As most businesses – small or large – go online, there is no bigger fear than the fear of being hacked. A lot of large-scale hacks that have come to light lately, have shook the world. Since then, high-profile data breaches, hacks, state-sponsored cyberattacks, including those on the critical infrastructure, have become the order of the day. Not a day goes without reporting a data breach involving millions of records, personally identifiable information (PII) or a large financial fraud. According to analyst firm Gartner, the worldwide spending on information security was about $114 billion in 2018, is supposed to grow 8.7 percent ($124 billion) in 2019.
According to Rishi Rajpal, Director of Global Security, Concentrix, as more information becomes available online, the more loopholes it creates. Bad actors try to find the weak links to penetrate into the systems and orchestrate large-scale hacks. Whether it’s user IDs, passwords, or biometric records, everything is prone to hacking. Once the hacker is successful in accessing an account, everything is potentially compromised.
“The first question that anyone would ask is: So, why do businesses go online? The answer to that lies in two words: ‘user experience’. Real-time transactions give customers a great deal of convenience. Whether its shopping, banking, telephony, or any other service, customers today look for personalisation and almost instantaneous outcomes. This user experience and convenience comes at a cost. And that cost is collateral damage due to security failures,” says Rishi. Sometimes, the pace of business is such that security either gets neglected or is an afterthought. Any automation or digital transformation project, which is planned sans a robust cybersecurity input, is a recipe for disaster. Afterthoughts on security can be expensive, whether it is in the implementation of controls or the losses incurred if you are hacked.
The change in threat landscape is also due to the introduction of new technologies. For instance, cloud computing. No organisation these days can afford to ignore cloud due to factors such as flexibility, cost optimisation and agility. But at the same time, the threats for cloud are different from that of an on-premise model. Another example is Internet of Things. IoT devices are often ignored from security point of view and they now being used to cause DDoS attacks on organizations.
According to Rishi Rajpal, the Four Elements for a Robust Cybersecurity Posture, if followed diligently, can make a lot of difference to the overall security posture of an organisation.
Focus on Threat Intelligence: The adversaries possess enough of both financial and technology power today. And that’s where Threat Intelligence becomes critical for cybersecurity professionals. “However, unless you subscribe to professional threat intelligence feeds, you won’t be able to find the most obscure methods put to use by the people with malicious intent,” feels Rishi. A comprehensive threat intelligence helps in discovering the breaches faster and stop the adversaries advancing further at an early stage of attack. It is also helpful in determining the capabilities of attackers.
Put Email Security in Place: Talk of any of the recent high-profile hacks, Phishing emails lay a trap to extract personal information. “They are all aimed at stealing your passwords, account information, and other details enough to gain access to vital details. Thousands of phishing attacks are successfully launched every day. Therefore, a strong email security is key,” says Rishi.
Keep Monitoring the Dark Web: Dark Web is not new for security practitioners but its monitoring and utilising the information for the business benefits is catching attention because many large organisations, their vulnerabilities/exploits are being discussed on the dark web by the hackers. “Unless you monitor the dark web and know what is being discussed about you, you will have little inkling of what is wrong or can potentially go wrong for your company,” explains Rishi. Moreover, it Dark Web also provides a fresh perspective of how to handle threats.
Experiment with Artificial Intelligence/Machine Learning: In last few years, industry has seen a great deal of advancement in AI/ML technologies. Cybersecurity is a promising area for these technologies. When used with expertise, AI/ML can be a vital tool for cybersecurity teams to pursue a defense-in-depth approach. “These technologies can help automate routine tasks. For example, a well-trained algorithm can help find new malware as soon as it surfaces. But you need to have the right data sets, skilled staff, and domain experts to make these technologies work,” says Rishi.
Rishi feels in order to have a defense-in-depth, Infosec professionals need to move away from infrastructure-based security mindset and embrace a service-oriented security mindset. “Most of us have grown up implementing security for infrastructure like firewalls, routers, servers, etc. Considering that the threat landscape is changing rapidly as well as the pace of digitisation is very fast, we need to relate security to the services that a business offers. If you can figure out that connection, you will be able to secure everything that is of value. This calls for a holistic approach. A boxed approach will never be able to provide holistic security in today’s time. Retain your foundational aspects and add the flavours of new technologies to get the maximum benefit,” he concludes.