Security Mechanisms Need to Change Rapidly in Order to be on Par With Evolving Threats

Amit Roy, executive vice president and regional head for EMEA at Paladion copy

Channel Post speaks to Amit Roy, the Executive Vice President and the Regional Head for Middle East at Paladion about the state of cybersecurity in the financial sector in the region

Is the regional financial sector on par with other regions in terms of investments into new technologies?
I think from an adoption perspective, the banks in the Middle East are rapidly adopting new technologies. At least in the last two years, we have seen banks adopt the latest technologies – be it social platforms, cloud, blockchain technology, and so on. Users today use smartphones for all their banking requirements, especially the millennial – they prefer to complete their banking transactions on a mobile device.

There is a lot of financial digital transformation happening and banks are becoming more and more digital. While all of this is happening, the cyber security threat landscape is also changing. It is has become more complex – primarily the attack surface has changed. Complexity and the number of attacks are also changing. We believe security mechanisms also need to change to be on par with changing security threat landscape.

How has the CISO’s job role changed over the years?
The CISO’s job has changed and is more complex today. It is no longer just about providing the latest in technology. While CISOs want to be as flexible as possible, they also do not want to compromise on security. The challenges that a CISO faces today is not that he / she is far-sighted. The challenge is how does he / she align his / her initiatives with the business.

Here is where the media plays a major role. Over the past few years I have seen the media frequently updating the IT community about serious security threats in the region. Thus, the senior management is informed about such instances and they are not averse. So, CISOs today understand that whenever there is a request for upgrading technologies in a company, security needs to be part of the decision-making process.

Does Paladion cater to startups in the region? Startups that are involved in, say, ecommerce or payment gateways?
Being in the community of cyber security, we cannot restrict ourselves by saying that we will work only with the banking sector or big enterprises. Any startup, mobile wallet company, or payment processing company, ultimately, they are going to attract lots of customers. As a consumer, when I am engaged in a financial transaction through such startups, I am still interfacing with a bank in someway.

Whether I am using services such as Uber, Careem, ecommerce sites, and so on, we still need to be protected from security threats as a consumer. As a cyber security organisation, we saw this coming, at least three years ago. Thus, we started offering a unique solution called Paladion OnDemand. Paladion OnDemand brings in instant security outcomes by tightly bundling leading cyber security technologies with managed services, and comes in an a pay-as-you-go model that suit companies of every shape and size. The easy-to-use OnDemand portal gives you complete control when you need it. You can add devices or services, generate reports, receive alerts, and much more.

Tell us more about Paladion OnDemand.
The complexity of managing cyber security in-house can be dizzying. Teams co-coordinating and responding together in case of an incident, implementing a defense in-depth model, managing risk on new technologies, and the list goes on. Companies are mostly unsure of their current security posture in spite of spending heavily on the latest security technologies and investing in security talent. Paladion OnDemand’s Cyber Security as a Service tightly integrates technology and services and is delivered from Paladion’s globally distributed SOCs with over 450 security experts.

Our security as a service offering goes beyond traditional information security offerings because it is driven by a team of investigators, threat intelligence analysts, data scientists, ethical hackers, Incident responders, and security architects, who are expertly coordinated for carrying out your cyber security operations. What’s more, the service is also backed by SLAs so you know who is accountable. This kind of a solution is very much feasible for a startup since they do not need to invest a lot on IT. This is a pay-as-you-go model and hence it does not affect the cashflow of a startup or a company which does not want to keep aside a large amount for upgrading its IT requirements.

Comments

Comments