Be Ready to Deal with Se­cu­rity Breaches

Voice&Data - - COVER STORY - Me­hul Doshi

The In­ter­net is a vast space filled with net­works, lo­cal, global, pri­vate, and pub­lic, con­nect­ing de­vices all over the world, and highly sus­cep­ti­ble to at­tacks. This rapid pen­e­tra­tion of the In­ter­net in our lives is lead­ing to a sce­nario wherein we are dig­i­tally con­nected around the clock, with hu­man be­ings in­ter­act­ing more and more through ma­chines. With IoT serv­ing as a medium for this, fa­cil­i­tat­ing the com­mu­ni­ca­tion be­tween man and ma­chines, it also brings with it mul­ti­tudes of pos­si­ble se­cu­rity is­sues like that of iden­tity theft, hack­ing, and cy­ber threats.

In 2013, there were 10 bn things con­nected to the In­ter­net, and it is es­ti­mated that the num­ber will reach 40 bn by 2020, bring­ing with it an evolv­ing threat land­scape. Over the years, the BFSI sec­tor in par­tic­u­lar has be­come a tar­get of se­cu­rity breaches with DDoS at­tacks, mo­bile plat­form threats, ATM jack­pot­ting and per­sonal in­for­ma­tion theft be­com­ing ram­pant. An­them, the sec­ond-largest health in­surer in the US, took a big hit last year when a data se­cu­rity breach led to theft of per­sonal in­for­ma­tion of 78.7 mn cus­tomers, and cost the com­pany over $100 mn.

Here’s how th­ese se­cu­rity breaches can be dealt with:

Fix the loop­holes within the busi­ness:

In this past year it­self, over 93% of the large cor­po­ra­tions have faced ma­jor cy­ber breaches. Even the small busi­nesses are no longer safe as it af­fects the busi­ness. No one would be con­fi­dent about in­vest­ing in a busi­ness that has been hacked or faces a sim­i­lar threat. The first and fore­most pre-req­ui­site is hav­ing skilled se­cu­rity specialists who can aptly iso­late the threats and pre­vent it. This is im­per­a­tive as on a nor­mal ba­sis it can take a busi­ness roughly 9 months to iden­tify the vul­ner­a­bil­i­ties. Given the fact that BFSI is a bur­geon­ing sec­tor, there is a ma­jor hin­drance in terms of out­dated tech­nol­ogy. Es­pe­cially in In­dia, there is a hes­i­ta­tion to­wards adop­tion of new tech­nol­ogy.

All-round stock of in­for­ma­tion:

One of the main rea­sons why it may take an or­ga­ni­za­tion a long time to iden­tify a se­cu­rity breach could be be­cause of am­bi­gu­ity in terms of how vast the stored in­for­ma­tion is. A cru­cial step to­wards this di­rec­tion can be taken by mea­sur­ing the ex­tent of in­for­ma­tion an or­ga­ni­za­tion has, and cat­e­gorise it with re­gards to its his­tory and sen­si­tiv­ity. Once the fil­tra­tion is done, it can be fur­ther be scaled down by the de­gree of im­por­tance, re­tain­ing only what’s im­por­tant, rather than hoard­ing any­thing and ev­ery­thing. Lesser the amount of in­for­ma­tion stored, lesser the de­gree of vul­ner­a­bil­ity.

End user se­cu­rity:

In­vest­ing in end user se­cu­rity train­ing can be fruit­ful for a busi­ness as it will not only limit in­stances that could lead to a breach but also in­stil a sense of alert­ness in the em­ploy­ees to­wards spot­ting odd or ma­li­cious be­hav­iour. It will bring in a se­cu­rity minded en­vi­ron­ment. Over and above this, hav­ing a se­cu­rity plan in place will prove in­valu­able. In case of a breach, the or­ga­ni­za­tion will be able to con­tain it ef­fec­tively and come up with swift so­lu­tions. The ad­vance­ments in tech­nol­ogy has fa­cil­i­tated the in­flux of dig­i­tal records, mak­ing phys­i­cal records de­funct. Such a sce­nario fur­ther re-af­firms the im­por­tance of ex­ten­sive pass­word pro­tec­tion for all things in­volved.

The time has passed when cy­ber se­cu­rity was the lone headache of just the IT de­part­ment, it equally af­fects all branches of an or­ga­ni­za­tion. By start­ing a prac­tice of us­ing highly se­cure au­then­ti­ca­tion, not only can the num­ber of breaches be re­duced but it will also cut down the losses in­curred by the com­pany due to breaches. (The au­thor is Coun­try Head of Tech­nol­ogy, Server, Stor­age CCD & Dat­a­cen­ter So­lu­tions, Fu­jitsu In­dia) vndedit@cy­ber­me­

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.