The pandemic has brought on several unprecedented changes, the most prominent being the acceleration of digital transformation due to the proliferation of cashless transactions, zero contact communication, and other technology used to discourage physical contact. Digital transformation essentially created a virtual platform for any business process, which not only automated transactions but also created a repository of data. Organizations have moved physical assets into on-premises computer storage, private cloud, or hybrid models.
However, the digital ecosystem has many points of vulnerability increasing the attack surface, thereby giving rise to growing cybersecurity concerns. According to the annual IBM X-Force Threat Intelligence Index, India reported the second highest number of cyber-attacks after Japan in the Asia-Pacific region in 2020, accounting for 7 percent of all cyber-attacks observed in Asia in 2020.
Likewise, organizations have also incurred heavy financial losses due to disruptions and data breaches. A 2019 report by IBM revealed that cyberattacks cost India ₹12.8 crores on an average between July 2018 and April 2019. During the same period, the average cost globally of a data breach was ₹27 crore. Besides these financial losses, cyberattacks can and have caused huge dents in an organization’s overall brand value.
With digital adoption breaking ground, the corresponding cyber maturity must keep pace with the technological strides – greater exposure to cyber risks calls for a greater focus on cybersecurity.
Need for Cybersecurity
There is an increasing need for businesses to adopt a proactive cybersecurity strategy that encompasses everything and helps organizations protect sensitive data, personally identifiable information (PII), health information, intellectual property data, and governmental and industry information systems, from theft and damage attempted by cyber-criminals.
Organizations must observe a rigorous enforcement of security policies. This means ensuring and implementing adequate training and awareness on data protection, implementing appropriate security software and keeping it updated, ensuring data encryption, and backing up data regularly. Taking these steps can help organizations prevent data breaches. Continuous risk assessment, audits and data security testing as a parallel activity will also help organizations proactively identify and plug gaps, thus securing data.
Role of Zero Trust Model in minimizing threats
Adopting a zero-trust security architecture can also help manage cybersecurity incidents. Zero Trust is a security concept that requires all users, even those inside the organization’s enterprise network, to be authenticated, authorized, and continuously validate security configuration and posture, before being granted or keeping access to applications and data.
This multi-layer approach would entail new security protocols that every digital citizen should embrace, even if slightly inconvenient.
How SOC is contributing towards mitigating cyberattacks?
A Security Operations Centre (SOC) is a specialized central team focusing on protecting the digital assets of organizations. The team comprises cyber-security experts who continuously monitor and analyse the Information & Communication Technologies (ICT) infrastructure as well as the threat landscape. A combination of practices and tools can help assessment, prevention, detection and response to incidents on websites, application/database servers, networks among other systems.
Organizations can set up their own SOC or engage SOC service providers to manage the security of their digital infrastructure and systems. Managed service providers typically have a wider spectrum of security incident knowledgebase. A SOC equipped with appropriate cyber-security tools, provides 24×7 monitoring and analysis of activity and traffic across an organization’s networks, applications, databases, servers, and endpoints. It enables significant improvement in security preparedness by timely detection of and response to security incidents, by driving preventive and predictive actions.
Cybersecurity in the near future
The goal of cybersecurity is not just limited to protecting the ICT infrastructure, but also ensuring and protecting data that is stored on systems and endpoints connected to networks. Data privacy and security are major concerns that are seeing more regulation created, for example, GDPR (EU), PDP(India) etc. Compliance to these norms will require organizations to give due weightage to information security, which includes both cyber and data security aspects. With cybersecurity being a mainstream requirement of any organization, the need for cybersecurity professionals is also expected to grow.
With the next generation of cyberattacks being carried out with greater scale and sophistication, organizations, now more than ever, have a greater responsibility to protect people who have access to essential data. They need to employ the right people combined with the right processes and tools to defend against any attack or intrusion and mitigate threats irrespective of the source, attack type or time of day.
The author is IC Aiyappan Pillai, Senior Member IEEE and Founder, Congruent Services.