Cyber Security: Are IT managers ready to tackle the issue?

Cybersecurity issues
India is gradually emerging as a potential target for security breaches, says Shibu Paul, regional sales director – India, ME and SEA, Array Networks.

The surge in Internet penetration combined with adoption of online banking makes cashless transactions a norm today. These factors make India a lucrative target for hackers today. So far, India has been spared from major security issues. Sooner or later, IT managers have to deal with attacks and data breaches.

The volume of cyber-attacks and complexities has grown across industries. According to a recent KPMG Cybercrime Survey, over 89% respondents comprising of CIOs/CISOs from Indian companies acknowledge that cybercrime is a major threat to their organizations. Among them, about 51 per cent perceive themselves to be an easy target for cyber attacks due to the nature of their business.

Even the most established large companies haven’t been spared from the wrath of these attackers. Take the recent case of Sony Pictures, for instance, where their private emails were publicized to the world. Because of this, the company lost a huge amount of valuable data as the attackers systematically wiped servers off information. The issues got out of hand as the company had no idea how to respond to the crisis.

Such incidents show the vulnerability of our organizations and emphasize why it is becoming increasingly critical for IT managers to prepare themselves for such eventualities.

Attacks are becoming more fierce and damaging

If we carefully analyze some of the recent hacking incidents, we will realize that the motives of cyber attackers have also undergone a change. And so have their methods of operation and hacking styles. Earlier the attacks were either meant just for fun or to achieve some financial gains. But now the attacks are more carefully planned and executed, with more serious motives in mind. Some of the recent attacks on government data and internal records were clearly politically motivated while the ones on large corporations might have been planted by their competitors for business mileage.

Most IT managers tend to believe that they are adequately protected against cyber threats but the fact is that hackers keep coming up with innovative ideas and newer technologies to manipulate and steal your critical data. Just over a year ago, a security flaw was recognized in OpenSSL. Heartbleed, a serious vulnerability in OpenSSL created chaos amongst many companies. Heartbleed enabled hackers to steal and read encrypted information including usernames and passwords from servers that are considered secure. Organizations should have the capability of anticipating such threats well in time.

More devices create greater vulnerabilities

The sudden increase in number of devices connected to the corporate network has also increased the vulnerabilities. According to a survey, businesses will comprise of 23.3 billion IoT devices by 2019 which will be connected across all sectors. With this, companies will be exposed to higher threats and data breaches. They need to develop an effective model that can control the threat and lower the risk of cyber-attacks.

IT managers have to keep track of multiple endpoints and ensure complete security all through the network. This calls for more stringent security policies and more proactive security solutions that can help IT managers anticipate attacks, and enable them to respond to unexpected security breaches while minimizing the damage.

Need for advanced protection tools and security solutions

As attacks get more sophisticated and hackers get clever in their tactics, enterprises must deploy next-generation security solutions to detect and block threats at the application level. IT managers can also deploy multi-factor authentication solutions to encounter the increasing incidents of data breaches and cyber-attacks. This will in turn add new security levels in enterprises and help the customers deal with security threats. Such solutions can help eliminate or mitigate a wide variety of attacks such as key logging, shoulder surfing, brute force and dictionary attacks. Also, they can deploy few endpoint security solutions along with advanced threat protection solution which can provide immediate protection to all the connected devices.

Adopt a proactive and integrated approach to security management

Enterprises should invest in quality technical tools which are capable of detecting and blocking attacks before they can cause any serious damage. Timely alerts from employees, proactive security measures and stringent access and control mechanisms should be all a part of an integrated security policy of any organization. Leveraging security analytics and cyber intelligence within security programs will also help managers to respond quickly to cyber-threats. The integrated approach of cyber intelligence, security operations and incident response will help enterprises to detect and respond to a breach quickly even before any real damage occurs.

By Shibu Paul, regional sales director – India, ME and SEA, Array Networks
[email protected]