Taking Guard
Enterprises are adopting an all-round cybersecurity approach to deter cyberattacks, keep data safe and meet regulatory compliances
Enterprises are adopting an all-round cybersecurity approach to deter cyberattacks, keep data safe and meet regulatory compliances
DEMONETISATION AND Covid-19 have led to a surge in digital payments in India, with such transactions almost tripling over the past four years. With the amount of financial data being generated every second, and the stringent Reserve Bank of India (RBI) guidelines financial institutions have to adhere to, banks have been investing and adopting measures to keep hackers at bay and protect client and consumer data.
For example, to strengthen its internal network from multiple attempted security breaches, one of India’s largest public sector banks deployed a centralised policy server architecture to fortify its systems from unauthorised access. It picked Hewlett Packard Enterprise’s Aruba ClearPass Policy Manager to secure access for its 260,000 internal users and their connected devices.
Not just banks, the need to have a holistic cybersecurity approach for businesses has become very crucial, given the soaring cyberattacks in Indian cyberspace. According to CERT-In, the national nodal agency that responds to computer security incidents, instances of cyberattacks in Indian cyberspace have gone up from 208,456 in 2018 to 1.15 million in 2020; this year, there have been 607,220 such incidents till June. The cost of a data breach has also increased. According to IBM’s Cost of a Data Breach Report, the average total cost of a data breach was `14 crore in 2020, an increase of 9.4 per cent from 2019; and the cost per lost or stolen record was `5,522, 10 per cent more than 2019.
“Over the past year and a half, of the incidents that have happened, the largest is a malware attack at the infrastructure level. Unless a company reports their systems are down, nobody comes to know about this. The second largest is customer data being compromised—data breaches, which have some level of disclosure. The third is fraud, which nobody gets to know about,” says Sivarama Krishnan, partner and leader, Cyber Security, PwC India.
Cybercriminals are actively looking for vulnerabilities and finding ways to infiltrate company networks. A large chunk of cyberattacks are categorised as data breaches with the intention to either seek a ransom, sell it on the dark net, introduce frauds at the application level, shut down a company’s infrastructure, or for corporate espionage. That’s why India’s cybersecurity market—valued at nearly `14,000 crore in 2019—is estimated to touch `29,000 crore in 2025, according to Statista. It’s no more about enterprises deploying security solutions but a combination of three aspects—prevention, detection and response.
PREVENTING A BREACH
The IBM report says that the majority of data breaches in 2020 were caused by malicious attacks (53 per cent), followed by system glitches (26 per cent) and human error (21 per cent). Among these, the weakest link, say experts, can be employees. “In over 90 per cent of the data breach cases, the starting point is an end user,” says Krishnan.
Cybercriminals spend a lot of time identifying a weak link to break into a corporate network. That’s reason enough for the increasing adoption of the zero-trust concept, which means that devices, users and applications shouldn’t be trusted by default, even if they’re connected to a network.
Microsoft follows this concept. It assumes that any access to a Microsoft corporate resource could be a potential security threat. Be it an employee, partner, or supplier, every user who needs to access the corporate network does so through accounts synced with Azure Active Directory, Microsoft’s cloud-based identity and access management service. “We manage a wide range of devices, including Windows, Mac, Linux, iOS and Android. Because weak endpoints, especially remote devices, can become beachheads for network infiltration, we recommend a modern endpoint management approach. They work on various device types and support remote management of devices for work-from-anywhere situations,” says Irina Ghose, executive director, Cloud Solutions, Microsoft India. She explains that Microsoft identifies missing patches and open vulnerabilities, and remedies them remotely, ensuring that the devices are safe and compliant before granting access to corporate services. This approach helped Microsoft move thousands of its devices off the corporate network after Covid-19 struck.
As insights from consumer data help transform businesses, companies need to safely store what they collect. But the growing volume, velocity, variety and value of data increases the risks of storing and sharing it. As businesses move towards multiple environments like cloud, edge, data centre, etc., end-to-end encryption becomes very important. “It is highly recommended to have end-to-end encryption built in, including email, messaging and storage—including cloud,” says N.S. Nanda Kishore, CEO, Novac Technology Solutions. Enterprises must have a proper business continuity plan and a backup mechanism with protection, he adds. Initially started as the technology arm of the Shriram Group, Novac provides cloud solutions such as secured access control, storage, and business continuity.
According to Ranganath Sadasiva, Chief Technology Officer, Hybrid IT, Hewlett Packard Enterprise (HPE), India, limiting security to firewalls is no longer enough. “Server infrastructure should be the strongest defence, armed with the latest security for servers and infrastructure security innovations to guard against and recover from security attacks.” To keep pace with new cyber threats and technology, HPE’s Aruba ClearPass Policy Manager performs discovery and profiling of end devices to determine who and what is connecting to the network, access to which resource should be given, and what action to take in response to a network threat, he explains.
Then there’s Cashify, an ecommerce platform to buy and sell used gadgets, which uses a combination of cloudbased solutions and tools developed in-house for its cybersecurity needs. “Our infrastructure has web firewalls and DDoS protection in place to prevent malicious traffic to disrupt our services. Our software/OS are periodically patched. The data is fully encrypted,” says Pankaj Agarwal, Vice-President-Engineering, Cashify. It uses Amazon Web Services’ Web Application Firewall (AWS WAF)—a cloud-managed service for firewalls—for all public access, while the infra is secured on a virtual private cloud.
PLAYING DETECTIVE
Over the past few years, enterprises have focussed on building a comprehensive data security solution, which usually involves different technologies, tools and processes, says Sripathi Jagannathan, head of data engineering, UST. “Tools for discovering, cataloguing, and managing data, tools that encrypt and tokenise data, access control solutions, endpoint threat detection and response products, and security policies, all have to be brought together when implementing a comprehensive data security solution,” he says. The US-headquartered company provides a comprehensive cybersecurity platform and mitigation services through its subsidiary, Cyberproof, which serves some of the world’s largest enterprises across industry verticals through proactive detection using continuous scanning, breach and attack simulations, and red teaming (playing the role of an enemy to provide security feedback).
Other than deploying solutions internally, Microsoft has also empowered its partners to build trust with customers through security offerings, including Microsoft 365 Lighthouse that proactively helps in managing risks and improving security by quickly identifying and acting on threats, anomalous sign-ins, and device compliance alerts. Other solutions such as Microsoft Defender, prevents, detects, and responds to threats, offering coverage across identities, endpoints, cloud apps, email and docs, infrastructure, and cloud platforms; Azure Defender helps protect multi-cloud and hybrid workloads, including virtual machines, SQL, storage, containers and more. And Microsoft 365 Defender delivers extended detection and response capabilities for identities, endpoints, cloud apps, email and documents.