How Vendors Can Help CXOs With Right Security Practices

by Sharda Tickoo    Aug 02, 2017

data breach

Several large companies today are under the purview of ransomware attacks, and the impact is only getting advanced with time. The entire cybercriminal world has been taken over and it seems like there is no end to it. What’s alarming is the fact that while enterprises across the world are spending more on cybersecurity each year, organizations are still not confident of their ability to sense, resist and respond to cyber threats.

Closer home, in India, our earlier reports stated that over 180 Indian companies were victims of Ransomware online extortion schemes in the first six months of the year 2016, causing a loss of whopping $3 billion.

The country lacks in cyber security initiatives on many aspects. Also, there are no dedicated cyber security laws as well as encryption laws and regulations in India. Vendors can play a major role in strengthening the cyber security law in India. Vendors can help in managing the cyber security problems, challenges and issues. There is urgent need for vendors to raise awareness on the subject and strengthen the critical infrastructure protection in India.

Across the globe, countries have woken up to the lingering threats of massive cyberattacks that cybercriminals propose to unleash in the near future, and India too seems to be on their radar. India has emerged as one of the top targeted nations by cyber criminals.

However, the laws do not seem to be stringent enough in India to deter cybercriminals from continually disrupting the current ecosystem. The inventive tools used by cyber criminals to hijack business dealings and steal valuable customer information are leading to business destruction in in both small and medium enterprises. With campaigns such as Digital India, and concepts such as Aadhaar, UID, and digital money gaining immense popularity, India is in the midst of a major digital revolution. However, as India steadily moves towards a digital future, we must be wary of the potential security risks which digitalization brings. With WannaCry bringing many nations to a standstill, and even as several new attacks are predicted in the immediate future, the country cannot afford to have a reactive approach to cyber security, and rather have well defined strategy in place for any future eventualities.

Firstly, the government should lay down basic security standards for devices and non-compliant businesses for not to operate. Secondly, many companies in India do not report breaches. This practice is to be done away with and reporting of breaches should be made mandatory. As the Government initiates the creation of digital highway and smart platforms, hackers will also take advantage of the same to break the walls. Online marketplaces will continue to be the prime target of cyber criminals. Hence, embedding security measures at every step is the need of the hour.

People are always the weakest link in the security architecture. A major part of hacking is not technical skills, but the skill of tricking human beings. Security is a shared responsibility of users of digital platforms and not a sole responsibility of the creators and protectors of the platform. Therefore, it is essential for users of the technology to watch their online behavior and rigorously follow certain Do’s and Don’ts to keep themselves protected from hackers and cyber criminals.

One, Use of good antivirus software is the foremost step towards defending oneself against cyber criminals. Second in line, yet a very significant move would be to befriend people online very carefully. Thirdly, creating separate email accounts for different purposes could prove to be helpful. Fourth, talking about online payment, it is important to note that, storing card details on websites could be dangerous. Therefore, taking a few extra seconds to feed in card details, when paying online, is a small price to pay for the entire security process. 

The last step would be to always be vigilant and aware to the fact that in most cases, an attack happens when we least expect it to happen and when the user is generally off-guard and complacent in his approach/attitude towards threat.

 [The author is Technical Head, Trend Micro, India]

[Disclaimer: The views expressed in this article are solely those of the authors and do not necessarily represent or reflect the views of Trivone Media Network's or that of CXOToday's.]