WEBVTT

1
00:00:04.050 --> 00:00:06.060
Suparna Goswami: Hello there.
I'm Suparna Goswami. I'm

2
00:00:06.060 --> 00:00:08.400
associate editor with
Information Security Media

3
00:00:08.400 --> 00:00:11.670
Group. And I have with me today
Terence Gomes, who is country

4
00:00:11.670 --> 00:00:15.960
head, security with Microsoft,
India, and he will talk about

5
00:00:15.960 --> 00:00:18.930
some of the pain points of
cybersecurity practitioners in

6
00:00:18.930 --> 00:00:21.960
the region. Terence, always a
pleasure to speak with you.

7
00:00:21.990 --> 00:00:24.390
Terence Gomes: Likewise,
Suparna. I'm so excited to spend

8
00:00:24.390 --> 00:00:26.610
some time with you and interact
with your audience, really

9
00:00:26.610 --> 00:00:27.810
looking forward to this talk.

10
00:00:28.110 --> 00:00:30.361
Suparna Goswami: So tell us,
given the current macro

11
00:00:30.426 --> 00:00:34.222
environment that is going on,
what are you hearing from the

12
00:00:34.286 --> 00:00:38.340
CISOs? What are their top
priorities when it comes to security?

13
00:00:38.000 --> 00:00:40.345
Terence Gomes: A couple of
things, and CISOs in India

14
00:00:40.406 --> 00:00:44.295
CISOs, globally, and, you know,
just looking back at the recent

15
00:00:44.356 --> 00:00:48.368
Microsoft digital defense report
we published last week - this is

16
00:00:48.430 --> 00:00:51.886
our annual edition, where we,
you know, conduct research

17
00:00:51.948 --> 00:00:55.589
across the globe and more than
12 months of data. There are

18
00:00:55.651 --> 00:00:59.477
three things that really stand
out. One is while organizations

19
00:00:59.539 --> 00:01:03.180
are investing and moving forward
in security, attackers are

20
00:01:03.242 --> 00:01:06.822
adopting, attackers are also
keeping up with the change in

21
00:01:06.883 --> 00:01:10.710
innovation, and we are hearing
CISOs share that with us, where

22
00:01:10.772 --> 00:01:14.598
they've seen ransomware attacks
growing significantly in their

23
00:01:14.660 --> 00:01:18.116
space, and many times, it's been
too late for them to do

24
00:01:18.178 --> 00:01:21.634
anything, and then they've been
held to ransom. Phishing

25
00:01:21.696 --> 00:01:25.399
continues to be a top of mind.
Whether it is - would you say

26
00:01:25.461 --> 00:01:29.164
email phishing, business email
fraud, different form factors

27
00:01:29.225 --> 00:01:32.682
and vectors. Phishing continues
to be - at Microsoft, we

28
00:01:32.743 --> 00:01:36.138
probably saw 730 million
phishing emails each week as a

29
00:01:36.199 --> 00:01:39.779
service provider. So that's the
content of the threats and

30
00:01:39.841 --> 00:01:43.359
changes in the landscape. And
then also, we're seeing the

31
00:01:43.420 --> 00:01:46.877
entire botnet ecosystem
environment growing rapidly like

32
00:01:46.938 --> 00:01:50.580
the Microsoft digital crimes
unit works in partnership with

33
00:01:50.641 --> 00:01:54.098
various agencies globally,
locally, we track that. So we

34
00:01:54.159 --> 00:01:57.986
see all these kinds of trends
and off late also, there's a lot

35
00:01:58.048 --> 00:02:01.689
of rise in the nation-state
activity. You see they're going

36
00:02:01.751 --> 00:02:05.515
behind supply chain attacks, IT
service providers, looking at

37
00:02:05.577 --> 00:02:09.342
critical infrastructure. So we
think a lot of this happening,

38
00:02:09.404 --> 00:02:13.107
right? So, across ransomware,
phishing, botnet, nation-state

39
00:02:13.169 --> 00:02:16.810
attack, a lot of these things
happening in the environment.

40
00:02:16.872 --> 00:02:20.390
And a digital report also talks
a lot about those things.

