Strengthening cyber resilience: Anjali Amar on AI, Ransomware & security

As cyber threats continue to rise in scale and sophistication, Indian organizations face mounting challenges in safeguarding their digital assets. A recent report highlights that 93% of Indian cybersecurity leaders are concerned about AI amplifying data breach severity, while 84% of affected organizations still resort to paying ransoms despite public commitments against it. With sectors like healthcare, transportation, and professional services bearing the brunt of cyberattacks, the need for robust security strategies has never been greater.

In this exclusive conversation, Anjali Amar, Vice President & Country Head India and SAARC at Cloudflare, delves into how businesses can harness AI to fortify their defenses, the vulnerabilities plaguing critical industries, and the importance of a proactive security approach. She also sheds light on the evolving cybersecurity investment landscape, regulatory challenges, and the pivotal role of cross-sector collaboration in building a resilient digital ecosystem.

With 93% of Indian cybersecurity leaders expressing concern over AI amplifying data breach severity, how can organizations leverage AI to strengthen, rather than compromise, their defenses?

While concerns about the role of AI in cybersecurity are valid, organizations have the opportunity to utilize AI to enhance their defense mechanisms significantly. As mentioned in the report, there has been a notable rise in cyberattacks, with 55% of organizations experiencing at least one incident in the past year. This highlights the growing importance of adopting advanced technologies like AI to monitor and address such challenges. 

AI-powered systems can analyze large volumes of data to identify anomalies and potential threats in real time, enabling faster and more effective responses. This proactive capability helps in mitigating the impact of cyberattacks. Additionally, AI can automate routine tasks such as threat detection and vulnerability assessments, freeing up security teams to focus on more strategic areas. 

AI-driven analytics can also improve threat intelligence, allowing organizations to anticipate and prepare for potential risks. By optimizing security operations and minimizing human errors, AI contributes to a stronger overall cybersecurity framework. To ensure its effectiveness, it is crucial to implement AI responsibly, with an emphasis on transparency, accountability, and unbiased processes. With careful planning and execution, organizations can leverage AI to build a more secure and resilient digital ecosystem. 

The healthcare, transportation, and professional services sectors have faced the brunt of data breaches in India. What makes these industries particularly vulnerable, and how can they bolster their cybersecurity measures?

The healthcare, transportation, and professional services sectors in India are vulnerable to data breaches due to their reliance on sensitive data, complex interconnected systems, and outdated security infrastructure. Healthcare organizations store extensive personal and medical information, making them lucrative targets for attackers. Additionally, their dependence on interconnected systems increases the risk of supply chain and ransomware attacks.

Professional services, on the other hand, handle confidential client data, including financial information and intellectual property, which are prime targets for cybercriminals. Smaller firms in this sector often lack adequate resources to invest in robust cybersecurity. 

To mitigate these risks, organizations in these sectors must adopt a proactive security approach. For example, implementing Zero Trust architecture, encrypting sensitive data, and deploying real-time threat detection systems are essential. Regular security audits, employee awareness training, and robust access controls further strengthen defenses. Additionally, fostering cross-sector collaboration to share threat intelligence and aligning security measures with industry-specific compliance frameworks can significantly bolster cybersecurity resilience. 

Despite public commitments against paying ransoms, 84% of affected organizations in India reportedly paid them. What does this reveal about the preparedness and response strategies of Indian organizations 

The high rate of ransom payments reveals gaps in the preparedness and incident response strategies of Indian organizations. It indicates insufficient investment in robust backup solutions and business continuity planning, which are critical for avoiding dependence on ransom payments. 

Organizations often face immense pressure to restore operations quickly, particularly in sectors like healthcare and transportation, where downtime directly impacts lives and public safety. However, paying ransoms emboldens attackers and increases the likelihood of future attacks.

To address these issues, Indian organizations must prioritize building resilience through comprehensive risk assessments, regular testing of incident response plans, and adopting immutable backup systems. Enhancing cyber insurance coverage and conducting organization-wide training to prevent breaches can also help mitigate the financial and operational impact of ransomware attacks. 

With 52% of organizations allocating over 5% of their IT budget to regulatory and compliance needs, what are the most significant challenges in meeting these requirements, and how do they translate into tangible business benefits?        

Organizations face challenges such as evolving regulations, resource constraints, and complexity in aligning global compliance standards. These difficulties require frequent updates to systems and processes, substantial investment in specialized talent, and maintaining visibility across multi-cloud environments. However, meeting these requirements can result in tangible benefits, including enhanced trust among stakeholders, reduced legal risks, and improved operational efficiency. Compliant organizations are better positioned to secure partnerships, expand into new markets, and protect their reputation. By embedding compliance into their strategic objectives, organizations can turn these challenges into competitive advantages while ensuring a robust security posture. 

While 80% of respondents dedicate over 10% of their IT budgets to cybersecurity, breaches remain widespread. How can organizations ensure that their cybersecurity investments yield effective results?

To ensure cybersecurity investments are effective, organizations must adopt a risk-based approach. This involves assessing the most critical assets and potential threats and aligning security measures to the areas of greatest vulnerability. Regular penetration testing, threat intelligence integration, and incident response drills can help validate the effectiveness of existing solutions. Organizations should also focus on continuous monitoring and real-time threat detection, supported by AI and automation, to reduce the response time for breaches. Cultivating a security-aware culture through training programs ensures that human error, a leading cause of breaches, is minimized. 

Remote Desktop Protocol (RDP) and VPN server compromises accounted for 55% of breach entry points. How should organizations address these vulnerabilities, especially in the context of hybrid work environments? 

Organizations must prioritize securing RDP and VPN servers by implementing multi-factor authentication (MFA) and ensuring timely patch management. Adopting Zero Trust principles—where access is granted based on identity verification and least privilege—can further mitigate risks. Advanced endpoint protection and robust network segmentation help limit the impact of potential breaches. For hybrid work environments, organizations should deploy secure remote access solutions like virtual desktop infrastructure (VDI) and adopt behavior-based monitoring to identify unusual access patterns. Regular audits and simulated breach tests can ensure these measures remain effective against evolving threats. 

Given the rising sophistication of cyberattacks in the Asia-Pacific region, how important is cross-sector collaboration, and what role can organizations like Cloudflare play in fostering a more secure digital ecosystem?

Cross-sector collaboration is essential in the Asia-Pacific region, given the rising frequency and sophistication of cyberattacks. Information sharing between industries, governments, and cybersecurity firms can enhance threat intelligence and expedite responses to emerging threats. Organizations like us play a pivotal role by offering scalable solutions for distributed denial-of-service (DDoS) protection, threat detection, and application security. By collaborating on initiatives like shared threat databases and regional cyber defense exercises, stakeholders can collectively improve resilience across sectors. This collaborative approach fosters a secure digital ecosystem, enabling innovation and growth while mitigating risks.