FireEye enabling its partner ecosystem and customers to  quickly navigate and transit to the new normal

FireEye eliminates the complexity and burden of cyber security for organizations with a single platform that blends innovative security technologies, nation-state grade threat intelligence and Mandiant consulting. The intelligence-led security company is working as a seamless, scalable extension of customer security operations. 

In a chat with VARINDIA, Shrikant Shitole, Vice President, India and SAARC, FireEye shares his thought on the current security landscape in India, the need of cyber security in the recent unprecedented time, how FireEye is leveraging its solutions for its end customers and channel partners, etc.

The present threat landscape in India 

According to Shrikant, the recent ASEAN-India summit flagged the increased connectedness, digitization and work from home environment, have accelerated the dangers related to cyber threats. Phishing campaigns, COVID-19 research breaches, and other cybercrime related activities have witnessed an uptick as organizations take their operations remote. The need for state-of-the-art cyber surveillance is now more important than ever for Indian businesses to gear up for the challenges of the “new normal”. 

He says, “This unprecedented global pivot to remote work situation has left many organizations exposed to bad actors and potential cyber risks. The spike in incoming connections from untrusted networks and devices are presenting them with the very real challenge of filtering genuine and malicious traffic amidst heavy loads on their remote access solutions. The use of unmanaged devices is also opening doors as adversaries have shifted quickly to exploit the newly increased attack surface and overstretched IT resources. This rapid shift in the threat landscape has left organizations scrambling to scale their security systems to meet the rise in the use of personal home networks, handheld devices, and apps beyond the scope of the enterprise environment.”

Pandemic and FireEye 

Shrikant depicts clearly how the pandemic has propelled organizations and societies to switch to remote working formats and adhere to social distancing measures. But it has been observed that cyber criminals are profiting this crisis.

“Through our security innovations and real-time threat intelligence, FireEye has enabled our partner ecosystem and customers to quickly navigate and transition to this new normal. To further strengthen cyber security walls, FireEye has launched its new SaaS based platform called the Mandiant Advantage - Threat intelligence which helps organizations gauge real time threats. With Mandiant Advantage, organizations are now better prepared for attacks, and more importantly, stay one step ahead from ambush,” utters Shrikant.

The types of attacks FireEye has witnessed during this period

The significant shifts in the threat landscape FireEye is currently tracking include:
•    The sudden major increase in a remote workforce has changed the nature and vulnerability of enterprise networks. 
•    Threat actors are now leveraging COVID-19 and related topics in social engineering ploys.
•    They anticipate increased collection by cyber espionage actors seeking to gather intelligence on the crisis.
•    Healthcare operations, related manufacturing, logistics, and administration organizations, as well as government offices involved in responding to the crisis are increasingly critical and vulnerable to disruptive attacks such as ransomware.
•    Information operations actors have seized on the crisis to promote narratives primarily to domestic or near-abroad audiences.

Shrikant perceives, “The same threat actors and malware families that we observed prior to the crisis are largely pursuing the same objectives as before the crisis, using many of the same tools. Threat actors have always capitalized on major events and crises to entice users. Many of the actors who are now using this approach have been tracked for years. We have seen it used by several cyber-criminal and cyber espionage actors, and in underground communities some actors have created tools to enable effective social engineering exploiting the coronavirus pandemic. Nonetheless, COVID-19 content is still only used in two percent of malicious emails.”

Enabling customers in the present WFH scenario

Commenting on adaption of a remote and distributed workforce, Shrikant says organizations need to focus on protecting identities and applications regardless of whether they are in the corporate network or the cloud. The sudden shift to remote working for some organizations and the acceleration of a work-from-home culture introduces new risks.

He briefs, “At FireEye, we offer Cloudvisory as a means of combining cloud visibility with unrivaled insights into the threat landscape. Fully integrated into the broader FireEye cloud security portfolio, Cloudvisory now offers customers instant deployment across their cloud infrastructures, and further capabilities in security analytics through FireEye Helix and advanced threat detection through FireEye Detection On Demand. Building upon the FireEye cloud solutions portfolio, Cloudvisory is a cloud-native security solution that gives security team’s unified control over cloud sprawl and infrastructure misconfiguration.” 

“Our security instrumentation platform – Mandiant Security Validation – continuously measures, tests, and improves cyber security effectiveness. Our Mandiant Consulting, Managed Defense and Threat Intelligence services augment organisations with the resources and knowledge necessary to respond to and protect organisations against the most advanced threats,” comments Shrikant.

FireEye aiding its partners

Shrikant further goes on how FireEye is leveraging its services for its channel partners during the fight against the pandemic. “We recognize that in times of uncertainty, bad actors do not rest; in fact, they seek to take advantage of unrest and disruption. To that end, we remain laser focused on our mission of protecting our customers and partners from cyber-attacks and threat actors. Our channel partners are our Force Multipliers and an integral part of our extended sales force. We are constantly finding new ways to deliver real-time training, content and security insights to them. For example, we held the first virtual APAC Partners Summit 2020 in July this year where we recognised our partners for their contributions while delivering a customised program to engage them in growing the FireEye business,” concludes Shrikant.