Category: Latest

Anil Puri CMD, APS group A first generation serial entrepreneur, thought leader and an action catalyzer rolled into one – Anil Puri is a rare combination of a visionary, an innovator and a strategic thinker. He has used this combination to innovate and implement on-ground many new business ideas. His rich experience in various businesses has enabled him to nurture & mentor innovative ideas and scale them up. Introduction Skill development is imperative for socioeconomic development of a country. Skill development ecosystem in India encompasses broad policy and structural framework that govern the skill development activities at state and central level. Under Skill India campaign about 20 central ministries/ departments including Ministry of Skill Development and Entrepreneurship are involved in the implementation of more than 40 schemes for various skill development programs. The push for a policy-backed skill development initiative is a significant step towards realizing the potential of the workforce by enhancing its employability. India’s largest skill certification scheme, Pradhan Mantri Kaushal Vikas Yojana (PMKVY) was approved on 20 March, 2015 and was subsequently launched on 15 July, 2015, on the occasion of World Youth Skills Day to be implemented by National Skills Development Corporation (NSDC) under the guidance of the Ministry of Skill Development and Entrepreneurship (MSDE). With a vision of a ‘Skilled India,’ MSDE was put on mission mode to skill India on a large scale with speed and high standards on the platform of flagship scheme PMKVY to drive towards greater realisation of this vision. Owing to the its successful first year of implementation, the Union Cabinet further approved the scheme for another four years (2016- 2020) to impart skilling to 10 million youth of the country. This was undertaken in the light of the Government’s recent skill gap analysis revelation that more than 12 million youth between 15 years to 29 years of age are expected to enter India’s labour force every year in the next two decades and by 2022, another 109 million skilled workers will be needed in the 24 keys sectors of the economy. At present, only 2.3 percent of India’s workforce has received some formal skill training leading to acquire job specific occupational skills. Govt also took note of the fact that the delivery of skilled manpower declined from 7.58 points in 2005 to 5.75 points in 2014 which put India at 48th position out of 60 countries surveyed in IMD world talent ranking. While all was moving smoothly in the direction, The COVID pandemic dealt a severe blow to the Skill India Mission resulting in further widening of skill gaps to alarming levels thus adversely affecting the economic activity. Pradhan Mantri Kaushal Vikas Yojana (PMKVY) Pradhan Mantri Kaushal Vikas Yojana (PMKVY) is the flagship scheme of the Ministry of Skill Development Entrepreneurship (MSDE). The objective of this Skill Certification Scheme is to enable a large number of Indian youths to take up industry-relevant skill training. The trainings are given in the following sectors such as: agriculture, healthcare, automotive, apparel, BFSI, beauty and wellness, construction, capital goods, food processing, furniture & fittings, green jobs, gems and jewellery, handicrafts & carpets, IT and IT-es, iron and steel, logistics, life science, management, mining, media & entertainment, power, plumbing, retail, tourism and hospitality and telecom. Stakeholders The scheme has different stakeholders who are responsible for successful implementation of the entire programme. The key stakeholders are – Ministry of Skill Development & Entrepreneurship (MSDE), National Skill Development Corporation (NSDC), Sector Skills Council (SSC), Training Providers, Assessment Agencies, Assessors, State Government, State Skill Missions, Local Administration, UIDAI, Banks and Individuals. NSDC is the main implementing agency which controls and monitors different programmes to be implemented by the central government. SSCs are assigned to identify the specific job roles for which trainings are to be provided through PMKVY. SSCs also affiliate training collaborate both from government as well as from private sectors to impart training. Since training should be followed by assessment; it is the responsibility of the SSCs to recruit third party agencies to conduct assessment for the training programmes conducted. Once the allocation is done, both state governments as well as private training partners have to mobilize the prospective candidates who are in real need of skill training to meet the requirement of the skilled manpower in industry. At the last, NSDC awards the reward money and the certificates on successful completion of the training programme. Key Components of PMKVY The PMKVY scheme has been divided into six components. Every component has its