Topics In Demand
Notification
New

No notification found.

Cyber Security – an Attacker view post-pandemic
Cyber Security – an Attacker view post-pandemic

January 7, 2022

359

0

We have entered an era of digital disruption, where commerce and industries are moving from traditional ways of working towards adopting more agile and flexible frameworks to stay competitive and relevant. This rapid adoption of technology further fueled by pandemic has led to increase in digital footprint and resulted in surge of organisation’s attacker-exposed assets (IT, OT-IOT).

Major challenge lies in lack of visibility, control, and skilled resources to secure growing asset landscape. With critical and personal data being utilised at multiple levels, evolving regulatory, compliance and business requirements add further to the complexities which are being exploited by attackers who are well ahead of the curve. They are equipped with the right tools, tactics and even sponsorships to compromise an environment which was traditionally considered secure. In fact, 68% of organisations experienced a cyber-attack that began from an unknown, unmanaged, or poorly managed company asset.

So, are we aligning our Cyber Security approach to meet the evolving threat trends? Are teams cyber aware and thinking of adept ways to prevent cyber-attacks? Unfortunately, the answer is No.

Top Reasons Why Cyber awareness & efficient Cyber security program needs to be a Priority for every organisation (post-pandemic)?

Cyber Security Awareness Month is more important than ever. Cyber-attacks are now occurring every 39 seconds. In fact, 64% of companies worldwide have experienced at least one form of cyber-attack, and perhaps more worrying is that 90% of all cyber-attacks are caused by human error. Such statistics highlight the ongoing threat that organisations face, and the need to ensure cyber security awareness and hygiene at all levels. Some of the key trends we observed were:

So, what should you do and how to make your organisation resilient against Cyberattacks?

Here’s how:

●        Focus on User awareness and Identity protection

Situational awareness has become an integral aspect for enhanced Cyber posture.

While people are true strength for any organisation, unfortunately they have become weakest link in case of cyber-attacks, which has been proven time and again. More than 75% of organisations around the world experienced some form of phishing attack in 2020, out of which 96% of these attacks were delivered through email.

Technology investment and sophisticated policies take a back seat if users are not cyber security aware. An effective Cyber posture can only be achieved through regular cyber security awareness trainings, phishing simulations customised for the business which will make cyber security more relatable. Also, to ensure security is enabled at all layers, focus of protection should be changed from devices to identities.

So, we all need to DO our part: #BeCyberSmart.

●        Secure by Design

You need to first review your existing environment to understand posture and then align cyber operations to it, ensuring, compliance at any given point in time. Defenders across the world are performing multifaceted cyber operations like ensuring compliance, keeping infra & applications updated, managing security controls, vulnerability assessment, monitoring events, cyber response, training etc. While practitioners attempt to win the asymmetric battle with cyber criminals, all the above tasks are done in silos with no Cyber fabric which can interweave the multiple operations and orchestrate the tasks as per the risk associated with it. In order to interweave this security fabric, we must follow Secure by Design enabling integrated cyber defense that allows various components to interact with each other with relevant information, which then can be utilised to enhance the security posture and provide required agility to respond.

Once you do the above, you can get a clear picture of what you need and make your organisation safer.

Wrapping Up

By now, you would have understood why cyber awareness and cyber security a priority is, you must have also read through some suggestions. But the hardest part is implementation. It requires a lot of time, resources, money, and whatnot. So, what should you do?

 

Author: Sidharth Sood is the Global Business Head


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.