Be More Proactive in Addressing Security Issues: Check Point Regional Director

IDG News Service - Investing in security has become one of the topmost priorities of enterprises, given the recent increase in cyber-crime incidents. We spoke to Bhaskar Bhaktavatsalu, regional director -- India and SAARC, Check Point, about the changing security landscape and how Check Point has been faring in the market.How do you see the threat landscape evolving for enterprises in India?From the Indian perspective, on the security trends issue, we have a culture that is reactive when it comes to investments on security, meaning we wait for things to happen and then react. I think in the last few years, enterprises that conduct business abroad have become quite matured with regard to their investment in security. But when it comes to Indian enterprises that service the domestic market, the shift has been somewhat delayed. Features such as data encryption, data loss prevention (DLP), and end-point security are now being increasingly adopted besides the firewall. Moreover, end-point security is not about just anti-virus, which is more reactive. Today, the bot is a big threat, but many companies think they are well protected against it. Check Point's anti-bot solutions have a tool called 3D assessment which conducts a health check on the infrastructure. So, the moment we conducted this health checkup, bots were found even in the best of the infrastructure. Enterprises are looking at investing in threats that will get into the network, and they haven't focused or made investments on communications which go out of the network. Companies always feel that their network is the best and no malicious agent will go through. We give it (3D assessment tool) as a free service and it's not given only to our customers, but also to organizations that don't use our products. It's not necessary that they have to buy Check Point products, but as we say, at the end of the day whatever product you use has to be up to the mark. But one good outcome has been the compliance driven by the government whether it is in the BFSI, or telecom, or other sectors. Government regulations have made it very clear that in every network, the firewall has to have an IPS and other related conditions. Now every telecom service provider is invested in IPS, while there was no such compliance earlier.How have your products been faring in the Indian market?Six to seven years back, people only asked for firewall and VPN. So, firewall and VPN are part of our product portfolio already. Customers can pre-configure the dedicated appliance and buy the features that they need. IPS, for the last two years, has been a great business for us in India. From the technology perspective and cost perspective, our growth in IPS in India and globally has been phenomenal. Nowadays, everyone wants an anti-bot solution. SMBs are not really keen on these, but enterprises have a default need for anti-bot solutions. What according to you is your USP that sets you apart from competition?Our approach to the market has completely changed in the last two years. What vendors do today is they sell a particular product by telling clients there is a need for it and that they better buy it. This is done without considering whether the product does the required work, or whether it understands the business needs. Does it translate into reality whatever it claims to achieve in the whitepaper and the website? This is the biggest challenge. You buy the product for so many reasons, and you don't even know whether it will perform or not. So, you assume that if your system integrator says that everything is working fine then you are happy--until and unless there is a crash. When we approach customers, we don't go and talk about products. Instead, we talk about the threat landscape from advanced persistent threats (APT). APTs, unlike viruses, are very difficult to counter. People wouldn't even know that their machines have been infected by a perpetrator who delivers a bot to control them. The perpetrator can then go to another third party and say that he has ten machines infiltrated and a DDOS attack can be launched whenever required. So, in effect, the perpetrator uses the company's laptops and desktops to launch the actual attack. In the industry, from a network vendor's perspective, Check Point's anti-bot solution was much appreciated by companies, and people are also looking at how we can sell it under a SaaS model. We try to be a consultant/advisor to the client company, understand their needs and their business, then suggest a solution from a consultative angle. We want companies to look to us as an advisor, rather than a technology vendor who is bent on just selling the product. People trust us: Companies have allowed us to be part of their budget process and of their roadmap when it comes to security. Many companies take our inputs on whether they are doing things the right way or on what should be taken care of in the future. This helps us position ourselves rightly. This approach is very unique as far as OEMs are concerned. Also, Check Point's solutions are not cheap, but certainly affordable. Eric Ernest is a correspondent for CIO India and ComputerWorld India. Send your feedback to eric_ernest@idgindia.com