Licensed software as first line of defense
When it comes to network security and protecting the information in your business cyber transactions, licensed software act as the critical line of defense to identify cyber threats, who is doing what, where, and when, said Tarun Sawney, senior director at BSA| The Software Alliance.
In an interview over the DAILY TRIBUNE’s digital show Business Sense, Sawney said security cannot be left to chance, adding that licensed software is not just a matter of compliance but can address newly discovered vulnerabilities, ensuring users are equipped with the latest security measures against potential threats.
“Educating the organization is essential,” Sawney said. It is the duty of business owners to educate their employees and the whole organization that all information must be protected, be it public, internal, confidential, or even restricted. A good leadership is critical.”
He explained that unlicensed software creates a significant level of risk for organizations. These unauthorized programs often miss essential security updates, introducing potential system vulnerabilities that cybercriminals can exploit. Using unlicensed software exposes engineering and design firms to malware, ransomware, and other threats that compromise the integrity of their projects, expose their data, and disrupt their business operations.
Enforcing a zero-tolerance policy for unlicensed software is crucial for these organizations, requiring every member to understand the risks associated with illegal software use. At the same time, business
leaders must emphasize the role of licensed software in bolstering the organization’s cybersecurity defenses.
Leadership is critical
According to Sawney, over the past year, a concerning trend has persisted among the engineering and design sectors, in which the use of unlicensed software by large companies continues unabated.
Recent law enforcement actions across the region revealed that some of these companies are involved in designing and engineering critical public infrastructure projects.
“Every CEO and business leader in the engineering and design industry should make it a New Year’s resolution to manage their software assets carefully,” Sawney said. “Governments across the region are looking closely at the software used in public works projects, ensuring that all taxpayer-funded infrastructure projects are designed using only safe, secure, licensed
software.”
Unlicensed software is highly susceptible to malicious cyber threats, which are on the rise around the globe. In Southeast Asia, the cost of a data breach has reached an all-time high of more than $3 million in 2023, marking a six percent year-on-year increase.
With the onset of the new year, it’s imperative for businesses, particularly those engaged in critical infrastructure projects, to adopt best practices to combat the prevalent use of unlicensed software. In light of this, BSA has prepared a five-step plan to guide organizations in ensuring software compliance and boosting cybersecurity and safety.
Opting for reputable sources ensures that the software is not only genuine but also free from malicious added code or vulnerabilities that could compromise the security of an organization’s systems. Legitimate vendors adhere to industry standards, providing regular updates and support to enhance the software functionality and promptly address security issues.
Moreover, companies must aim to centralize their software procurement processes. By doing so, they can establish a standardized approach to vetting and acquiring software, reducing the risk of unintentionally using unauthorized or potentially harmful programs. This approach allows for better oversight, ensuring all software adheres to company policies, licensing requirements, and security standards.
One crucial aspect of effective asset management is conducting regular audits of software licenses. This involves maintaining accurate records and ensuring licenses are up to date. Failure to do so may result in legal consequences and financial penalties. This practice also helps to avoid under-licensing software, which could lead to unintended violations and compromise the integrity of the organization’s cybersecurity framework. Unsupported software can create opportunities for cybercriminals to exploit vulnerabilities.
Businesses should also realize that integrating AI into cybersecurity systems is now necessary. Since malicious actors increasingly leverage technology to scheme sophisticated cyber attacks, companies must keep pace with evolving threats by investing in AI-driven solutions. AI can be pivotal in analyzing emails and user behavior for potential threats, detecting suspicious sign-ins and user accounts, and enhancing authentication solutions. By embracing AI, organizations can fortify their defenses and proactively identify and counteract emerging cyber threats.
‘Every CEO and business leader in the engineering and design industry should make it a New Year’sYear’s resolution to manage their software assets carefully.’