Cybersecurity Month - IT Leaders Speak

October is being observed as a Cybersecurity month. Cybersecurity is a crucial issue as many security companies bring out many solutions in the market. However, cyberattacks are always ahead of the security solutions. This is like a never-ending game. On this issue, some IT leaders have sent their comments to DQ Channels, which are listed below -

“The security environment is ever evolving. Since malware strains continue to emerge every day,  organisations have to do more than just maintain their defenses. Even the largest companies have fallen victim to cyber-attacks because it is almost impossible to keep pace with the relentless horde of attackers. 

The only way to counter an army of attackers is to have an army of your own - a service that can protect data, proactively identify, alert and respond to problems, and prepare you for full recovery. For this, businesses should adopt cloud enabled protection systems with fully automated and non-disruptive infrastructure updates. 

Second, you need a cross-organisation plan. Security, IT, legal, and executive management must work together to respond to a ransomware attack. Unfortunately, most organizations are depending on a decade-old disaster recovery plan they have never tested. 

There is no better time than now to evaluate your current protection strategies than Cybersecurity Awareness Month. A strategy that is flexible, adaptable, ever evolving and robust is the best route to business continuity, regardless of any threats.”

-- By W Curtis Preston, Chief Technical Evangelist, Druva

“Cybercriminals frequently morph their attack methods to stay under the radar of existing cyber defenses deployed by organizations. Every newly discovered software vulnerability or unguarded asset on an enterprise network presents an opportunity for attackers to infiltrate. To counter this, security teams require a thorough knowledge of how the sophisticated threat actors operate, and accordingly evolve their detection, analysis, and response workflows. They also need to maintain complete visibility and control over their entire attack surface to ensure no loopholes exist in their defensive measures. This means smarter decision-making for SecOps can be enabled by strategic and tactical threat intelligence, along with threat visibility and real-time situational awareness to bring about positive security outcomes.

In modern SecOps, there is a deluge of threat data that security teams need to ingest, process, and analyse in order to uncover hidden threats. Without the use of automation, it becomes humanly impossible to contextualize, prioritise and operate this immense flow of threat alerts and intelligence from both internal and external sources. Therefore, to make meaningful strides toward achieving their objectives, security teams must look to orchestrate and automate their threat data collection, processing, analysis, and auctioning. Security automation also multiplies the efficiency of security processes and enables proactive defense through automated last-mile threat intelligence delivery and operationalization. Moreover, it is crucial to eliminate silos and bottlenecks in SecOps by integrating diverse functions through Cyber Fusion and advanced Security Orchestration, Automation, and Response (SOAR) for end-to-end threat response and management across cloud and on-premise environments. Above all, organizations across sectors must recognize that they face many shared challenges when it comes to cybersecurity. To pave the way towards a secure cyberspace for all, organizations across the spectrum must participate in collaborative efforts such as cross-sectorial threat intelligence sharing and coordinated threat response for collective defense against all critical threats.”

-- By Akshat Jain, Co-founder and CTO, Cyware

"As digital infrastructures continue to evolve, access points are increasing. The security models recognize that as long as there’s inherent trust or human intervention, there is the potential for security issues. That’s why the industry is taking notice of how a zero-trust security approach would complement technological advances and how digital businesses accelerate. Adopting a risk-based, identity-centric approach provides the needed security foundation. As security teams face the constant barrage of cyber threats, security automation is shaping up to be an answer to efficiently handling common phishing, insider risks, and other alerts. Zero trust and zero touch are the potential security models for the evolving security challenges in the future."

-- By Nandita Bery, Director of Awareness and Education, Infosec Team, Equinix 

"The security environment is ever-evolving. New malware strains continue to emerge every day, so cyber preparedness should be a top priority. Enterprise-wide rapid digitalization has increased both the impact and likelihood of security attacks. Of particular concern is the scourge of ransomware. As the number of applications, environments, and endpoints multiplies, data protection and data resiliency efforts must be centralized. For these businesses need to adopt cloud enabled protection systems with fully automated and non-disruptive infrastructure updates.  A solution built in the cloud will actively protect backup data, monitor for attacks, and prepare you for full recovery."

To mitigate threats, enterprises can operate as a Zero-Trust Network and take a data-centric approach. To build such a network, security controls should be as close to the data as possible.  Under the Zero-Trust model, the administrator specifies a set of rules to enumerate permitted activities, and the software will evaluate every activity against that set of rules to determine whether it is on the ‘Allowed’ list. If it is not, the activity gets blocked.

Organisations should also employ multi-factor authentication for administrative and data access, as well as use encryption for data at rest, and in flight. Additionally, monitoring and logging all access to data can go a long way in improving security across networks. It is advisable for enterprises to work along with technical consultants to implement a robust data protection methodology across on-prem and cloud environments."

-- By Shuja Mirza, Director, Solutions Engineering, NetApp India & SAARC

In order to address the vulnerabilities and overcome the constantly evolving threats, organisations need to modify their controls and user training to address the risks associated with cloud technologies. They need to carry out a thorough risk assessment, document and review all the potential risks identified. To deal with the issue of sophisticated cybercriminal activities, security systems need to anticipate attacks, respond and mitigate it timely. The existing security controls need to be enhanced through new-age technologies such as Zero Trust, data leakage detection technologies that are more focused towards end-user computing devices, to regulate and monitor access to cloud infrastructure and solutions. Employee lapses remain a significant cause for breaches, and perimeter and encryption defenses aren’t enough anymore, hence, proactive defence on the organisation’s part is a key solution.”

-- By Satya Machiraju, VP, Information Security, Whatfix

"Cyber-security should be woven into the digital fabric so as to achieve a state of “security by design”. Timely detection of intrusions is a crucial element of every comprehensive cybersecurity strategy. The earlier an organization can detect an attack, the less impact it will have on the business and the easier it will be to resolve. Organizations should understand their own data assets and have absolute visibility and security capabilities for protection such as by maintaining a register of processing activities. Without centralized visibility, organizations risk leaving a back door open and falling victim to significant attacks or ransomware often via illegal access to their networks through stolen credentials."

-- By Nitin Varma, MD, India & SAARC, CrowdStrike India

“The rising adoption of the cloud brings forth new challenges; CISOs are faced with siloed data from disconnected products, understaffed teams dealing with alert overload, and diverse compliance and data protection regulations. These new and more complex challenges are further escalated with the expanding attack surface. The mantra for tackling these threats is to begin by increasing the organisation’s visibility across your IT environment—which will allow you to track the attack surface efficiently. Moreover, timely assessment of these threats will help in mitigating risk by deploying the appropriate solutions.  Strategies such as XDR, zero-trust framework, targeted approach for APT’s, dynamic attack surface management, and deploying a unified cybersecurity platform, can help bolster your IT infrastructure and help make cybersecurity a business enabler for your organisation.”

-- By Vijendra Katiyar, Country Manager, India & SAARC, Trend Micro

Read more IT news here

Read products news here