’s NPCI (National Payments Corporation of India) ensures that all of its digital payments are safe and secure. As I’ve already spoken about two-factor authentication, it must be understood that such steps have established multiple layers of security for Indian customers. But, as there are advantages, there are limitations as well. Indian smartphones are at present being extensively used for digital payments through e-wallets and banking applications. These smartphone-based applications, however, are not equipped with hardware-level security. So, security issues on the mobile endpoint can put the integrity of user data at risk. Moreover, global cyber attackers constantly keep changing their TTPs (Tactics, Techniques, and Procedures) and a more proactive approach is required to protect the increasingly digitising nation.
Q. Has F-secure taken any initiative to educate internet users about privacy and security while using social media or internet in general?
[K.M] one must be aware that counterfeit webpages are used to obtain the user credentials. In every instance, try avoiding web links provided in mails as they can redirect you to such counterfeit webpages. When visiting a site, always check the web address in the URL begins with ‘HTTPS://’ and not standard ‘HTTP://’. Https means it is a secure website.
Check if the address has any anomaly, such as ‘face-book.com’ or ‘fa-cebook.com’ instead of the usual facebook.com. Also, restricted web links and torrents must be avoided, as they are one of the major sources of malware. Use an internet security product on every device. This will not only provide antivirus protection, but will also alert users to suspicious websites they may attempt to browse to. It is important to keep the internet security software, all other software, apps and the operating system updated. Updates contain fixes for vulnerabilities which have been discovered. Until the update is installed, the product is vulnerable to attack.
Q. What are the contributions of F-Secure in securing their customers globally?
[K.M] F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people for three decades. Our sophisticated technology combines the power of machine learning with the human expertise of our world-renowned security labs. F-Secure’s security experts have participated in more European cybercrime scene investigations than any other company in the market, and our products are sold all over the world by over 200 broadband and mobile operators and thousands of IT resellers.
Q. Current government is highly focused on developing 100+ smart cities across India. How cybersecurity plays a vital role in developing India’s smart cities?
[K.M]Smart cities feature a range of digital devices and framework, including cloud systems, network cameras, and internet-connected sensors, that can be compromised by a cyber-attacker. This directly increases the network boundary that needs to be protected and vulnerabilities eliminated on the hardware and software-level before we unveil our smart cities to the masses.
Without cybersecurity a smart city cannot exist, as a smart city is essentially a control system, and that implies it must be under control of the intended users, not criminal organization or a hostile nation state.
Nobody knows cybersecurity like F-Secure. For three decades, F-Secure has driven innovations in cybersecurity, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber-attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cybercrime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers.
About Mr. Keith Martin, Head of Asia Pacific (Corporate Business) F-Secure
Keith spearheads the growth of F-Secure’s Asia Pacific business.
Prior to joining F-Secure in 2015 as the Country Manager for Japan, Martin had spent a decade in the telephony and contact center space, first working for four years in Avaya Japan as Director of Multinational Account Sales, followed by six years serving as Japan Country Manager for Interactive Intelligence, a pioneer in cloud contact center technology. Before that, Keith worked with internet startup Value Commerce helping build its web hosting platform business before the company was acquired by Yahoo Japan.Keith earned his Bachelor of Arts degree in Japanese Studies from Bucknell University in Lewisburg, Pennsylvania, a program which included one year abroad at Doshisha University in Kyoto, Japan.