own objectives and set of target audiences. Not all are equally required to be absorbed in each of the schemes. Once, the SSC have identified the job role and various sectors where the skilled manpower is required, there is a need to identify the proper implementation and stages to be followed during the entire plan period. The authorities have divided the schemes into six components: Short Term Training, RPL, Special Project, Kaushal and Rozgar Yojna, Continuous Monitoring, Placement Assistance and Standardizing Monitoring and Communication. India’s Current Skill Analysis In 2015 a study assessed the skill capacity of Indian workforce through general education and vocational training level to be extremely low i.e., around 38% of the workforce were not even literate, 25% with below primary or up-to primary level of education and remaining 36% having an education level of middle and higher level leaving rest of only 10% of the workforce which is vocationally trained (with 2% formal and 8% informal training). The current data suggests that only 2 to 2.3% of the workforce in India has undergone formal skill training as compared to 68% in the UK, 75% in Germany, 52% in USA, 80% in Japan and 96% in South Korea. The workforce in India has little or no job skills that make them largely unemployable. It is an alarming signal for India which has the youngest population in the world. There is a lot of scope for India to provide its workforce with appropriate skills. As per the 12th Plan…

Prama India has bagged ‘Tech-SME of the Year’ award at the 8th MSMEs Excellence Awards Ceremony and Summit held on March 9th, 2022 organised by ASSOCHAM, the apex trade body, in New Delhi. The award was received by the Prama India team at the Award ceremony. Addressing the 8th MSMEs Excellence Awards and Summit, Narayan Tatya Rane, Minister of Micro, Small and Medium Enterprises (MSMEs) said that the MSME sector plays a significant role in nation-building, regional balance, economic contribution, and job creation. Talking about the importance of the sector in nation-building and economy, he said, “The MSME sector will help in making a truly Aatmanirbhar Bharat. I promise to provide all the credits required to make the MSMEs grow. We have set up various training centers to help the sector. The government is committed to supporting the MSMEs through friendly policies, bringing in the latest technologies, setting up training centers and providing credits.” Organised under the theme ‘Enabling Indian MSMEs to Go Global,’ the summit was organised by Bhanu Pratap Singh Verma, Minister of State (MoS) of MSMEs. Praising ASSOCHAM for organising the summit, the MoS stated that the MSME policies and commitments are designed and executed for the benefit of entrepreneurs and business persons. “The ministry is initiating and doing its best to resolve finance-related difficulties with banks in relation to MSME and are working to overcome all of the challenges faced in this sector,” he said. Praising the small enterprises and startups for performing admirably during the pandemic, he also talked about Rs. 3 lakh crore that have been set aside for further assistance under the ECLGS (Emergency Credit Line Guarantee Scheme) scheme. He added, “The goal is to increase employment possibilities for 15 crore people.’’ Highlighting the issue of rising costs of imports, he suggested that import margins can be reduced by increasing domestic production under the ‘Make-in-India’ program. Sharing his thoughts on winning the award, Ashish P. Dhakan, MD & CEO of Prama India Pvt. Ltd. said, “Prama India is focusing on indigenous manufacturing of security products and solutions by setting a new benchmark of excellence. This award for Prama India is a timely recognition of our relentless efforts and innovations in raising the bar of India’s indigenous security product manufacturing. PRAMA has got this prestigious award from ASSOCHAM for the contribution in the field of indigenous manufacturing. We are successfully laying the foundation of Atmanirbhar Bharat by promoting the cause of indigenous manufacturing of security products. This award strengthens our resolve to continue to focus on security technology innovations and indigenous manufacturing going forward.” Micro, Small and Medium Enterprises (MSME) sector has been the key focus of policy makers from the central government and state governments as it is very important for overall economic growth and development in terms of employment, value chain creation, foreign exchange earnings, support to large industries, promotion of regional balance and inclusive development etc. Keeping in mind of the contribution and significance of the MSME industries to overall economic growth and development, ASSOCHAM initiated many activities in the past to support the MSMEs and one of the key initiatives were ASSOCHAM MSMEs Excellence Awards.  