41
00:02:20.750 --> 00:02:22.310
Suparna Goswami: So you
mentioned about ransomware, you

42
00:02:22.310 --> 00:02:25.730
mentioned about phishing. So,
what is Microsoft's roadmap when

43
00:02:25.730 --> 00:02:29.810
it comes to offering
cybersecurity professionals to

44
00:02:29.840 --> 00:02:31.550
achieve more with less?

45
00:02:31.960 --> 00:02:34.150
Terence Gomes: Again, great
question. We're looking at this

46
00:02:34.150 --> 00:02:37.450
problem holistically. Because
when attackers attack

47
00:02:37.450 --> 00:02:40.930
organization, they don't attack
endpoints, they don't attack,

48
00:02:41.080 --> 00:02:44.110
you know, email, they attack
organizations end to end and not

49
00:02:44.110 --> 00:02:47.320
at a specific point in time. So
we genuinely believe that

50
00:02:47.710 --> 00:02:50.710
organizations, security
practitioners need to look at

51
00:02:51.040 --> 00:02:55.180
securing their organization
holistically end to end, and not

52
00:02:55.240 --> 00:02:58.150
just focus on one or two
specific areas of the security

53
00:02:58.150 --> 00:03:01.240
domain. And we build a
three-pronged approach to help

54
00:03:01.240 --> 00:03:04.180
them do more with less. One, of
course, is consolidation.

55
00:03:04.420 --> 00:03:07.270
Because with consolidation, you
can do a lot of simplification.

56
00:03:07.300 --> 00:03:11.200
A lot of times, we've seen
organizations have multiple

57
00:03:11.440 --> 00:03:14.650
point products, and there's a
lot of overlap. So, they end up

58
00:03:14.740 --> 00:03:17.770
with a lot of redundant tools,
which only makes it much more

59
00:03:17.770 --> 00:03:21.820
complex for the end user and the
operator to use to maintain to

60
00:03:21.820 --> 00:03:25.720
manage. So, a core focus on when
we work with organizations is

61
00:03:25.720 --> 00:03:29.380
one on simplification and
consolidation. The second focus

62
00:03:29.380 --> 00:03:31.600
is also how do we get these
integrated, so when you

63
00:03:31.600 --> 00:03:33.820
consolidate, when you move
everything to a platform

64
00:03:33.820 --> 00:03:37.390
approach, each tool or sensor
can talk to each other, because

65
00:03:37.390 --> 00:03:39.700
now they're part of the same
platform, they are connected.

66
00:03:40.000 --> 00:03:43.210
With that interconnection, they
can see, you know, threats, they

67
00:03:43.210 --> 00:03:46.930
can share signals, they can
provide a much richer context

68
00:03:46.930 --> 00:03:49.660
about what's happening in the
organization. And when you have

69
00:03:49.660 --> 00:03:52.330
that fabric, you can then
leverage machine learning,

70
00:03:52.330 --> 00:03:55.120
because now each of these
signals can be put together to

71
00:03:55.120 --> 00:03:59.650
look at the noise versus the
true positives. And at the same

72
00:03:59.650 --> 00:04:03.130
time, you can also focus on
automation. So our second focus

73
00:04:03.130 --> 00:04:05.920
is when you do consolidation,
and when you do the integrated

74
00:04:05.920 --> 00:04:09.580
approach, you are able to
leverage new age machine

75
00:04:09.580 --> 00:04:13.390
learning AI and automation to
really detect threats faster,

76
00:04:13.420 --> 00:04:17.170
respond to them, remediate them,
and sometimes just contain

77
00:04:17.170 --> 00:04:18.730
because you can't prevent
everything, right? There's

78
00:04:18.730 --> 00:04:21.610
nothing such as 100% security.
So you can do a lot of

79
00:04:21.610 --> 00:04:24.970
containment efforts as well. And
then thirdly, the focus is on if

80
00:04:24.970 --> 00:04:28.360
you do these two things right,
you can significantly improve

81
00:04:28.360 --> 00:04:32.320
your operations efficiency in
terms of, you know, time to

82
00:04:32.320 --> 00:04:36.760
detect, time to respond, number
of resources you're using to

