Staying Ahead of Cyber Threats: Ganesh Iyer, MD, India & SAARC, Trellix Shares their Cyber resilience plan with ObserveNow
The cybersecurity threat landscape has rapidly evolved, with attackers adopting advanced techniques such as ransomware, AI-driven malware, and zero-day exploits. The shift to remote work and the proliferation of connected devices have significantly expanded the attack surface, leaving organizations increasingly vulnerable to complex and persistent threats.
In response, endpoint security solutions have advanced to address these challenges. Modern tools now include features like real-time threat detection, extended detection and response (XDR), and AI-powered analytics, enabling organizations to stay ahead of attackers. These innovations play a critical role in safeguarding endpoints and maintaining robust cybersecurity defenses in an ever-changing digital world. In this regard Riya Adlakha, Assistant Editor ObserveNow Media interacted with Ganesh Iyer, Managing Director, India & SAARC, Trellix.
Here are a few edited excerpts from the interview:
1. Can you provide an overview of the current cybersecurity threat landscape and how it has evolved over the past year?
Over the last year, we’ve seen further intensification across the threat landscape. Cyber resilience planning is very critical right now.
Much of the observed intensification is driven by geopolitical tensions which have heightened nation-state and hacktivist threat activity. Nearly half of the world’s population was or will be subject to an election in 2024 which creates motivation for malicious actors. This is on top of the Russia-Ukraine and Israel-Hamas conflicts. We’re observing more activity from groups linked to Iran and a shift in typical operations – from a focus on information gathering and espionage to instead putting muscle behind causing disruption and spreading misinformation.
It has also been heavily changed by rapid AI developments and shifts in the ransomware ecosystem. For example, we’ve seen a diversification of ransomware actors and an increase in more, smaller, and lesser-known ransomware groups since law enforcement action against members of LockBit. Our Advanced Research Center has also seen increases in use of AI to develop and spread malware and ransomware, and AI-based tools for sale on the cybercriminal underground.
We can’t underscore how critical securing email remains – and beyond email, collaboration platforms (Slack, Microsoft 365, Google Workspace, etc.) and anywhere files are shared are very important to secure. Email remains the top vector for attackers to target.
Finally, as we detailed in our earlier CyberThreat Report: June 2024, we are seeing increased use of EDR evasion techniques. This is shifting the landscape and attackers are growing new skills to refrain from being detected. To combat this, organizations need to ensure they’re monitoring their EDR closely. Alert and logging needs to be set up so if EDR tools are turned off, the SOC is notified immediately and appropriate action can be taken. Shutting down of EDR tools can be an indicator of tampering, and moving quickly is critical to limiting an attacker’s access to your network. It is also critically important to use a defense-in-depth strategy, allowing other tools like your Network Detection and Response (NDR) platform to detect potential incidents. and moving quickly is critical to limit the access an attacker gets to your network.
2. Trellix Endpoint Security emphasizes a unified solution with a single agent for protection, detection, investigation, and response. How does this approach differentiate Trellix from other endpoint security providers in the market?
Trellix offers a single-agent approach which offers a more streamlined approach than many in the market. We’ve focused on delivering high-performance and ease of use endpoint security, with enhanced threat response speed.
3. With the introduction of new DLP capabilities for Trellix Email Security Cloud, how do these features enhance an organization’s ability to protect sensitive information and comply with data protection regulations?
Trellix Email Security Cloud stops advanced threats through multi-layered detection powered by Trellix Wise artificial intelligence (AI). By integrating DLP capabilities into email security, organizations can address both inbound malicious threats and outbound loss of sensitive information in one solution.
• Prevent data mishandling and exfiltration of sensitive data with built-in rules-based policy controls.
• Accelerate response time to potential data breaches with real-time capture of data events and monitoring accessible to email system administrators within the Email Security Cloud console.
• Adhere to and extend data compliance controls with pre-built report templates to quickly demonstrate compliance. By extending data compliance controls to outbound email communications, organizations can lower the risk of potential fines from government regulators.
Trellix Email Security meets the stringent requirements of many government agencies, including the U.S. Department of Defense.
4. While many organizations are moving towards public cloud solutions, there remains a significant need for local data management and protection. How does Trellix balance these requirements to offer flexible security solutions?
One of our biggest differentiators is the flexibility we offer customers when it comes to securing public or private cloud, hybrid, or on-premise environments. Meeting customers where they are in their digital transformation journey and addressing their unique compliance needs is important to us.
5. Looking ahead, what are Trellix’s key focus areas and innovations in the cybersecurity space to continue powering a resilient and thriving digital world?
It’s an exciting time at Trellix. We’re continuing to deliver a robust cybersecurity platform that meets the needs of enterprises and government organizations globally. We’re also focused on Trellix Wise, the AI-powered foundation of our platform. Further integration across our security controls and strengthening of our AI foundation will continue to drive benefits and efficiencies for our customers.
6. As India prepares to implement the DPDP Act, how can Trellix assist organizations in enhancing their data protection strategies?
As India prepares for the Digital Personal Data Protection (DPDP) Act, at Trellix, we are dedicated to guiding organizations through every phase of their data protection journey. Our AI-powered cybersecurity solutions are designed to enhance data security, improve breach detection, and streamline response processes, ensuring businesses are well-prepared for the new regulatory landscape.
At Trellix, we work with our customer organizations through the entire journey. We begin by conducting comprehensive assessments to understand their current data protection measures. We then identify areas for improvement and provide tailored strategies to enhance their data security framework. Our expert team helps implement advanced security technologies, including data encryption and intrusion detection systems to safeguard sensitive information at every stage.
As leaders in cybersecurity, we are dedicated to supporting the growth and innovation of businesses in this new era of data protection.