Optimized cloud performance for office-based and remote users Reinforced security and streamlined management for all types of enterprises SASE will bring more value to existing SD-WAN customers Orange Business Services, a global network-native digital services company, and Fortinet®, a global company in broad, integrated, and automated cybersecurity solutions, are partnering to deliver a disruptive approach to Secure Access Service Edge (SASE) by integrating Fortinet’s security-driven networking technologies into the Orange telco cloud infrastructure. This reinforces security and networking convergence, while optimizing performance regardless of the user’s location. Unlike other SASE service delivery offers on the market, this seamless approach – with built-in integration and automation – ensures real-time service updates and an unparalleled user experience. Digital acceleration, the move to ‘work from anywhere,’ and the adoption of cloud connectivity have altered how network infrastructures and security need to be constructed. SASE converges networking and security in the cloud, supporting dynamic, secure internet access as part of a ‘work-from-anywhere’ strategy to connect everyone and everything using cloud-based applications. SASE extends security capabilities, allowing all types of enterprises to take advantage of zero-trust network access and firewall-as-aservice, for example, regardless of location. Unparalleled user experience This next chapter in the Orange-Fortinet partnership, which has also yielded Flexible SDWAN based on Fortinet Secure SDWAN, provides the foundation for cloud-native transformations at scale for improved business agility and resilience. The result is a fully controlled end-to-end globally available SASE solution that bridges the gap between the user and the application. It delivers a secure and managed service from the Orange telco cloud infrastructure, boosted by cybersecurity expertise and capabilities with Orange Cyberdefense. “Digital acceleration and the shift to support ‘work from anywhere’ is driving the hybrid convergence of networking and security to enable zero trust across all edges. Expanding upon our longstanding relationship with Orange, we’re pleased to further integrate our Security-driven Networking technology into the Orange infrastructure to enable a converged networking and security solution, unmatched in terms of visibility, management capabilities, resilience, and user experience,” explained Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet. “This innovative partnership is a continuation of our cloud-focused network evolution. By integrating Fortinet Security-driven Networking technologies into the Orange telco cloud infrastructure, we enable our customers to easily adopt a cloud-native environment that is increasingly critical for businesses globally. At Orange Business Services, we facilitate the deployment and take-up of technologies that drive innovation and business growth for our customers in a fast and secure way,” said Anne-Marie Thiollet, EVP, Global Solutions, Orange Business Services.  

Hikvision India, an IoT solution provider with video as its core competency, has showcased its latest innovative security technologies and solutions at PACC 2022, Goa. It has recently participated as the presenting partner for the 8th edition of Fire and Security Association of India’s Project heads, Architects & Consultants Conclave (PACC). FSAI’s PACC Conclave is aimed at bringing the project heads, architects, consultants, system integrators, OEMs, and end-users on a common platform. The focus of PACC is to provide the platform for presentations and deliberations on tech-talks, technology evolutions, best practices, implementation, standards & codes, market challenges and growth in the industry. The event was organised at Taj Resort & Convention Centre, Goa from 3 to 6 March. This event witnessed a participation of about 500 delegates. Commenting on the success of the event, Ashish P. Dhakan, MD & CEO, Prama Hikvision India said, “Hikvision has partnered with FSAI’s PACC Conclave to evangelise the latest innovative security technologies among the project heads, architects and consultants community. We are here to share Hikvision’s next generation technology solutions and latest innovative products with the industry leaders and technology experts. Together with FSAI, we are striving to evangelize the adaptation of latest security technologies and solutions based on AI, Deep Learning Big Data and Robotics. In line with FSAI’s motto to make Surakshit Bharat, Hikvision invites project heads, architects & consultants community to join hands in providing the best-in-class solutions.” He further added, “PACC 2022 turned out to be a perfect platform for Hikvision to showcase innovative technologies and solutions.” Hikvision booth at FSAI’s PACC event showcased ColorVu and AcuSense cameras along with command and control center. It also displayed smart building solution offered by Hikvision’s non-CCTV product portfolio, which included video door phones (smart home), AX-Hub (intrusion alarm solutions) and MinMoe face recognition terminal (access control). The booth had elaborate display of artificial intelligence solutions with DeepinView cameras and DeepinMind NVRs. Spread over three days, there were about 25 presentations (from expert professionals as well as sponsors/ product developers) and 12 panel discussions (Under the newly conceived ‘Techvarta’ segment). On 3rd March after the keynote address, Gagan Lamba, Vice President, Enterprise Verticals, Prama Hikvision India gave a impactful presentation on the theme ‘Top Trends for Security Industry in 2022.’ On the next day i.e., 4th March, Ashish Gujarathi, Assistant Vice President (AVP) – Non CCTV Products (alarms, access & entrance control, inspection and VDP), Prama Hikvision India participated in a panel discussion on the theme ‘Enhancing Security Capabilities using AI & IoT.’ He also gave a presentation on 5th March on the topic ‘New Age Authentication & Scanning Systems.’ Screening of relevant fire and security solution videos as well as Q and A sessions were well received. The engaging panel discussions, presentations and interactive sessions with the participants provided valuable insights.  

Qognify recently announced the appointment of its Director of Program Management: Professional Services. Pavithra Subramanian joins a Professional Services team that provides a premium service to the company’s global customer-base, assisting with new system installations and migrations, upgrades, audits, configurations, troubleshooting and consultations. Pavithra Subramanian is an experienced program management leader with 14 years of experience across supply chain products, cloud infrastructure, SaaS software, business intelligence analytics platforms and construction management software. Subramanian joins Qognify, following a six-year tenure at Brother, USA where she led a delivery team to drive supply chain product roadmap and implementation. Commenting on her new role, Subramanian states, “Diligence and nimbleness are key to delivering business outcomes. Throughout my career I have enjoyed collaborating with business leaders, to harness the power of technology in often complex organizational environments. Qognify provides the opportunity to work with best-in-class products and an experienced, visionary team, to achieve the right results for our customers.” SVP Global Services at Qognify, Minnie Punj-Introne, explained the importance of Qognify Professional Services, “Qognify provides its solutions to organizations around the world that place a premium on security. Our customers have access to the highest quality Professional Services, Our methodology and best practices ensures our customers get up and running quickly to achieve their evolving security, safety and operational objectives.” Minnie Punj-Introne added, “Pavithra brings with her a wealth of program management and leadership experience that is invaluable to our team.”  

ITShastra, a leading IT services provider, recently announced the company has completed the Service Organization Control (SOC) 2 Type 1 audit – a critical barometer of a robust information security system. The audit indicated that ITShastra and its industry-leading technology platforms and solutions comply with the highest cybersecurity standards that ensure the best IT governance concerning data storage, client privacy, and confidentiality in the current cloud-native environment. SOC 2 is a voluntary compliance standard for service organizations, developed by the American Institute of Certified Public Accountants (AICPA), which specifies how organisations should manage customer data. Compliance with SOC 2 specifications indicates that an organisation maintains a high level of information security that reduces risks arising from cyber breaches. With this certification, ITShastra showcases its robust cybersecurity architecture with a Zero Trust security approach to all network endpoints. The company works with many hyperscaler cloud service providers and such certification will provide a further boost to its various cloud offerings. “Cybersecurity has emerged as the cornerstone of any digital enterprise. While the COVID pandemic has accelerated the pace of digital transformation, it has simultaneously given rise to a plethora of cyberattacks. At ITShastra, we are deeply committed to the aspect of client privacy and confidentiality. With the completion of SOC 2 Type 1 audit, we take that commitment to the next level with an unwavering focus on data safety and security in this cloud-native environment,” said Sanjeev Dahiwadkar, Founder & CEO of ITShastra. The World Economic Forum’s ‘Global Cybersecurity Outlook 2022’ report showed that ransomware attacks rose 151 per cent in 2021 with an average of 270 cyberattacks per organisation being faced during the year as connected devices proliferated amid the COVID pandemic. Each successful cyber breach cost a company $3.6 million, the report noted. Against this backdrop, ITShastra’s robust cybersecurity framework puts it in good stead to serve enterprises across the globe in their digital transformation journey. ITShastra is a global IT services provider with leading capabilities in consulting, software development, testing, design, and next-generation digital solutions. With two decades of experience, the company has unmatched experience in the BFSI (banking, financial services, insurance) sector with more than 3 million hours of hands-on turn-key project management experience. With ISO 9001 and ISO 27000 certifications, ITShastra offers a comprehensive range of services that are powered by Microsoft Azure & AWS-based cloud solutions. Headquartered in Mumbai, India; the company has multiple software development centres across the globe that work as co-innovation hubs for businesses.  

