With organisations embracing digitisation, the constant risk of cyberattacks needs addressing. BW Businessworld talks with Ritesh Chopra, Norton's Director in India, to understand practical strategies for protecting sensitive information in the face of ongoing cyber threats. In this Q&A, Chopra highlights the crucial role of dark web monitoring and shares effective strategies to deal with the cyber threats. His insights into cybersecurity provide a roadmap for businesses aiming to fortify their digital defences.
Edited excerpts:
As the Director of Norton in India, could you highlight specific success stories or case studies where dark web monitoring played a pivotal role in averting potential cyber threats for businesses?
Dark web monitoring helps most when information has already – unfortunately – ended up in the wrong hands. With this feature just launching in India, we are just getting examples of specific cases here in the market. What we do know is how the feature has already helped so many people and businesses in the markets where it has been for some time. For example, we anecdotally know of a case of a smaller business where the CEO had used dark web monitoring personally and his credit card number was flagged as being leaked on the dark web. This card was linked to his business account, which would mean hackers could then use this number to potentially drain out all of the funds through the use of the credit card. With the alert from dark web monitoring, he was able to quickly call the bank and stop that card before any more charges were made – this not only saved him money but also an incredible amount of time if he had to dispute charges and recover all of his bank accounts.
Given the unique characteristics of the Indian business landscape, what are the most prevalent dark web-related risks, and how does Norton tailor its monitoring solutions to address these specific challenges?
In India, the biggest risks come in the form of SIM card fraud, loan scams, Aadhaar numbers, and EPF information scams. Due to the unique nature of the Indian market, the dark web monitoring features should be tailored to look for data unique to this part of the world. Norton uniquely leverages its technology to look for over 120 different datapoints like one's Aadhaar & PAN data in India, which may be linked to one or more PII (Personal Identifiable Information).
In the context of a rapidly digitising India, how does Norton adapt its dark web monitoring strategies to address the evolving tactics of cybercriminals, ensuring the protection of sensitive business information?
In essence, having Dark Web Monitoring is like having a white hat hacker on your side who sits in the depths of the dark web for you and watches in case your information ends up in this dark corner of the web. Unfortunately, the criminals who use the dark web for nefarious activities are getting “smarter”, especially with AI tools now on their side, which allows them to create even more realistic scam messages, emails, etc. The researchers at Gen – the company which the Norton brand belongs to – work tirelessly just to understand how the latest scams are created, how they are deployed, what information people are trying to get their hands on, etc.
Some products protect users and businesses at the beginning of the hack chain itself – for example, flagging if a file has been sent to you that is potentially malicious, letting you know a website is insecure, stopping dangerous programs from being installed on your devices, etc. - dark web monitoring helps deeper down the chain by letting you know if hackers have been able to evade detection. Our researchers who are focused on dark web monitoring continue to watch how information ends up on the dark web, where it’s bought and sold, and how to ensure the most precious data is detected as quickly as possible.
Are there industry-specific nuances in the dark web activities affecting businesses in India, and how does Norton tailor its monitoring services to cater to the unique challenges faced by various sectors?
The fact is, when it comes to information being on the dark web, there are no huge differences between how various businesses or even people are targeted – all victims are somewhat created equal, to a great degree. Whether an individual has millions in the bank or just enough money to pay the bills doesn’t necessarily matter to criminals, as long as there is something to take; a person's information is worth something on the dark web. The exception is when a criminal is trying to hack a specific business or individual, which indeed happens. It could be that a business is seen as a competitive threat to another or a high-profile individual who is known to have a lot of assets. This is when criminals may use information from the dark web to play the identity theft game and gather pieces of an individual's identity to do even greater damage than simply taking pieces for quick financial gain. In general, if your business has information you believe to be proprietary – for example, if you are a tech company building the latest technology or a pharmaceutical company working on a breakthrough – it's important that the individuals who are involved with the company protect their personal information so it doesn’t end up in the wrong hands.
Considering the interconnected global nature of the dark web, how does Norton collaborate with international cybersecurity entities to provide comprehensive dark web monitoring services for Indian businesses?
The cybersecurity industry works together quite closely – while there are many competing companies, we are all fighting the same enemy and consistently share research and intelligence where it’s most important to be able to do just that. Researchers from Norton work hand in hand with companies across the globe, big to small – from the likes of Microsoft to well-known enterprise protection companies such as Cisco.
Beyond immediate threat detection, how does Norton assist businesses in India with actionable insights derived from dark web monitoring, enabling them to enhance their overall cybersecurity resilience and strategy?
The key is really education. Having security solutions in place is one part of the puzzle, but it’s just as important to educate people and businesses on what to look out for – how can you tell if an email is a scam, what to do if something looks suspicious? At Norton – whether it's working with the media, through our blogs and white papers, or speaking at events – we are constantly working to educate people across the world.
(Join us at the BW Businessworld Gen AI Summit on 27th March at The Imperial, New Delhi, where Ritesh Chopra, India Director at Norton, will share his insights. To catch his expertise and that of other thought leaders, secure your spot now. Register today! Limited seats available)