Cybersecurity has emerged as a huge area of concern for businesses in today’s hyper-connected era, with cybercriminals finding newer ways to gain access and compromise sensitive business and customer data. Gartner predicts by 2020, 60% of digital businesses will suffer major service failures due to the inability of IT security teams to manage digital risk.
Earlier companies had to deal with a specific set of standards like HIPPA, SoC when it comes to data protection. These standards focus more on where data is stored and how it is transmitted. With the advent of regulations like GDPR, the focuses have shifted to data subject irrespective of where it is stored or transmitted. The data must always be secured and protected.
The endpoints capturing, processing the data has exploded with IoT, mobile, cloud. These endpoints don’t stay within the security perimeter of the company. These devices handle lots of data and mostly act as entry/exit point for data in most of the IT infrastructure. The combinations of mobile endpoints and the data they store is a risky combination for any business if not protected.
Some of the challenges include vulnerability to fake data generation, the potential presence of untrusted mappers, troubles of cryptographic protection, sensitive information mining, struggles of granular access control, data provenance difficulties and many more. It is imperative for an enterprise to carefully design their big data adoption plan with security at the forefront.
Businesses, both big and small, are facing newer risks and threats like DDoS, spear phishing, Petya ransomware, malware, application-specific hacks, and botnets. "These disruptions, however minor, pose a major threat to the reputation, finance, intellectual property and assets of an organization, impacting business operations and its KPIs. This has been seen over the last year in cases such as the WannaCry ransomware attack, and severe security breaches at Equifax, Deloitte, and the recent Singapore healthcare data breach. In fact, as per a study was done by Ponemon Institute, it was found that the total average cost of a breach cost $3.62 million in 2017.
These kinds of cyber-attack and advanced security incidents are stimulating organizations to protect data and combat security breaches by further strengthening their security standards. Organizations are adopting new policies and regulations to safeguard the brand from obstacles in business continuity, said Mushtaq Ahmad, CIO, CSS Corp.
According to Ritesh Gandotra, Director – Managed Document Services, Xerox India, the core issue is to identify and secure potential areas that could leak sensitive data. While the obvious ones are our IT systems – which are typically a focus for CISOs, our employees (knowingly or unknowingly) would be another vulnerability. It is also imperative to understand what proportion of your employees use public cloud services to store/exchange organization-specific data.
Safeguard your Organization From Ransomware Attacks
According to a recent study by IBM, data breaches cost the least in India with the lowest average total cost of $1.77 million. Also, it was highlighted that the notification costs for organizations in India were the lowest at $20,000. Moreover, India spent far less to resolve a malicious or criminal attack i.e. $76 per record.
Typical ransomware or data breach attacks are not a single day event but involve multiple phases like reconnaissance to understand the vulnerable entry points into an enterprise, the exploit that gives entry to the attackers, the lateral movement as the attacker moves to find lucrative data and exfiltration when they move the data out. "Enterprises should deploy network and host level protection that has tripwires that will trigger in each of these phases – such layered protection is the key to modern enterprise defence. Another strategy to employ is to move away from static rules of access to dynamic, risk-based authentication and authorization that will catch attackers even when they come in with correct, stolen credentials," added Pandurang Kamat - Chief Technologist & Associate CTO, Persistent Systems.
"Data breaches via social media networks have been on the rise over the last few years. We suggest users be extra careful and verify any third party websites connected through these networks. Always double check on sharing any personal data online space and stay away from malicious content,” Founder and CEO of MoMagic Technologies, Arun Gupta said,
“Website needs to have a strong and secured hosting, server and security. No corporate, especially in today's world can compromise on this as a significant investment in branding and business is done online. Apart from the reputation damage, companies have also lost sensitive customer data to hackers and have ended up paying the ransom to get it back,” Mr Gupta added.
With even global regulators heightening the focus around data protection (regulations like GDPR also known as European Data Protection Law), it is important for India to perceive that the threat around this domain needs to be addressed as a business risk rather than a mere reply to a technological difficulty. There are certain aspects that are important for an organization to keep in mind in order to keep their data safe and secure:
1. Data can only stay safe in an organization if an enterprise is aware of the data. Well-nourished data classification methods also play a vital role in ensuring the protection of an organization’s most sensitive data assets.
2. By assessing jeopardy and impact -- enterprises need to also ensure that the impact of international borders on data, vis-à-vis international vendors and cloud services, is handled with care.
3. By establishing a robust framework and policy in an organization.
4. An organization’s capabilities to monitor the risk-prone data by data management proactively is also one of the ways via which an organization’s data can stay protected.
5. Data handling and management should involve a holistic and universal approach, complete with legal, corporate, technical and human aspects.
According to a Basis Cisco 2018 Asia-Pacific Security Capabilities Benchmark Study, India faces one of the highest cyber security threats in the Asia-Pacific region with over 500,000 security alerts on a daily basis, which is nearly thrice the number of alerts faced by global companies. Further to the report, India leaves nearly 39% or approximately up to 200,000 alerts unattended due to lack of required skill sets. This was in line with its global peers in the APAC region who left half of the legitimate cyber threat alerts unattended. This presents a significant concern for the cybersecurity defenders who need to identify the genuine threats from a vast number of daily alerts.
According to Mushtaq Ahmad, organizations must go beyond regular principles and adopt unconventional security techniques to reduce risks of data breach and security attacks. The c-suite must take steps in the contextual adoption of emerging technologies like AI and real-time threat- intelligence to pre-empt threat detection. Not only that, real-time insights of daily operations and risks must be supervised through treat intelligence dashboards. Mining huge volumes of data and providing actionable suggestions, proactive penetration tests can also help to ensure the health of data networks and IT assets.
"At Xerox, both with respect to our technology and services, we believe in prevention of breaches. Besides the device and network communication level protection, our industry-leading partnerships are geared to resist code injunction (typical ransomware feature) using whitelisting which helps us at the technology level. We can even integrate with SIM/SEIM systems to bring the print environment under the purview of the overall security posture of an organization. From a services perspective, our print security audit services allows the organization to arrive at a baseline security level – and then highlight any deviations from the policy with some level of automated corrections," said Ritesh Gandotra.
Traditional approach alone (like signature-based antivirus and malware) will not be enough to protect against Ransomware. Companies will have to deploy AI & ML-based endpoint protection. This does not mean that the basic can be ignored. We still need to keep patching compliance, do multi-factor authentication, and implementation of audits with strict rules to follow those.