Amid AI-led cyber threats, upskilling and investments need of the hour for India: Palo Alto Networks' Anand Oswal

Advancements in artificial intelligence have increased the potential of cybersecurity threats, noted Anand Oswal, SVP of Palo Alto Networks. He added that cyberthreats have evolved in the past few years, making real time response the need of the hour.

In an interaction with Business Today, Oswal said: “AI has lowered the barrier to entry for hackers, because now they're able to use not AI alone, but open source tools. With AI, they can generate variation, etc.”

The evolution of cyber threats

The SVP of the cybersecurity company pointed out that cyberattacks have become more sophisticated in the past few years, and real time solutions have become the need of the hour.

He said: “Attackers are getting more and more sophisticated and threats are getting more and more evasive. What worked three years ago is not going to work today.”

Multiple studies have pointed to the need for improvement in India’s cybersecurity infrastructure amid newer and more sophisticated cyber threats. The Massachusetts Institute of Technology (MIT) Technology Review CyberDefense Index (CDI) has placed India at a 17th position out of 20.

Oswal added that the new range of cybersecurity threats now call for real time response. He explained that in the past, many cybersecurity solutions primarily relied on signature-based detection systems, which involve identifying known threats based on specific patterns or signatures. When a new threat was discovered, security teams would create a signature or update their databases to protect against it. However, the effectiveness of this approach has diminished over time due to the evolving tactics of cybercriminals, such as zero-day vulnerabilities and rapid attack vectors.

“A few years ago, what we did to protect against threats was really using a signature or database centric approach. Which means, when we saw a particular threat, I would build a signature of that threat and patch my network security products, and now nobody else was infected by that threat. It took me 24 to 48 hours in this process. That no longer works because even if you have one second difference between the time you know a threat and dispatch, attackers will optimize that window of opportunity. So, you need to really provide real time or near real time security,” he explained.

India under cyber attacks

India’s public as well as private sector have been under the radar of cyber threats. As per data from Meity, in the first half of 2023, 36 government websites experienced hacking incidents, and over 4.29 lakh cyber security incidents related to financial institutions were recorded.

Data from cybersecurity firm CheckPoint Research showed that weekly cyberattacks in India’s private sector have increased by 18 per cent in India in 2023, as against an increase of 7 per cent globally.

Countering cyberthreats

The most immediate solution to these threats is upskilling and strategic investments, the SVP stressed.

“There is a need for investments. Also, there's also a lot of need for upskilling, and having security and cybersecurity awareness programs, because even in spite of all the automation, in spite of all the talk of AI and algorithms and whatnot, we will still have a significant shortage of cybersecurity skills,” Oswal explained.