Spe­cial Fea­tures: Why busi­ness own­ers need to care about Cy­ber­se­cu­rity

In the last few years, re­ports on com­pa­nies be­ing vic­tims of cy­ber­at­tacks have been on the rise

PCQuest - - CONTENTS - By Gau­rav Ma­lik, Coun­try Di­rec­tor, In­dia, Lime­light Net­work

From the re­cent hack of the Stel­lar Lu­mens cryp­tocur­rency to the Petya cy­ber­at­tack that af­fected pharma gi­ant Merck and ship­ping con­glom­er­ate Maersk, cy­ber­at­tacks have brought var­i­ous com­pa­nies to their knees. For most busi­ness own­ers, these are re­mote threats that seem to wan­tonly strike other en­ti­ties; of which they con­sider them­selves to be un­likely tar­gets. How­ever, one thing is clear – with com­pa­nies like Ya­hoo, Sony, JP Mor­gan, Deloitte, Adobe, Sub­way, Google and Uber fac­ing data breaches, no com­pany can pre­sume to be safe. These high-pro­file at­tacks are just the tip of the ice­berg. The use of a va­ri­ety of tools and at­tack vec­tors – phish­ing, DDoS, and even AI – to com­pro­mise com­pany web­sites or datasets have changed cy­ber se­cu­rity par­a­digms. Com­pa­nies can no longer hope to pass under the radar – any com­pany with cus­tomer in­for­ma­tion is a po­ten­tial tar­get. Ac­cord­ing to ‘ The State of Cy­ber­se­cu­rity 2017’ sur­vey by Lime­light

2018 is an im­por­tant year for busi­nesses to in­vest in ex­per­tise and adopt com­pre­hen­sive se­cu­rity so­lu­tions. Given the dis­trib­uted na­ture of com­pany data in to­day’s cloud-ori­ented net­works, on-premise cy­ber­se­cu­rity so­lu­tions are just not ad­e­quate to safe­guard all of a com­pany’s se­cure in­for­ma­tion.

Net­works, over 90% of con­sumers in South East Asia check if a web­site has been com­pro­mised in the past be­fore trans­act­ing on it . This has im­pli­ca­tions for com­pa­nies, re­veal­ing that they need to work to­ward pre­vent­ing data breaches to ul­ti­mately se­cure cus­tomer con­fi­dence.

There are two dis­tinct rea­sons why al­most all com­pa­nies have be­come more vul­ner­a­ble in to­day’s dig­i­tal age than be­fore. Firstly, com­pa­nies to­day col­lect a much larger set of cus­tomer data, which range from the ir­rel­e­vant to the ex­tremely per­sonal or cru­cial. Web­sites, ap­pli­ca­tions, and so­cial me­dia net­works con­stantly col­lect per­son­ally iden­ti­fi­able in­for­ma­tion (PII) and make it avail­able for anal­y­sis. This makes data repos­i­to­ries of com­pa­nies ex­tremely lu­cra­tive tar­gets for cy­ber­at­tacks. Busi­nesses need to know that con­sumers are ex­tremely con­cerned about their data and pri­vacy on­line, with the re­port also re­veal­ing that over 75% of con­sumers are con­cerned about hav­ing their per­sonal in­for­ma­tion leaked on­line. As such, they need to ad­dress these cy­ber­se­cu­rity con­cerns ef­fec­tively, and com­mu­ni­cate to their cus­tomers about these ef­fort­sto as­suage their fears.

Sec­ondly, com­pa­nies op­er­at­ing in the dig­i­tal arena are now con­nected on an in­creas­ing num­ber of net­works, re­sult­ing in more at­tack vec­tors and vul­ner­a­bil­i­ties added to their sys­tems. Of­ten, the breach of com­pany data might oc­cur due to on­line ser­vice providers. For ex­am­ple, Uber and Ac­cen­ture suf­fered from data breaches re­lated to leaks in their cloud data.

A breach in cus­tomer data, even if not the com­pany’s fault, can have dis­as­trous ef­fects. This in­cludes a material rev­enue im­pact to be­ing hacked, apart from the costs of deal­ing with a breach. Ac­cord­ing to the Ponemon In­sti­tute’s study on the cost of data breaches, the aver­age data breach costs com­pa­nies USD 3.62 mil­lion. With in­creas­ing gov­ern­ment over- sight and the new EU Gen­eral Data Pro­tec­tion Reg­u­la­tions com­ing into force in May 2018, com­pa­nies will be legally ob­li­gated to pro­tect cus­tomer data for EU cit­i­zens.

Thus, 2018 is an im­por­tant year for busi­nesses to in­vest in ex­per­tise and adopt com­pre­hen­sive se­cu­rity so­lu­tions. Given the dis­trib­uted na­ture of com­pany data in to­day’s cloud- ori­ented net­works, on-premise cy­ber­se­cu­rity so­lu­tions are just not ad­e­quate to safe­guard all of a com­pany’s se­cure in­for­ma­tion. Cloud­based cy­ber­se­cu­rity so­lu­tions, fire­walls for on­line plat­forms, se­cu­rity ap­pli­ca­tions to pre­vent data loss, and strong in-house tal­ent are all the build­ing blocks of a strong ‘cy­ber­se­cu­rity stack’ which can help pro­tect cus­tomer data from a va­ri­ety of dif­fer­ent vec­tors.

In spite of these clear in­cen­tives to pre­vent breaches, com­pa­nies con­tinue to re­main vul­ner­a­ble to cy­ber­at­tacks. This could be a re­sult of lack­ing the re­sources – hu­man or mon­e­tary – to de­ploy a com­pre­hen­sive cy­ber­se­cu­rity sys­tem.

None­the­less, with the grow­ing so­phis­ti­ca­tion of cy­ber at­tacks, any com­pany could be the next to make head­lines for fall­ing prey to a data breach. It is thus im­per­a­tive for com­pa­nies to pri­ori­tise pro­tect­ing their busi­nesses. Spend­ing on cy­ber­se­cu­rity so­lu­tions, through spe­cialised providers that of­fer af­ford­able end-to- end ser­vices, will prove to be a wor­thy in­vest­ment in an age of un­cer­tainty.

GAU­RAV MA­LIK, Coun­try Di­rec­tor, In­dia Lime­light Net­work

Newspapers in English

Newspapers from India

© PressReader. All rights reserved.