83
00:04:36.760 --> 00:04:39.970
manage your entire security
operations or new projects that

84
00:04:39.970 --> 00:04:42.880
you want to go deploy. So your
entire operational efficiency

85
00:04:42.880 --> 00:04:47.380
around user experience, time to
manage a number of resources,

86
00:04:47.560 --> 00:04:52.720
you save a lot of that as well.
So in addressing these threats

87
00:04:52.720 --> 00:04:56.080
of today, where there is a
constant demand on CISOs to do

88
00:04:56.080 --> 00:05:00.340
more, we come in and say you can
actually do more with the

89
00:05:00.340 --> 00:05:03.520
Microsoft approach, and leverage
these three things of

90
00:05:03.520 --> 00:05:07.720
simplification in advanced AI
and automation, and operational

91
00:05:07.720 --> 00:05:09.580
efficiency using the platform
approach.

92
00:05:09.910 --> 00:05:12.010
Suparna Goswami: So, you
mentioned about prediction,

93
00:05:12.010 --> 00:05:16.270
detection and automation. And
this brings me to zero trust. So

94
00:05:16.270 --> 00:05:18.940
that is one principle and
strategies that most of the

95
00:05:18.940 --> 00:05:22.210
organizations are now following,
or at least trying to follow. So

96
00:05:22.210 --> 00:05:25.390
how is Microsoft helping
organizations achieve this

97
00:05:25.390 --> 00:05:28.990
through endpoints in addition to
software, especially with Chip,

98
00:05:29.080 --> 00:05:30.310
and Windows 11?

99
00:05:30.820 --> 00:05:32.140
Terence Gomes: Great question.
This was asked during the

100
00:05:32.140 --> 00:05:36.010
keynote. I know off the top of
the summit today, where one of

101
00:05:36.010 --> 00:05:38.620
the audience members said,
"Everything is good, but what

102
00:05:38.620 --> 00:05:39.490
about hardware secure?"

103
00:05:39.490 --> 00:05:39.880
Suparna Goswami: Correct

104
00:05:40.260 --> 00:05:43.200
Terence Gomes: And at Microsoft,
we believe that security should

105
00:05:43.200 --> 00:05:46.380
be holistic. In fact, in one of
the surveys, one of the reports

106
00:05:46.380 --> 00:05:51.420
that was conducted, 80% of the
decision makers are looking at,

107
00:05:51.750 --> 00:05:54.750
you know, security to be also
enabled as part of hardware and

108
00:05:54.750 --> 00:05:59.670
not just rely on software. And
as we are looking at Windows 11,

109
00:06:00.030 --> 00:06:03.240
we are working, you know, making
sure that Windows 11 focuses not

110
00:06:03.240 --> 00:06:05.850
just on the software security
aspects of it also, but

111
00:06:05.850 --> 00:06:09.270
leverages the hardware aspect of
it. And again, on three things,

112
00:06:09.420 --> 00:06:13.770
the whole zero trust principle
is based on trust, but verify or

113
00:06:13.770 --> 00:06:16.980
verify explicitly, and once you
verify, then only give that

114
00:06:16.980 --> 00:06:19.830
individual or that device
limited access and assume

115
00:06:19.830 --> 00:06:22.560
breach. So with Windows 11,
we're focusing on those

116
00:06:22.560 --> 00:06:24.810
principles. So when we're
working with the device

117
00:06:24.810 --> 00:06:29.130
manufacturers, the hardware
requirements that one needs to

118
00:06:29.400 --> 00:06:33.600
meet to have Windows 11 run
comes with a lot of security

119
00:06:33.600 --> 00:06:36.990
guidance. So we are going back
and working with the silicon

120
00:06:37.170 --> 00:06:40.590
chip manufacturers, the device
manufacturers, to make sure that

121
00:06:40.590 --> 00:06:43.410
those security requirements are
built in as part of the

122
00:06:43.410 --> 00:06:46.800
hardware. This then enables
Windows 11, as a platform, to

123
00:06:46.800 --> 00:06:50.490
leverage the hardware to really,
you know, make the entire