Forcepoint is simplifying security by integrating Zero Trust and SASE security technologies to safeguard access and data use across web, cloud services, and private applications All-in-one cloud platform enables security teams to manage one set of policies via a single console for technologies such as Secure Web Gateway, Cloud Access Security Broker and Zero Trust Network Access With Forcepoint ONE, organizations need fewer security vendors in their infrastructure, dramatically reducing the costs and burden of managing 50+ point products Global security company Forcepoint recently launched Forcepoint ONE, the industry’s first ‘easy button’ for securing enterprises with hybrid workforces. The Forcepoint ONE all-in-one cloud platform simplifies security for both traditional and remote workforces, allowing users to gain safe, controlled access to business information on the web, in the cloud and in private applications. Forcepoint’s strategy helps customers reduce the management burden of traditional point product approaches and simplify security operations with fewer vendors and significantly reduced costs. In the December 1, 2021 Gartner report, ‘Predicts 2022: Consolidated Security Platforms Are the Future,’ the authors wrote, “By 2025, 80% of enterprises will have adopted a strategy to unify web, cloud services and private application access from a single vendor’s security service edge (SSE) platform.” They continued, “Single-vendor solutions provide significant operational efficiency and security efficacy, compared with bestof-breed, including reduced agent bloat, tighter integration, fewer consoles to use, and fewer locations where data must be decrypted, inspected and recrypted.” Forcepoint ONE makes it easy for customers and partners to adopt Security Service Edge (SSE) by unifying crucial security services including Secure Web Gateway (SWG), Remote Browser Isolation (RBI), Content Disarm and Reconstruction (CDR), Cloud Access Security Broker (CASB) and Zero Trust Network Access (ZTNA). Integrated Advanced Threat Protection (ATP) and Data Loss Prevention (DLP) also keeps malware out and protects sensitive data across business applications and BYOD devices, eliminating the need for fragmented products. With Forcepoint ONE, security teams can now manage a single set of policies across all apps, from one cloud-based console, through one endpoint agent, with agentless support for unmanaged devices. “We’re seeing two worlds collide today. The security market is consolidating from portfolios of products to richly integrated plat forms at the same time CISOs are demanding an ‘easy button’ for security. Clearly, the old approach of managing 50+ point products isn’t working when supporting hybrid work environments with 75 percent of workers remote and billions of unmanaged devices connecting to business resources,” said Manny Rivelo, CEO of Forcepoint, “Forcepoint ONE makes security simple by reinventing the alphabet soup of security functions that people used to assemble individually into a truly cloud-native Zero Trust platform with one set of policies managed in one place.” Security Simplified Simplifying security can be a daunting task because users can work from anywhere, browse high-risk websites and connect to unmanaged SaaS apps from unmanaged devices. Forcepoint’s all-in-one approach allows one security policy to enforce rules and prevent unauthorized information access or sharing. For example, a contractor for a financial investment firm could safely access the firm’s internal auditing application without a VPN or edit a Microsoft 365 document from a personal mobile device but be prevented from downloading the file or sharing it to another third-party site. The secure access is achieved through the combination of ZTNA, CASB and SWG working in concert and transparently from a single set of policies, complete with advanced threat protection and integrated data security. With access to over 300 global points of presence (PoPs) built on AWS, employees gain fast, low-latency connectivity and 99.99% uptime regardless of where they are working. Availability Gartner has positioned Forcepoint (Bitglass) as a Visionary in the 2022 Gartner® Magic Quadrant™ for Security Service Edge (SSE). Forcepoint ONE is built on this foundation. Annual per-user subscriptions to Forcepoint ONE are available immediately. Customers can choose an all-in-one edition for web, cloud, and private app security. Or, start with the web-security edition and add support for cloud and private apps later. All subscriptions include centralized cloud management, unified policies with data loss prevention, automated access via a unified endpoint agent, and comprehensive reporting. Additional advanced threat protection capabilities will be available later this year.  

