In a recent interview conducted by CRN India, Rajesh Chhabra, General Manager – India & South Asia, Acronis, shed light on how Acronis has managed to carve out a strong foothold in the Indian market despite entering relatively later than its competitors. Chhabra discussed the strategies employed by Acronis to expand its reach and capitalise on the increasing demand for cloud security and backup solutions in India.
The discussion also delved into emerging trends in cybersecurity, particularly in the context of hybrid work environments amid the pandemic. The interview also explored the growing trend of Indian organisations adopting solutions to protect SaaS-based applications, underscoring the importance of safeguarding data in the cloud.
How has Acronis established a strong presence in the Indian market despite entering relatively later than competitors? What strategies has the company employed to expand its reach and capitalise on the increasing demand for cloud security and backup solutions in India?
Acronis entered the Indian market relatively later compared to some other players, about four to five years ago. Despite this, since our inception in India, we’ve made consistent progress and established a strong presence. Globally, Acronis has been a leader in cyber protection, and many SMBs and enterprises in India were already familiar with our solutions due to relationships with our headquarters located outside India. However, we undertook various market awareness initiatives upon entering India, collaborating with global distributors like Ingram Micro and Tech Data, as well as Indian distributors, to expand our network of resellers and service providers.
Over the past five to six years, Acronis has shifted its focus towards cloud security and backup to the cloud. This strategic pivot aligned well with the evolving landscape, especially with the increasing adoption of cloud services. By partnering with cloud service providers, we not only expanded our reach but also enabled them to offer comprehensive cyber protection solutions, leveraging Acronis’ expertise in this domain. It’s worth noting that Acronis has been a pioneer in the concept of “cyber protection,” a term coined by us, which represents a unique approach beyond traditional cybersecurity.
Despite our later entry into the Indian market, we have witnessed steady growth over the past four years, making India one of our key growth markets globally. This trajectory reflects the effectiveness of our strategies and the increasing demand for cyber protection solutions in India.
What specific trends do you observe in hybrid workspace concerns, particularly considering the hybrid nature of work environments?
Following the pandemic, there was a notable surge in cyber attacks, and this spike was quite understandable. Prior to the pandemic, the majority of work occurred within the confines of office spaces, which typically boasted robust perimeter security measures. While cyber attacks were present, they were not as rampant as what ensued post-pandemic. Now, with remote work becoming the norm, employees operate from various locations worldwide. They utilise consumer-grade routers at home, connect from airports, and rely on public internet access. Concurrently, the advent of artificial intelligence (AI) further exacerbated the situation.
The widespread adoption of remote work expanded the attack surface, effectively turning the entire world into a perimeter. Companies found themselves under increasing pressure to bolster their security posture to combat these evolving threats. However, they also faced the challenge of maintaining employee productivity without compromising security. Thus, employee awareness emerged as a critical factor in this landscape.
The integration of AI and machine learning (ML) into cyber defence strategies brought both promises and perils. While these technologies offer opportunities for enhancing security, they are also leveraged by malicious actors to perpetrate attacks. This asymmetry, where bad actors possess the element of surprise, amplifies the potency of cyber threats. Consequently, we witnessed the proliferation of advanced attack techniques, such as living off the land and fileless attacks.
There is also a concerning trend where ransomware is offered as a service, allowing even novice attackers to execute sophisticated attacks. These developments underscore the evolving nature of cyber threats and the need for organisations to remain vigilant and adaptive in their security measures.
Is there a growing trend in Indian organisations adopting your solutions to protect SaaS-based applications?
While SaaS-based applications provide a certain level of protection, it’s crucial to acknowledge that they often fall short in addressing the sophisticated attacks and techniques prevalent today. This limitation stems from the fact that these applications serve a specific purpose, and their service contracts typically outline that they are not liable for data loss. They may take responsibility for application integrity but place the onus of data protection primarily on the user. Even with data stored in the cloud, risks like accidental deletion and insider threats remain pertinent concerns.
It’s imperative to recognise the need to support SaaS-based applications just like any other application. Fortunately, there’s a growing awareness among employees, companies, SMBs, and enterprises regarding the importance of protecting these applications. This trend underscores the necessity for robust measures to safeguard data and mitigate risks associated with SaaS platforms.
What specific trends unique to India do you observe, especially in conversations with customers regarding cloud and AI-powered cybersecurity solutions?
AI has certainly become the talk of the town lately, and its potential in enhancing security is undeniable. The strength of AI lies in its ability to learn and self-improve over time. However, it’s crucial to utilise AI effectively to achieve the desired results. Moreover, there’s growing concern about the potential misuse and abuse of AI, particularly in the context of adversarial attacks. Since AI relies on data, it’s susceptible to attacks aimed at corrupting or confusing its underlying data.
While AI undoubtedly elevates security measures, the fundamental principles of security remain unchanged. A comprehensive security approach involves multiple layers of protection, each contributing to a more robust defence strategy. Relying solely on one buzzword or technology for 100% protection is unrealistic. Instead, a combination of security measures at various levels is necessary to ensure holistic security.
Security must encompass proactive, reactive, and active elements. For instance, proactive measures involve patch management and vulnerability assessments to address known vulnerabilities before they can be exploited. Unfortunately, many organisations still struggle with timely patching, leaving them vulnerable to attacks for extended periods.
On the other hand, active protection strategies are crucial for combating emerging threats like zero-day attacks, which lack traditional signatures. Here, AI-driven behaviour-based protection can play a significant role by identifying suspicious behaviours rather than relying solely on predefined signatures. By detecting anomalies in process behaviour, such as unauthorised file encryption, AI-based solutions can proactively thwart potential threats.
