Breach Readiness: How Prepared Are Indian Organizations?Smokescreen CTO Raviraj Doshi on Readiness and Response Trends
Many Indian organisations are not prepared to detect and respond to breaches, breach readiness assessments conducted by Smokescreen Technologies show, says Raviraj Doshi, the company's CTO, who describes current detection challenges.
"We've done 'breach readiness assessment' exercises with critical national infrastructure, banking, financial services and insurance and across other verticals. The majority of the organizations were not able to pick on any simulated attacker activity within their networks," he says (see: Adopting Deception to Control the Attack Narrative).
Breaches are becoming more difficult to detect because of malware-less techniques that focus on compromising networks using legitimate credentials and tools, including Powershell, he contends, which current solutions are not good at catching (see: Savvy Hackers Don't Need Malware).
In an exclusive video interview with Information Security Media Group, Doshi discusses:
- The poor breach readiness posture in Indian enterprises;
- How to reducing attacker dwell time in a network;
- Recommendations for improving security based on real-world experience.
Doshi has more than 12 years of experience in information security, including digital forensics, penetration testing and secure code reviews. He specializes in incident response for advanced persistent threats. He is also the co-inventor of a patent-pending technology in the field of stealth malware detection. At Smokescreen, Doshi is responsible for the product development, roadmap and delivery.