Allied Telesis, a global company in connectivity solutions and intelligent networking tools announced that it has appointed Jason Nadar as Country Manager for India and SAARC. This appointment will add to Allied Telesis’ growth strategy in the region with its portfolio of products and technologies providing IoT and SDN solutions for customers in large enterprise, government and critical infrastructure. Known as a leader in video networking Allied Telesis is engaged in the development and production of more intelligent, autonomously controlled and managed systems aimed at meeting the demands of a ‘smart world.’ As a network switching specialist, Allied Telesis provides solutions that are easier to deploy and easier to use which is a compelling value statement driving customer adoption. Jakub Duch, VP DevOps and Marketing Europe overseeing India operations said, “Allied Telesis has the products, skills, and resources to offer end-to-end networking solutions across multiple industries. Jason Nadar brings a wealth of experience and skills to work in large projects along with the knowledge of how to integrate all the pieces for a successful customer outcome. The Allied Telesis team is knowledgeable, engaging, and consistently enhances the value we can deliver when tackling a customer’s complex needs. Combine that with robust leadership and we have engineered a long-term vision to create lasting wins in this market.” “Allied Telesis is involved in some of the most advanced and innovative next-generation research serving the needs of the network communications industry for over 30 years. In a post-pandemic era, the need of the hour is for networks to be defined by software that configures, secures, manages, and automates the infrastructure and Allied Telesis is uniquely positioned to fulfil that need. I look forward to leveraging my experience to lead the company in expanding our footprint with partners, enterprises and SMEs to increase the adoption of our cutting-edge solutions” Jason Nadar Country Manager, India and SAARC Business, Allied Telesis A 28-year industry veteran, Jason Nadar is a strong sales and pre-sales professional with a demonstrated history of delivering rapid growth with skills in networking, security, wireless technologies, VoIP and NOC-SOC (EDR, SIEM, SOAR). With an MBA focused in Leadership Management from National Institute of Business Management he has held various senior positions at Aruba Networks, 3Com, Ingram Micro and Bluecoat. In his previous role as National Sales Manager at Fortinet, he was instrumental in growing their Secure Access & New Technologies business in India and SAARC region. “Allied Telesis is involved in some of the most advanced and innovative next-generation research serving the needs of the network communications industry for over 30 years. In a post-pandemic era, the need of the hour is for networks to be defined by software that configures, secures, manages, and automates the infrastructure and Allied Telesis is uniquely positioned to fulfil that need. I look forward to leveraging my experience to lead the company in expanding our footprint with partners, enterprises and SMEs to increase the adoption of our cutting-edge solutions.” said Jason Nadar. With a portfolio of products and technologies providing IoT and SDN-enabled solutions for enterprise, government, education and critical infrastructure customers, Allied Telesis is the smarter choice. Its Envigilant™ managed services division delivers customized, state-of-the-art IoT solutions at the edge, empowering innovation, improving process agility and helping build a competitive advantage for customers globally. They are committed to providing their customers with solutions designed and built to the highest standards and quality. Their manufacturing conforms to ISO 9001 standards and all of their facilities adhere to the strict ISO 14001 standard to ensure a healthier planet.  

