Indian companies are investing more on securing their data rather than pumping more money into technology as they try to build comprehensive solutions to prevent hackers from attacking their network, said Sanjai Gangadharan, regional director SAARC of A10 Networks.
“IT budgets are shrinking and security budgets are going up,” Mr. Gangadharan said in an interview. “Security investments or budgets in India have doubled or even tripled. There are now security departments under a chief information officer, chief security officer or a risk officer, which are being allocated a lot of budgets. IT budgets are shrinking because it is mostly pay-as-you-go model now, and there is less capital expenditure required. “Also, overall costs are coming down. Here, the device cost may come down, but the need for building an overall solution which has more components, and upgrading it with more features and functionalities, that is on the rise.”
Global spending on information security products and services will reach more than $114 billion in 2018, an increase of 12.4% from last year, according to an August 16 report from Gartner, Inc.
Key drivers
In 2019, the market is forecast to grow 8.7% to $124 billion. Privacy concerns, persisting skills shortages and regulatory changes such as EU’s Global Data Protection Regulation are the main drivers, said Siddharth Deshpande, research director at Gartner.
A recent attack on Singapore Health Services (SingHealth) network compromised personal health records of 1.5 million patients in the island and reinforced the need to view sensitive data and IT systems as critical infrastructure, he said. A10 Networks, a New York Stock Exchange-listed cybersecurity firm, providing networking and security solutions, is headquartered in San Jose. “Today everybody has realised that PCs, servers, networks, applications have all become commoditised. One can go and pick any of it up, very easily. Now what all this generates is a huge amount of data. This data belongs to the enterprise. “And the security of this data, in terms of who should access this data, where should it be accessed from, where should it be stored, all of this will always be the decision of the enterprise. So what will remain with the enterprise is two things — one is the storage of data, how to store the data, where to store it and in what form, and the second is how to keep this information secure.
“This data becomes information once it is processed, so how to secure this information in terms of security at rest and security while the data is in motion. So for both storage and security of data, the decision will be that of the enterprise and will always remain so. This will not go out of the enterprise. So, investments in these two areas will happen consistently,” Mr. Gangadharan said. He cited an example of an Australian bag manufacturer who made expensive handbags for women. A customer could buy the bags only by invitation. “But, the problem they faced is that the day a product releases on the market, China makes a copy of the same and sells. They wanted to know the leak point. For this, when they dug deep to find out how this was happening, they realised that it was happening from inside the organisation itself.
Someone in the company was leaking the information via email. They ended up plugging the issue.” “This is a threat, and these kinds of issues could happen to anyone. In this case, their exclusivity of having an invitation-based purchase was lost when copies started mushrooming in the market. These are ways in which organisations could lose their reputation.”