In security, the concept of defence in depth is paramount. This approach emphasises the importance of implementing multiple layers of security controls to create overlapping layers of protection. The more layers of defence you have in place, the more resilient your security posture becomes. Therefore, leveraging AI alongside other security measures within a defence-in-depth framework ensures a comprehensive and robust security posture in today’s evolving threat landscape.
Do you perceive this trend or market response as specific to India, or is it occurring more broadly?
India is undoubtedly digitally enabled and shows a growing awareness of digital security. However, compared to some other regions, India’s approach to security posture management may appear somewhat less assertive. While there is increasing awareness of security concerns, particularly regarding SaaS-based applications, India lags behind certain regions in the rapid adoption of security measures for such applications. Despite pockets of proactive security adoption within India, there remains a need for a more aggressive stance on security across the board.
What are the inhibitors or roadblocks preventing them from considering your solution or a similar one?
It’s not solely about selecting the right player or inhibiting certain actions; rather, the focus should be on raising awareness. There’s a critical need to educate enterprises about the necessity of securing cloud-based applications just as rigorously as any other applications. Once this awareness spreads and companies grasp the potential impact of inadequate protection, they’ll likely be more inclined to embrace appropriate measures. However, there remains a notable lack of awareness in certain areas, particularly in pockets within India. While progress is evident, India’s vast size means that adoption rates vary, with some regions experiencing slower uptake than others.
Which enterprise vertical do you anticipate leading the pack, with BFSI being a likely contender?
The BFSI (Banking, Financial Services, and Insurance) sector indeed leads the way in embracing cyber protection, particularly cybersecurity measures. This is primarily driven by the sector’s significant financial stakes, stringent regulatory requirements, and the potential for reputational damage resulting from any adversarial attack. Reputation loss is particularly critical in this industry due to the high level of trust that individuals place in financial institutions. Consequently, BFSI entities are swift and proactive in implementing cybersecurity techniques to safeguard their systems, data, and reputation.
How are you engaging with the partner ecosystem to capture the burgeoning market opportunities?
Our approach with partners operates on various levels, aiming to foster meaningful engagement and drive impactful conversations. This begins with raising awareness and enabling our partners through a structured process. We believe in empowering key individuals within partner organisations to effectively communicate and engage with their clientele. Our partner program is comprehensive, blending digital and offline elements to cater to diverse partner needs. Partners have access to our partner portal, where they can leverage on-demand and instructor-led training covering both sales and technical aspects of Acronis solutions. These trainings cover every facet of Acronis’s protection vectors, ensuring partners are well-equipped to address client needs.
Moreover, we boast a dedicated partner enablement team within our organisation, solely focused on empowering partners. Through cyclical partner evaluations and enablement initiatives, we continuously support and nurture our partner ecosystem.
In terms of go-to-market strategies, our approach is equally sophisticated. Partners can leverage our partner portal to launch email campaigns, share presentations, or distribute white papers to their clientele. They have access to campaign analytics, enabling them to track response rates and take informed actions. Our Content Manager provides partners with easy access to all necessary marketing collateral. Additionally, we offer market development funds (MDF) to support partners in their marketing endeavours and enhance their engagement with end customers.
Each committed partner in India is assigned a dedicated Partner Success Manager from Acronis, whose performance is directly tied to the growth and success of the partners they manage. Their primary focus is to ensure the success of our partners, as we view them as extensions of the Acronis family. As a partner-centric organisation, our overarching goal is to empower and support our partners at every step, ensuring their success translates into our collective success.
How large is your channel ecosystem in terms of numbers?
Currently, in India, we have close to 400 partners. However, it’s essential to understand that these partners, while categorised as Managed Security Service Providers (MSSPs), may also have other business interests such as networking or hosting. Therefore, while security constitutes a significant portion of their overall business, they may not exclusively be labelled as MSSPs.
Regarding onboarding new partners, it’s more of a strategic process rather than simply focusing on increasing the number of partners. We are mindful of the vastness of India and recognise the potential to expand our coverage across different regions. Our current strategy revolves around nurturing and growing the businesses of our existing partners. We work closely with them to support their growth initiatives.
However, we remain open to partnering with individuals or organisations that align with our vision and are eager to join our network. While growing our existing partner base is a priority, we also welcome new partnerships that complement our objectives and values. Ultimately, our primary focus, once a partner is onboarded, is to collaborate effectively to foster mutual growth and success.
What emerging tech trends do you anticipate disrupting the cybersecurity domain this year, and what direction has your organisation set in response? How can partners align with these initiatives to create a mutually beneficial proposition for Acronis and themselves?
We firmly believe that the traditional siloed approach to cybersecurity is evolving because it often falls short in effectively securing infrastructure due to its fragmented nature. Protecting your data by backing it up regularly is essential, yet it alone does not offer complete protection. In today’s landscape, where data is the lifeblood of businesses, even organisations with secure data backups remain vulnerable to attacks. Bad actors can exploit vulnerabilities, leading to reputational damage and financial loss.
To stay ahead of cyber threats, security measures must be proactive, reactive, and actively adaptive. It’s crucial for these different elements to work in synergy, providing holistic security. This integrated approach is why we term our solution “cyber protection.” Our goal is to offer a comprehensive solution where partners and customers need not look elsewhere for IT infrastructure protection. We’ve been aggressive in integrating various cybersecurity elements into our solution, including data backup, SaaS-based security, disaster recovery, data leak prevention (DLP), endpoint detection and response (EDR), among others. All these components are unified within a single console, ensuring seamless communication and cooperation.
Integration isn’t merely a commercial bundling of services; it’s about enabling these components to communicate effectively to enhance security. For instance, our “safe recovery” concept illustrates this integration. During data restoration from cloud backups, the security component automatically updates the backup image with the latest patches, ensuring that the restored data is fully secured. Such automation and integration are critical in addressing evolving cyber threats.