Combating Emerging Threats: A New Approach
Ever since enterprises started deploying large networks and sharing data with internal and external stakeholders business risks have increased manifold. Initially organizations responded to threats by securing the perimeters of their networks, deploying Intrusion detection systems and by initiating various policy level preventive measures to protect their information assets.
However, over the years, attacks aimed at stealing information have gained in sophistication. Till very recentlyvulnerabilities existed primarily in three layers of enterprise infrastructure, namely the network, applications and the operating system. Now, with new technologies like mobility, cloud and social media paving way for an environment where boundary lines between information silos are thinning, the user is more vulnerable than ever. For instance, a user today can access his office e-mail on the same mobile device that houses various third party apps including social media. Also the same user is accessing multiple resources containing sensitive corporate information including databases and enterprise portals. In such a scenario he or she is in a position to compromise company data willingly or unwillingly.
That explains the numerous instances of phishing attacks and various Advanced Persistent Threats (APTs) we have been hearing so much about lately. To complicate matters, there is a flourishing industry out there on the Internet where unethical hackers and cyber criminals can go shopping for the tools of their trade. Consequently, it is much easier today for criminals to launch attacks on unsuspecting users. Various reports and studies project that the next year or two will see criminals launching a slew of highly sophisticated attacks in the form of mobile malware, data ransoming and social attacks.
With users being targeted, the problem that enterprises have to address is more internal than external. In my many interactions with CXOs, I learned that almost 80 per cent of the threats they face are internal and traditional approaches to Information security may not be adequate to address the emerging threat scenario.
The emerging threats, according to a security expert I recently interviewed, require organizations to transition to a new user-centric approach to Information Security. For starters, enterprises will have to put in place a system to comprehensively monitor users. This system should monitor every touch point, physical or digital, used by employees to access or create information. This will help organizations put together detailed behavioral profiles of employees as they can monitor both structured and unstructured data. He also recommends that organizations will have to build strong analytical capabilities. With new technologies and evolving information security systems enterprises can get granular data on users. Comparing and correlating regularly monitored user activity with database, application and network data, CISOs can detect any hidden threats that could that could be brewing within their organization.
In my view many Indian enterprises today are still not ready to embrace the approach we just discussed. While there is awareness about threats, very few organizations monitor user data to this extent or have detailed behavioral profiles of their employees. Analytics as a culture is also fairly new to Indian enterprises. Unless they change their approach to security and put in proactive systems that can mine threats in advance, they will continue to be sitting ducks for cyber criminals.
- Password Protected Wi-Fi Is Also Prone To Hacks: Study
- Brands Fail To Use Customer Data to Deliver Personalization: Study
- The 10 Best Companies For Women In India
- Delving Into The ABC Of Cyber Security
- Large-Scale IoT Projects Doubled In Last One Year: Study
- Weekly Rewind: Top 10 Stories On CXOToday (Oct 9-13)
- Tele-Health To Bolster Home Healthcare Services
- There's No Stopping The IoT Growth; Here's Why
- Third Party Digital Cos Will Generate Over $31 Bn This Year
- Paying Ransom Makes One More Susceptible To Attack: Report