Advanced Threats: Improving ResponseFireEye's Chonker on Government Security Challenges
With a broad spectrum of Digital India initiatives announced in July, the Indian government is receiving a lot of attention from security circles. It is also recognizing that it has a big target painted on its back. With threats such as advanced persistent threats and targeted attacks, how equipped are Indian government entities to detect and mitigate the risks?
Security is no longer delegated to a subsidiary function in government, says Ranndeep Chonker, Director of Global Solutions Providers with security services vendor FireEye. However, given the level of maturity in the government sector, security has tends to be reactive, he says, and is not commensurate with the contemporary threat landscape. A report released by FireEye several months back highlighted how Indian government and defense assets, among others, had been compromised by threat actors for 10 years without detection. [Please listen to: Inside An Elite APT Attack Group]
"The biggest challenge in the government sector is that the maturity level for entities within the government differ from organization to organization," Chonker says. "While some of them are still looking at perimeter security and managing commodity malware, there are others that are looking at setting up 24x7 security operations to cover critical assets. It's a wide spectrum."
The government needs to shed traditional security approaches and get familiar with the attacks and vectors that are targeting them actively, Chonker asserts. Without understanding the attack vectors and the kinds of threats facing agencies, the likelihood of successful remediation in the case of targeted attacks and APTs is bleak. [Please see: Security: The New Measure of Success]
In this exclusive interview with Information Security Media Group, Chonker shares his perspective on the security challenges in the government domain in India, especially with regards to APTs and targeted attacks. He also shares:
- His views on Digital India;
- Recommendations for the government to ramp up security;
- The growing dependence on third parties.
Chonker is the Director for the Global Solutions Providers business unit in FireEye, based out of New Delhi. He was with Mandiant in India at the time of its acquisition by FireEye and has served previous stints with HP ArcSight and BEA systems. He has over 17 years of experience in the technology space.