CYBERSECURITY
Technology Supplements Boost
Banking Frontiers asked 5 BFSI technology experts about new approaches to improve information security in the light of growing attacks and frauds. We present their viewpoints in 4 parts spanning smarter approaches, emerging tools, updating process and people deployment.
Part 1
Intelligence as Force Multiplier
The risk and severity of cyberattacks have grown over the past few years. In fact, since 2018, organizations have witnessed the most horrific cases of cybercrimes related to massive data breaches, flaws in microchips, crypto jacking, and many more. The advancements of technology and the wide use of digital media are making attackers smarter by the day. Cybercriminals take advantage of individuals and f i r ms targeting everything from a newly launched blog to an established website to gain access to sensitive information. A report by Threat Horizon, 2019 reveals that in the coming years, organizations will face cyberthreats under 3 key themes. The first is disruption as cybercriminals will use ransomware to
hijack technology devices and the IOT. The second is distortion, which is the spread of misinformation by bots and automated sources will cause a compromise of trust in the integrity of information. And the third is deterioration resulting from rapid advances in smart technologies and conflicting demands posed by evolving national security that will negatively impact an enterprise’s ability to control information.
Says Pawan Chawla, CISO, Future Generali India Life Insurance: “We are seeing increased activity of cybercriminals and we are seeing sophisticated techniques used by them to circumvent traditional organizations’ security tools. Organizations also face enormous challenges in the light of covid and the displaced workforces.”
Sourabh Chatterjee, President & Head - IT, Web Sales & Travel, Bajaj Allianz General Insurance, maintains that it is a long-standing open secret that systems must be secure and most enterprises do not think of security as the first step. “Embedding security in the design of processes, architecture of solutions, and a part of daily operations is perhaps the most effective proactive measure for any enterprise. It is an active measure and the passive is protecting and detecting flaws, vulnerabilities in existing systems,” says he.
TECHNOLOGY ENVIRONMENT
One of the essential things required to improve the information security team’s efficiency is the skilling and reskilling of them. The other one is they need to have the right visibility to detect the anomalies in the technology environment that may trigger an incident and can be converted into a breach.
Kiran Belsekar, Chief Information Security Officer, Aegon Life Insurance, believes that if an organization uses DevOps or leverage cloud for innovation, then it can add security to the CI/CD pipeline and bring security to the left.
Sourabh says usage of artificial intelligence and machine learning increases the efficiency of information security teams. It also reduces manual tasks of detection and quarantine healing. Triaging critical incidents, hiring experts instead of generalists and correcting organization structure with proper developers instead of just auditors are all ways to boost the efficiency of information security teams, he avers.
ACTION NEEDED
Organizations need to understand manpower alone is not enough to cope with the ever-increasing number of cyberthreats. Security teams need to have a force multiplier to help maximize the use of their human intelligence and resources. Increasing efficiency requires 2 prospects: optimization of internal resources and an expert (internal/external) on hand to defend against the most advanced cyberthreats.
A force multiplier for operational security can be achieved through operational insight to obtain maximum resource value and gain a deep understanding of the current and desired level of security. Since one cannot be an expert to defend against the most advanced cyberattacks, there is need to involve a security expert.
Pawan recommends: “Identifying advance t h r e a t s a n d a u t o mat i n g intelligence responses and subscribing to various threat sources will help in detecting and protecting from the most advanced threats. One must automate correlation of data points using real-time threat intelligence for rapid identification and response. There is also need to empower the team through automation - automate actions that will help the security team to do more in less time.”
Even today, if the organization follows basic security hygiene, they can prevent most attacks on their networks. The easy way to achieve this is by ensuring that one follows in spirit industry best practices, systems hardening and patching and a robust access control policy.
Kalpesh Doshi, CISO, FIS Global, believes that the principle of least privilege, multi-factor authentication for any remote access to organization networks or applications, regularly assessing your environment for known vulnerabilities and fixing them before the bad guy exploits the same cam help organizations to counter vicious attacks.
“The fundamentals of security will remain the same, hence you need a leader to steer your organization in these challenging times. I strongly believe that CISO is a leadership role, you can be a great manager or be strong technically but you can still fail. Also, the board and especially the CEO must LOVE (Listen, Oblige, Value, Empower) their CISO function to build robust organization security for their organization” says Kalpesh.