124
00:06:50.520 --> 00:06:54.150
experience secure. So putting in
all those things. And a simple

125
00:06:54.150 --> 00:06:57.570
example would be like, "trust,
but verify," which is a core

126
00:06:57.570 --> 00:07:01.350
principle of zero trust. With
Windows 11 device security

127
00:07:01.350 --> 00:07:04.980
features, the administrator can
actually pinpoint and say, "Oh,

128
00:07:05.010 --> 00:07:07.740
is this device - can I trust
this device? Is this devices

129
00:07:07.770 --> 00:07:11.700
attested?" And Windows 11 helps
establish that trust so that

130
00:07:11.700 --> 00:07:15.090
only a healthy device is given
access. Otherwise, it is not.

131
00:07:15.090 --> 00:07:18.390
So, tying back to the core
principle of trust, but verify.

132
00:07:18.600 --> 00:07:21.450
So that's how we are trying to
get that done and leverage the

133
00:07:21.450 --> 00:07:25.080
Windows 11 in partnership with
the hardware manufacturers

134
00:07:25.080 --> 00:07:29.220
really roll out a secure
operating system and advice

135
00:07:29.000 --> 00:07:32.090
Suparna Goswami: Fantastic. And
I'm sure you would agree that an

136
00:07:29.220 --> 00:07:29.730
experience.

137
00:07:32.090 --> 00:07:35.330
essential piece of this entire
cybersecurity process is the

138
00:07:35.330 --> 00:07:39.110
people and we need to skill
people. So what is Microsoft

139
00:07:39.110 --> 00:07:41.630
India doing to upskill
cybersecurity professionals and

140
00:07:41.630 --> 00:07:42.680
prepare them for the future?

141
00:07:42.840 --> 00:07:46.770
Terence Gomes: Great question.
This industry, in general, not

142
00:07:46.770 --> 00:07:48.960
just in India, but globally,
there's severe shortage of

143
00:07:48.960 --> 00:07:53.970
cybersecurity skills and people.
Microsoft India has initiated

144
00:07:53.970 --> 00:07:57.420
various initiatives, are taking
steps, you know, different ways.

145
00:07:57.570 --> 00:08:01.530
For example, Cyber Shikshaa
abhiyan is really reaching out

146
00:08:01.530 --> 00:08:04.800
to women engineers, graduates
who are looking to embrace

147
00:08:04.800 --> 00:08:08.070
cybersecurity as a career
aspiration. And we're reaching

148
00:08:08.070 --> 00:08:11.430
out proactively to this program,
and not just Cyber Shikshaa

149
00:08:11.430 --> 00:08:14.130
abhiyan but Cyber Surakshit
Bharat, which is focused on

150
00:08:14.310 --> 00:08:18.570
skilling and enabling people in
the public sector in India. And

151
00:08:18.570 --> 00:08:20.400
there are many other
initiatives, the enterprise

152
00:08:20.400 --> 00:08:23.670
skilling initiative. So to sum
it up, this is the big focus

153
00:08:23.670 --> 00:08:29.010
area of investment for
Microsoft. We've taken

154
00:08:29.010 --> 00:08:31.890
significant strides, but it is a
journey and we will continue to

155
00:08:31.890 --> 00:08:36.000
invest and continue to get more
and more people enabled in India

156
00:08:36.000 --> 00:08:37.080
on cybersecurity.

157
00:08:37.170 --> 00:08:38.940
Suparna Goswami: Of course.
Education is not a one-time

158
00:08:38.970 --> 00:08:42.000
process. It's a long, continuous
journey that everyone has to do.

159
00:08:42.240 --> 00:08:44.430
Thank you so much, Terence.
Thank you so much for sharing

160
00:08:44.430 --> 00:08:44.910
your thoughts.

161
00:08:44.970 --> 00:08:46.350
Terence Gomes: Thank you. It's
been a pleasure talking to you.

162
00:08:48.120 --> 00:08:49.740
Suparna Goswami: You were
listening to Terence Gomes for

163
00:08:49.740 --> 00:08:53.010
ISMG. This is Suparna Goswami.
Thank you so much for watching.