Reported by: banking|Updated: September 24, 2018
In a tête-à-tête with Dr Ravi Lalwani, Adi Dar, CEO, Cyberbit, reveals details about the new cyber risks threatening financial institutions in India and how the company can mitigate them and comply with RBI guidelines:
Dr Ravi Lalwani: Who are your target customers in India? Which channels you are using to reach your customers?
Adi Dar: We mainly provide our cybersecurity services to the financial services, IT/ITES, transportation, utility services, electricity, airport and educational institutes. We have our offices in India located at Bangalore, with additional presence in Mumbai and Delhi. Currently, we have 15 employees in our sales and marketing team in India, and we are planning to increase this number to 20 in the coming months. We are participating in events, exhibitions and conferences to promote our products.
Which are the top international markets for the Cyberbit?
We are active in the United States, Germany, Singapore, India, Israel and the UK.
Can you give details of Cyberbit Range, SOC 3D, SCADAShield?
Cyberbit provides a portfolio that includes a cyber range for training and simulation SOC orchestration and automation, industrial control network security and advanced endpoint detection and response,.
Cyberbit Range is the world’s leading simulation platform enabling enterprises, including banks, as well as service providers and universities, to establish and manage cybersecurity training and simulation centres. Organizations use our Cyber Range to train and certify their cybersecurity teams and to evaluate new hires. The Cyber Range is unique by delivering hyper-realistic, simulated training scenarios that accurately replicate real-world attacks and dramatically improve cybersecurity team performance. Organizations also use the Range to test their playbooks, and evaluate security tools.
SOC 3D is a unique incident response platform that triples the capacity of the security operations centre (SOC) allowing organizations to deal with the increasing volumes of security alerts, even with limited resources. It does this by automating security processes, orchestrating multiple security tools in a single screen, and improving investigation processes.
SCADAShield is the first security solution ever created for industrial control system (ICS) networks, such as utilities, oil & gas, manufacturing lines and airports. Today, these networks are highly targeted by cyber attackers and the consequences can be disastrous, even risking human lives. Our platform is very good at understanding the unique constraints, protocols, and technologies of critical infrastructure operational technology (OT) networks. This enables it to detect such attacks before they cause critical damage. The platform also helps critical infrastructure network managers to manage the assets in their network, understand risks, and even detect continuity risks that are unrelated to security.
The Reserve Bank of India (RBI), has provided guidelines on Information Security (mandatory to implement Endpoint Detection & Response solutions), Electronic Banking, Technology Risk Management and Cyber Frauds. What are the new cyber risks threatening financial institutions in India and how can your products mitigate them and comply with RBI guidelines?
India is a very large and important market for us, presenting plenty of potential opportunities. The recent RBI regulation is the right and comprehensive one for the banking industry. When we saw the first draft in May 2017, we knew that we can truly help BFSI organizations comply with it and become a dominant player in this market. In fact, I believe that the scale of the Indian market is worth investing in, as much as the scale of the US market for us.
With the Indian government emphasizing on digital banking, more and more banks are offering digital banking services today, but it is to be seen how adequate and well equipped the banks’ cybersecurity mechanism is. Two Indian private banks – City Union Bank and Cosmos Cooperative Bank – were victims of cyberattacks this year.
The new risks on BFSI involve advanced and targeted attacks which can easily bypass traditional security systems like firewalls and antivirus systems. The new cyber attacks are designed by sophisticated attackers and do not have a file signature that antivirus systems can detect. In fact, the attacks are often file-less, meaning that they operate entirely in system memory with no files to analyse, making then impossible to detect by conventional systems. This is where solutions such as our EDR come in handy. These solutions do not rely on signature but on AI, machine learning and behavioural analysis. Therefore, they can detect these file-less and signature-less threats that bypass traditional systems. Perhaps if one of the attacked banks had an EDR solution in place, this attack could have been eliminated.
Cyberbit’s products can help organizations comply with RBI in many ways. For example, RBI requires a Cyber Crisis Management Systems, preparedness for zero-day attacks, asset management, forensics and deep packet inspection, analytics and dashboards, and advanced SOC capabilities. All of these are requirements we can help organizations comply with. We are operating in several markets with very strict regulations and are experienced in supporting these requirements.
Share some details of your company partnership with Tech Data in India?
We have signed a distribution agreement with Tech Data. Under the agreement, Tech Data will distribute Cyberbit’s entire portfolio including ICS/SCADA Security, Endpoint Detection and Response (EDR), Security Orchestration, Automation and Response (SOAR) and the Cyber Range training and simulation platform.
Who are your national and international clients?
We have many customers in India including one of the top banks who uses Cyberbit’s EDR solution. QoS Technology provides cybersecurity training and simulation facility powered by the Cyberbit Range. AforeCyberSec Technology is licensed to offer our SOC 3D SOC Orchestration Automation and response (SOAR) platform. We have multiple international clients like Samsung, HP Enterprise, and Regent University. Many of the top financial institutions in Israel and multiple global customers use our Cyber Range, SOC Orchestration and EDR solutions.
What are your expansion plans in India?
We will be initially focusing on the Indian financial services sector as there are tremendous opportunities available in this market. In the coming years we will be focusing on other sectors like utility service providers, transportation, etc.
For the financial sector we see a critically growing need for innovative training and simulation technologies, to train their security teams in cyberattack scenarios and help them manage the large volumes of attacks, and their increased complexity. For the same reason we see an opportunity for security orchestration and automation, and for advanced endpoint detection and response (EDR) which are all rapidly adopted by our financial customers worldwide.