Thus when he talks about cybersecurity, one would realise that he knows the game by heart, and brain. Tech giant Microsoft puts him in the position of Regional Director-Digital Crimes Unit (DCU), Asia Pacific. Prior to joining Microsoft Asia-Pacific in 2012, Keshav was the director and head of IP and Anti-Piracy Department as part of Legal and Corporate Affairs (LCA) at Microsoft India since 2007.
This multi-dimensional expert recently visited Bangladesh and Dhaka Tribune had the opportunity to talk with him about issues on cybersecurity.
Transparency centre to aid the government
Dhakad said that he works with his Digital Crimes Unit across the Asia Pacific region and Japan. He manages the operations from Singapore which has a twin centre – a Transparency Centre and Cybersecurity Centre.
In explaining the role of the Transparency Centre, he said that Microsoft has a program called Government Security Program (GSP), which is based on building trust in technology. “It’s been there since 2003. In this program, we assist national governments by giving them access to important Microsoft products and security resources, such as threat intelligence, technical data etc, for their stronger cybersecurity posture and capabilities. We allow them to test the credibility of our software so we give them access to review our source code for key Microsoft products through the Transparency Centres and online,” he said.
“After the Snowden disclosures, we openly spoke about our commitment to privacy and that our software is secure and absolutely free of any back-doors, and thus we plan to open up our source code for the governments for review of its integrity,” he further stated.
In a bid to do that, Microsoft opened four regional Transparency Centres. One is in Redmond, WA, USA which looks after the USA and Canada region; the second one in Brussels which looks after the operations in Europe; the third one is in Singapore that covers the Asia Pacific region and the last one in Brasilia, Brazil, to look after the Latin American operations.
When asked whether they are assisting the Bangladesh government under their government security program, he said that they don’t have any agreement with the Bangladesh government as yet but they are talking with them now.
“We will be talking to the telecom regulatory body, and also with Bangladesh Computer Council under the ICT Division on this issue,” Dhakad said.
“We are very concerned about the cybersecurity environment in Bangladesh, especially after the recent cyber heist on the Central Bank.”
He said that hacking incidents are increasing all over the world, especially in the Asia region.
Financial industry: the most vulnerable to cyber attacks
Dhakad said that the industry, which is most vulnerable to (and targeted by) cyber-crime, is the financial industry. “With broken systems, unmanaged IT environments, limited personnel awareness, low skill sets on cybersecurity, and almost lack of modern threat detection environment, the commercial banks here are absolutely vulnerable and there is no doubt about it.”
He explained that without the usage of genuine and trusted software, it is not possible to ensure security as a foundation. He said that in countries like Bangladesh, the usage of genuine software is minimal even among the large government and corporate bodies. A big part of the Bangladesh financial industry too, is not using genuine software, which is a matter of great concern because the financial industry needs the highest level of cyber security measures.
Referring to the BSA Global Software Survey 2016, he said that Bangladesh has over 80% non-genuine software usage. “That is a very fragile situation. Criminals are looking for open areas like older system and non-genuine software to target. Bangladesh is very vulnerable on that ground,” he said.
We are very concerned about the cybersecurity environment in Bangladesh, especially after the recent cyber heist on the Central Bank
About the potential security threat, the Microsoft cybersecurity expert said, “If you have an unpatched software, an unprotected software or especially a counterfeit and pirated software, it is subject to fall for malware infections.”
He said that cyber criminals are known to sometimes actually embed malware into the non-genuine supply chain so when someone downloads the software, s/he is actually getting malware inside the copy. It is a very unsafe IT environment today where criminals are actively using unauthorised IT supply chains to infiltrate and pose direct threats to cybersecurity.
“I am afraid of non-genuine environments. If you add layers of security into the non-genuine environment, your backdoor is still open and the system still remains broken. No amount of security will protect a broken system.”
So genuine software is not just genuine software; rather, it’s a highly secure software. “Suppose, if you use current and updated genuine software by Microsoft, you are safe from most of the common attacks because Microsoft’s built-in security measures and regular security updates provide robust end-point measures against modern security threats and keeps you protected.”
How Microsoft fights against cyber crime
Dhakad went on to explain that in the world of cybersecurity, there are always the possibilities of discovering new crimes. Microsoft however thinks of security in a very holistic way. First, Microsoft provides built-in protection in its main-stream software against cyber-attacks. It ensures security at the end-point so attacks and vulnerabilities are managed better.
After that, comes the issue of detection, which is weakest in this South Asia region. “A study finds that the average times between infiltration and detection is like 500 plus days. This is a matter of great concern and reflects the poor state of readiness. Microsoft focuses largely on modern threat detection capabilities with leverage machine learning and threat intelligence graph.”
Lastly, comes the issue of response. “If you don’t respond to an attack or a breach, then you just won’t learn from it for future risk management. Responding means mitigating the losses but it also means you are ensuring that it won’t happen again. We are committed to our customers to support them with incident response and recovery, and threat mitigation capabilities.”
“With our platform security and our smart intelligence, we ensure how to provide a holistic and comprehensive secure environment for our customers, through a protect-detect-respond posture and capabilities.”
He said that cyber-crime spans the whole world. “If you do not have the full scale visibility of how cyber-attacks are evolving with new malware or new target attempts, then how do you visualise what that end protection should look like? And what you should look for when you are detecting signals, behaviours or suspicious attacks?”
So he said Microsoft is invested heavily on how it can support their customers through a platform level security strategy. “We have a security that is built-in on our products, so if someone uses Windows 10, s/he can get best in class security built-in powered by cloud-based threat intelligence graph, and thus you may not have to add layers of security, as you already have a strong built-in security which can protect itself from most of the threats and help detect new threats.”
He said that Microsoft software learns from mapping new threats on a continuous basis, applying big-data analytics, improving attribution, and then pushing the new data analytics back in the hand of the customers through product updates, security patching and machine learning analytics. So this allows and enables customers to have a posture of “active defense.”
“In active defense, you are pro-active about cybersecurity and prepared to detect a breach faster; you contain an intruder’s movement in the organisation and infrastructure and remove them efficiently and effectively. We provide our platform with active defence capabilities through customers getting built-in security. Cybersecurity is our number one priority with over one billion dollars committed towards security research and development (R&D) investments every year, which enable us to keep in step with the modern security threats and how we develop our products and services.”