The front-line security workers most often lack support and the freedom to truly express themselves within the workspace. With the appointment of Satia Rai as the Welfare and Equality, Diversity and Inclusion (EDI) Director, the International Professional Security Association (IPSA) is working on making the sector a place where each and every front-line worker could be their true selves. Satia, who started her own career at the front-line as a retail security officer, has progressed into directorship roles at leading organisations and has a strong track record leading transformational change within the security sector. Along with 25+ years of experience at operational and strategic levels, Satia brings her vision of creating a culture within the industry where every person can thrive and experience a sense of belongingness. She is the co-chair of the security sector’s first LGBTQ+ group and a supporter of various initiatives that help her promote diversity and inclusivity within the industry. “Prior to Satia’s appointment we talked extensively about the culture, ethos and welfare of the IPSA front-line members and their welfare needs. It was important that we had a non-political caring person who would be there for everyone. I feel that Satia is the right person for IPSA, and the wellbeing of IPSA members. We are very proud to have her on the Board representing the EDI and welfare needs of all our members,” said Una Riley, Chief Executive Officer, IPSA. “The community we protect and help secure is diverse,” said Satia, It is important we reflect this diversity within our security workforce to be able to best serve the people within the community. With the appointment of Satia as the EDI Director, IPSA aims to ensure that its vision of giving ‘One Voice’ to the front-line security workers embraces people from every culture, gender, age and background. The Association will soon be launching the IPSA Alliance SIG, conceptualised with and led by Satia. IPSA will inform, inspire change and empower people to be themselves. IPSA is the largest security trade association in the UK with a membership of 3500+ front-line security workers. Incorporation of the Welfare and EDI directorship will help IPSA provide better support to its rapidly growing membership. Commenting on her appointment, Satia said, “It’s an honour and privilege to be joining the longest established security association in the UK. I recognise that there is still a way to go to becoming an inclusive sector. I will lead from the front when it comes to this agenda, as I know that getting it right is critical. We have made good progress in creating a diverse and inclusive security sector but we are not yet representative of the communities which we serve. We also have work to do to nurture a culture of inclusion where we can all be ourselves. Working together as a sector, we are more likely to create success and fulfilment for all of us and, together, do our best work. This strategy strives towards better representing the people and communities we serve and creating a more inclusive working environment. IPSA will lead and set ambitious goals, measure progress and shape the future of the security sector. The new IPSA Alliance SIG will innovate, inspire and engage and lead the way.”  

Fortinet®, a global player in broad, integrated, and automated cybersecurity solutions, recently announced the latest semiannual FortiGuard Labs Global Threat Landscape Report. Threat intelligence from the second half of 2021 reveals an increase in the automation and speed of attacks demonstrating more advanced persistent cybercrime strategies that are more destructive and unpredictable. In addition, the expanding attack surface of hybrid workers and hybrid IT is a focal point that cyber adversaries are attempting to exploit. For a detailed view of the report, as well as some important takeaways, read the blog. Highlights of the 2H 2021 report follow: Log4j demonstrates dramatic speed of exploit organizations face: The Log4j vulnerabilities that occurred in late 2021 demonstrate the rapidly increasing speed of exploit that cybercriminals are attempting to leverage to their advantage. Despite emerging in the second week of December, exploitation activity escalated quickly enough, in less than a month, to make it the most prevalent IPS detection of the entire second half of 2021. In addition, Log4j had nearly 50x the activity volume in comparison to the well-known outbreak, ProxyLogon, that happened earlier in 2021. The reality is that organizations have very little time to react or patch today given the speeds that cyber adversaries are employing to maximize fresh opportunities. Organizations need AI and ML-powered intrusion prevention systems (IPS), aggressive patch management strategies, and the threat intelligence visibility to prioritize those threats propagating most quickly in the wild to reduce overall risk. Adversaries rapidly targeting new vectors across the attack surface: Some lesser or low-lying threats have the potential to cause bigger problems