That cybersecurity is becoming more complex and sophisticated now sounds like a cliché. Today, news about cyberattacks triggers tremendous anxiety for both cybersecurity experts and common citizens in an information society.
Against this backdrop so what can Indian businesses do to insulate themselves from cyber security threats? Deepak Singh, Editor, CIO AXIS, talked to Amit Jaju, Senior Managing Director, Ankura Consulting Group (India)
to know more.
Q.1: What are the main types of security breaches that Indian enterprises should look out for in the remaining part of 2023? What are the latest developments in the area of Ransomware attacks?
Amit Jaju: In 2023, Indian enterprises need to be vigilant about various security breaches such as phishing attacks, malware, and ransomware. Cybercriminals are increasingly targeting enterprises with sophisticated techniques, and hence, it is important for businesses to stay updated on the latest security trends. In recent times, ransomware attacks have become more prevalent and advanced, targeting not just large enterprises but also small and medium-sized businesses. The latest developments in ransomware attacks involve double extortion, wherein attackers not only encrypt data but also threaten to leak sensitive information if the ransom isn’t paid. Hackers are also timing their attacks with precision based on triggers such as a news event, new investments, financial results etc. There’s also an increase in ransomware-as-a-service (RaaS), making it easier for criminals to launch attacks without much technical expertise. These attacks can cause significant damage to a company’s reputation and finances.
Therefore, it is crucial for Indian enterprises to invest in advanced security solutions, including endpoint detection and response (EDR), threat intelligence, and incident response, to mitigate the risks of cyberattacks. It is also important to train employees on basic security practices and maintain a strong cybersecurity culture within the organization.
Q.2: How are the Indian CIOs and CISOs dealing with cybersecurity challenges and how they are modernizing their IT security to increase their digital resilience?
Amit Jaju: Indian CIOs and CISOs are recognizing the importance of cybersecurity and are increasingly taking proactive measures to enhance their digital resilience. They are adopting modern security solutions that leverage artificial intelligence (AI) and machine learning (ML) technologies to detect and respond to cyber threats in real-time.
Additionally, CIOs and CISOs are also investing in employee training and awareness programs to ensure that their workforce is equipped to handle cyber threats. There is a focus on modernizing IT infrastructure by migrating to cloud-based platforms and implementing a Zero Trust security model. By adopting these measures, Indian enterprises can ensure that their IT systems are resilient and protected from cyber threats.
Q.3: What are the critical component phases of the cyber resilience cycle? How can businesses in India build a robust & strong cyber resilience strategy?
Amit Jaju: The critical component phases of the cyber resilience cycle are Prevention, Detection, Response, and Recovery. To build a robust and strong cyber resilience strategy, Indian businesses need to adopt a holistic approach that addresses all these phases.
• Prevention involves implementing security controls to prevent cyberattacks.
• Detection involves detecting and identifying cyber threats and potential breaches.
• Response involves containing and mitigating the impact of the cyberattack.
• Recovery involves restoring normal business operations after an attack.
To implement these phases effectively, businesses need to conduct regular risk assessments and vulnerability scans, implement multi-factor authentication, and establish an incident response plan. It is also essential to collaborate with external cybersecurity experts and partners to enhance the organization’s cybersecurity posture.
Q.4: XDR, Zero Trust, cloud: where should CISOs spend in 2023?
Amit Jaju: In 2023, CISOs should prioritize investments in XDR, Zero Trust, cloud security as well as Disaster recovery.
XDR (Extended Detection and Response) is a comprehensive security solution that enables CISOs to detect and respond to cyber threats across multiple endpoints. Zero Trust is a security model that requires every user and device to be authenticated and authorized before accessing sensitive information. This model reduces the risk of data breaches and unauthorized access. Cloud security is also critical as more organizations are moving their operations to the cloud. Cloud security solutions include cloud access security brokers (CASB) and cloud security posture management (CSPM) solutions. Combined with these, investing into Disaster Recovery solutions will ensure secure and multi-layered backup strategies to recover from data loss or incidents such as Ransomware.
By investing in these technologies, CISOs can enhance their organization’s cybersecurity posture and ensure that their IT systems are protected against cyber threats.
Q.5: Delineate some ways to improve cybersecurity and resilience in workplaces with hybrid work continuing to gain traction.
Amit Jaju: As hybrid work becomes more prevalent, businesses in India need to take steps to improve cybersecurity and resilience in their workplaces. To improve cybersecurity and resilience in hybrid workplaces, enterprise should consider the following:
a) Implement strong access controls and multi-factor authentication (MFA)
b) Regularly update and patch software and hardware to mitigate vulnerabilities
c) Ensure secure remote access to corporate resources via VPNs or zero-trust solutions
d) Educate employees about phishing attacks and social engineering techniques
e) Monitor and manage employee devices to ensure compliance with security policies and incident event reporting
Another way is to provide cybersecurity training and awareness programs for employees. This will ensure that they understand the risks associated with their work and are equipped with the necessary skills to mitigate those risks. Lastly, businesses should adopt a proactive approach to cybersecurity by conducting regular risk assessments and testing their incident response plans.