Many businesses lack holistic it security practices to deal with advanced threats

Which are the key sectors that are most attacked in terms of percentage and do you see a significant increase in the number of attacks?

The Indian technology landscape is witnessing a dynamic shift with the influx of digitization, mobility, and IoT making most industries a potential target for cyber criminals. According to Symantec’s Internet Security Threat Report Vol. 20 in 2014, despite stepping up their information security measures, over 60% of targeted attacks in India were focused on large enterprises. Also, we saw an increase in the number of targeted attacks on businesses dealing with critical infrastructure, including industries such as financial services (17.1%; up from 11.1% in 2013), non-traditional services (40.5%; up from 39.92% on 2013), and transport and communications (4.4%; up

from 0.8% in 2013). Additionally, sectors like mining that includes oil and gas exploration, were preferred by attackers of all types as they received the highest number of phishing mails and second highest number of virus bearing emails in 2014.

What are the common/new tricks which hackers usually adopt?

Cyber criminals are known to deploy newer tactics in order to lure victims for financial or other gains. According to the findings of our report, attackers are constantly streamlining and upgrading their techniques, while companies struggle to fight old tactics. Additionally, in a record-setting year for zero-day vulnerabilities, Symantec research reveals that it took software companies an average of 59 days to create and roll out patches—up from only four days in 2013. Globally, advanced attackers continued to breach networks with highly-targeted spearphishing attacks, which increased a total of 8% in 2014. What makes last year particularly interesting is the precision of these attacks which used 20% fewer emails to successfully reach their targets and incorporated more drive-by malware downloads and other web-based exploits.

Attackers also used tactics such as using stolen email accounts from one corporate victim to spearphish other victims, take advantage of companies’ management tools and procedures to move stolen IP around the corporate network before exfiltration, and building custom attack software inside the network of their victims to further disguise their activities. While email remains a significant attack vector for cyber criminals in India, they continue to experiment with newer attack methods such as social media scams and ransomware attacks across mobile devices and social networks to reach more people, with less effort.

Where do you see significant numbers of attacks happening—

in large companies or small ones?

According to our Internet Security Threat Report, almost no company, whether large or small, is immune from targeted attacks. However, across sectors, smaller businesses (fewer than 500 employees) pose as attractive targets since they often lack adequate security practices and resources. Nearly 34% of targeted attacks were aimed at smaller businesses in 2014. Owing to the presence that smaller businesses have in the global digital supply chain, attackers often choose to breach the lesser defenses of a small business that has a business relationship with a larger company. A similar trend is seen in India, where smaller businesses received the highest phishing and virus-bearing emails—almost twice as much as the larger targets.

What are the major security gaps you see in today’s enterprise? How can these gaps be bridged?

Currently, many businesses lack holistic IT security practices and technologies to deal with the new set of challenges posed by the advanced threats we’re seeing today.

These threats make it important for CIOs, CxOs to understand their business and how security can be built into their IT practices to effectively manage the ecosystem. IT departments are still left grappling with massive amounts of incidents, too many false positives and a laundry list of manual processes to be tackled with, leaving organizations exposed and vulnerable. Customers today want unified security—security that’s multi-tier, multi-layered, integrated, and automated—all delivered as a service; where organizations can deploy security measures across all control points working together, with incident response capabilities and global information intelligence, to beat the bad guys.

What are the tips for CIOs to secure their networks?

As attacks persist and evolve, there are many steps enterprises and CIOs can take to ensure their networks are protected. As a starting point, below are the recommended best practices:

Watch out for indicators of compromise: Use advanced threat intelligence solutions to help you find indicators of compromise and respond faster to incidents.

Employ a strong security posture: Implement multilayered end-point security, network security, encryption, strong authentication, and reputation-based technologies. Partner with a managed security service provider to extend your IT team.

Prepare for the worst: Incident management ensures your security framework is optimized, measurable and repeatable, and that in turn improves your security posture. Consider adding a retainer with a third-party expert to help manage crises.

Provide ongoing education and training: Establish guidelines and company policies and procedures for protecting sensitive data on personal and corporate devices.

Regularly assess internal investigation teams and run practice drills to ensure you have the skills necessary to effectively combat cyber threats.

Do you see growth in security budgets in enterprises?

The information security space in India in the past couple of decades has seen a significant change as cyber attacks have got more complex and sophisticated. At the same time, businesses too have realized the importance of cybersecurity. Securing critical assets like data, intellectual property, and customer credentials is one of the biggest responsibilities for any enterprise—more importantly due to the growing number of high-profile security breaches. Cybersecurity is no longer an issue that concerns only IT and security professionals, but is also an important topic for boardroom discussions. Therefore,

CIOs have started focusing on security as a top IT priority. However, depending on factors such as the vertical, their business and their compliance requirements, etc, the security solutions and IT budgets allocated across companies will vary.