in the future and are worthy of watching. An example is newly crafted malware designed to exploit Linux systems, often in the form of executable and linkable format (ELF) binaries. Linux runs the back-end systems of many networks and container-based solutions for IoT devices and mission-critical applications, and it is becoming a more popular target for attackers. In fact, the rate of new Linux malware signatures in Q4 quadrupled that of Q1 2021 with ELF variant Muhstik, RedXOR malware, and even Log4j being examples of threats targeting Linux. The prevalence of ELF and other Linux malware detections doubled during 2021. This growth in variants and volume suggests that Linux malware is increasingly part of adversaries’ arsenal. Linux needs to be secured, monitored and managed as any other endpoint in the network with advanced and automated endpoint protection, detection and response. In addition, security hygiene should be prioritized to provide active threat protection for systems that may be affected by low-lying threats. Botnet trends show a more sophisticated evolution of attack methods: Threat trends demonstrate that botnets are evolving to adopt newer and more evolved cybercriminal attack techniques. Instead of being primarily monolithic and focused mostly on DDoS attacks, botnets are now multipurpose attack vehicles leveraging a variety of more sophisticated attack techniques, including ransomware. For example, threat actors, including operators of botnets like Mirai, integrated exploits for the Log4j vulnerability into their attack kits. Also, botnet activity was tracked associated with a new variant of the RedXOR malware, which targets Linux systems for data exfiltration. Detections of botnets delivering a variant of RedLine Stealer malware also surged in early October morphing to find new targets using a COVID-themed file. To protect networks and applications, organizations must implement zero trust access solutions to provide least access privileges especially to secure IoT endpoints and devices entering the network as well as automated detection and response capabilities to monitor anomalous behavior. “Cybersecurity is a fast-moving and dynamic industry, but recent threat events show unparalleled speeds at which cyber adversaries are developing and executing attacks today. New and evolving attack techniques span the entire kill chain but especially in the weaponization phase, showing an evolution to a more advanced persistent cybercrime strategy that is more destructive and unpredictable. To protect against this broad scope of threats, organizations need to implement AIpowered prevention, detection, and response strategies based on a cybersecurity mesh architecture allowing for much tighter integration, increased automation, as well as a more rapid, coordinated, and effective response to threats across the extended network” Michael Joseph Director System Engineering, India & SAARC, Fortinet Malware trends show cybercriminals maximizing ‘remote everything:’ Evaluating the prevalence of malware variants by region reveals a sustained interest by cyber adversaries in maximizing the remote work and learning attack vector. In particular, various forms of browser-based malware were prevalent. This often takes the form of phishing lures or scripts that inject code or redirect users to malicious sites. Specific detections vary across global regions, but can be largely grouped into leveraging three broad distribution mechanisms: Microsoft Office executables (MSExcel/ MSOffice), PDF files, and browser scripts (HTML/ JS). Such techniques continue to be a popular way for cybercriminals to exploit people’s desire for the latest news about the pandemic, politics, sports, or other headlines, and to then find entryways back to corporate networks. With hybrid work and learning remaining a reality, there are fewer layers of protection between malware and would-be victims. Organizations must take a ‘work-from-anywhere’ approach to their security by deploying solutions capable of following, enabling, and protecting users no matter where they are located. They need advanced security on the endpoint (EDR) combined with zero trust access solutions, including ZTNA. Secure SD-WAN is also critical to ensure secure WAN connectivity for the extended network. Ransomware activity still high and continues to get more destructive: FortiGuard Labs data reveals that ransomware has not subsided from peak levels over the last year and instead, the sophistication, aggressiveness, and impact of ransomware is increasing. Threat actors continue to attack organizations with a variety of new as well as previously seen ransomware strains, often leaving a trail of destruction. Old ransomware is being actively updated and enhanced, sometimes with wiper malware included, while other ransomware is evolving to adopt Ransomware-as-as-Service (RaaS) business models. RaaS enables more threat actors to leverage and distribute the malware without having to create the ransomware themselves. FortiGuard Labs observed a consistent level…