Hyderabad: Tech Mahindra, a provider of digital transformation, consulting and business re-engineering services and solutions, is keen to enhance its cyber security solutions to enterprises and government. The company wants to create a niche for itself in this space and remain a differentiator, providing quality security to its clients. It has been protecting its clients from hacking and other forms of cyber-attacks. The company which has created its cyber security division 18 years back has seen its capabilities evolving over the years.
Sharing the range of tasks the division had been handling in the past, Rajiv Singh, senior vice president, Global Cyber Security Business, Tech Mahindra, told Telangana Today, “We help military to establish security operation centres and provide threat intelligence capabilities. We alert large energy companies on likely threats to their assets. We also carry out vulnerability assessment of malicious code getting injected into applications. We constantly update ourselves to trace/detect new vulnerabilities with the use of artificial intelligence, machine learning backed by data analytics. These are provided as a complete package to government, semi-government and private enterprises. We are not currently serving overseas governments at present though we serve the private sector.”
“We are building the right stature within the organisation for our cyber security capabilities and building a core team. We focus on the quality rather than volume. We are proactive rather than reactive. Our capabilities are shifting from a mere perimeter/infrastructure security provider to cyber services on cloud and internet of things (IoT) devices. We want to offer security as a service to our clients and not just a domain of security. The company is developing capabilities to help clients defend themselves from anything and everything. This ability takes a lot of investment and right partner ecosystem tying with best technology companies and bringing the best cyber talent to India,” he explains.
Cyber security has become challenging with new threats emerging each day. In the case of the recent Equifax attack, the attacker has sent a lot of malware into the application so much so that he flooded the application and it crashed. The memory offer stayed over there, and no one detected this. The response was not immediate. This led to the consumer credit rating agency’s CEO losing his job besides compromising credentials of 146 million Americans. The threat such attacks expose enterprises to, has become immense.
He said, “At Tech Mahindra, we are trying to proactively detect and block the adversary before the attack actually happens. We have customers globally in telecom, healthcare, retail, logistics, transportation, banking, financial services and insurance (BFSI) and manufacturing. The first one hour of the attack is the golden hour to detect and counter it. Attacks are never cleansed, so we can always detect the trails and traces of who could have done it. Cyber teams have to be ready for bigger attacks. Of all the sectors, BFSI, healthcare, telecom, oil & gas, power, military, fintech, retail and government are the top vulnerable sectors, globally.”
Tech Mahindra has deployed detection technologies, cyber security tools and cyber experts who can handle forensics and incident response. US-based startups in artificial intelligence and data analytics had also been roped in to strengthen the risk handling capabilities. The company has been able to classify and group the vulnerability of assets for its clients with the use of technology.
Singh adds, “We are keen to be ahead of the crime. We also work with global original equipment manufacturers (OEMs) from Israel, UK and the US. We have partnered with companies such as BAE Systems of UK and Israel Aerospace Industries of Government of Israel. We are able to analytically identify the probability of attack.”
He said, with the help of big data analytics, the company is ensuring that its clients’ data and assets are safe. It is able to assure that the cyber-attacks are being tackled and blocked, besides ensuring that there is no impact. It has kept in place people, processes and technology.
On the skill development front, the company is going to colleges and readying cyber capable people. Singh opines managing a firewall is not cyber security. The college curriculum should include areas that have to make the resources take care of incident response through certification. Even there is a need for companies to educate their employees to handle email phishing.
“Awareness needs to be created among employees that their company can be breached. We are carrying out employee awareness programmes. Insider behavior analytics is becoming important,” he added.