Topics In Demand
Notification
New

No notification found.

The importance of securing critical infrastructure
The importance of securing critical infrastructure

511

0

 

With mission-critical data moving to the cloud, the threat landscape has increased, cementing the urgent need for all-round security

About a decade ago, when cloud computing made inroads into the IT topology of organizations across the globe, the most popular style of adoption was to port the most data-intensive applications onto the public cloud, while retaining critical, user-centric data on-premise, on private clouds and sometimes even on physical servers. A typical example of this scenario was the BFSI industry which was regulated by tight compliance standards that required banking organizations to host customer data on-premise. As cloud computing evolved over the years, compliances matured and today, any organization across any industry is able to leverage the power of the cloud to host the most critical data, while ensuring business profitability and user centricity. Additionally, the adoption of new-age technologies like AI has enabled organizations to become more customer-centric by understanding the customer better, purely by their data interactions.

How IoT increases threat landscape

Today, a government-owned weather prediction system uses IoT sensors to capture real-time weather data, while industrial plants use sensors to flag process inconsistencies. The new Govt initiatives like smart cities, digital healthcare and digital ports use new technologies and sensors to modernize their operations. Similarly, in the energy and utilities sector, intelligent sensors are used to record usage trends and meet sustainability goals, both at the grid level as well as the customer premise. IoT and other related technologies are today enabling every industry under the sun to optimize their processes and unlock insights to streamline profits. But this comes at a cost.

Cyber attackers targeting business-critical data

Sensors are just one of the many aspects of modernization that has a close handshake with the cloud. With more and more critical data flowing in and out of the cloud, security is becoming a huge concern. Critical data moving out of the HQ onto the cloud provides unparalleled visibility and insights to the CIO, but also massively increases the threat landscape for cyber-attacks. Attackers are consistently planning to bring down critical infrastructure, causing systems to shut down, disrupting operations and stealing customer data. While the proliferation of IoT has massively cut-down manpower and operational costs, it has suddenly increased the threat landscape. In other words, critical data could earlier be stolen only from physical servers or closed clouds, but today, every IoT touchpoint is a potential target, and even a minor breach can have a ripple effect and compromise mission-critical data. The threat probability is so high that defence security organizations like NATO have started classifying cyber-attacks as an act of war at a country level.

Massive losses due to cyber attacks

According to the 2022 Thales Data Threat Report – Critical Infrastructure Edition, 79% of critical infrastructure business owners expressed concerns about security in a hybrid work environment, while almost half the respondents reported an increase in the volume and severity of cyber attacks in the last 12 months. Of this, the malware was the most common culprit but newer forms of data theft are keeping CIOs up at night, across the globe. What is more alarming is the fact that 62% of theft victims are said to only have deployed data encryption solutions, which have led to the loss of trust and migration of customers to competitors. The negative fallout of such an event is usually financial losses, followed by productivity losses, high recovery costs and loss of brand image. While governments, energy, finance and manufacturing sectors are global frontrunners at losses incurred by cyber-attacks, the more alarming trend of nation-to-nation cyber wars is slowly taking shape, keeping government security systems on their toes.

Need for visibility inside the network

Organizations need to have a detailed strategy to ensure that modernization doesn’t come at the cost of lapsed security. A basic step can be to have a detailed inventory of edge and core devices and ensure their optimal health. Additionally, identifying vulnerabilities and gaining visibility into smart devices and their role within the infrastructure can go a long way in ensuring security. Compliance-intensive industries can also attempt to maintain vulnerability-prone apps on segregated networks. But all of these are stop-gap solutions. In order to ensure long-term security against evolving threat dynamics, organizations require a multi-pronged approach to critical infrastructure security.

The role of a robust network security solution

A critical network infrastructure solution should follow the Modernize Scale Simplify Control methodology. This can be broken down into:

  • Modernizing your network with converged IP architectures to connect virtual data centres.
  • Scaling your network performance with modular, high density and efficient routing platforms.
  • Simplifying the process of network management and provisioning using automated solutions.
  • Controlling your network with intelligent end-to-end visibility solutions and routing products.

At every stage of this four-step process, organizations need to plug-in seamless security to ensure watertight protection. Together with this, runtime defence, encrypted transport of data packets, and DDoS protection can provide an additional layer of security during data transit. Finally, during the development stage itself, critical infrastructure must reduce design vulnerabilities, ensure a consistent security policy, and have an all-encompassing defence system.

While the proliferation of the cloud for mission-critical business provides the impetus for unimagined growth through customer-centricity, having the right security protocols at every touchpoint is paramount, to ensure sustained growth and customer trust.

 

 

Author:

Vijay Madiraju

Architect- Digital Transformation Office

India.

As part of the Digital Transformation office group, Vijay Madiraju drives the Digital Transformation solutions agenda for Cisco and helps customers define their digital journey and chart out the transformation roadmap in Transportation and Smart Communities.

 

 


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


Cisco Overview: (NASDAQ: CSCO) Cisco helps seize the opportunities of tomorrow by proving that amazing things can happen when you connect the unconnected. An integral part of our DNA is creating long-lasting customer partnerships, working together to identify our customers' needs and provide solutions that fuel their success. From networking and data center to collaboration and security, we design and develop solutions to meet every organization's needs. We have preserved this keen focus on solving business challenges since our founding in 1984. Len Bosack and wife Sandy Lerner, both working for Stanford University, wanted to email each other from their respective offices, but technological shortcomings did not allow such communication. A technology had to be invented to deal with disparate local area protocols, and as a result of solving their challenge, the multiprotocol router was born. Know More: https://newsroom.cisco.com/c/r/newsroom/en/us/company.html Discover us: www.cisco.in

© Copyright nasscom. All Rights Reserved.