Key Cyber Security Initiatives for Indian Enterprises: Gartner
With the digitalization boom in India, more Indian enterprises are upgrading their security capabilities to make their enterprises more secure against the latest threats. Rajpreet Kaur, senior research analyst at Gartner, shared her insights about the latest cybersecurity attacks on Indian enterprises and steps to mitigate risks from the attacks.
Kaur believes that there has been a spike in targeted attacks including state sponsored attacks against Indian enterprises of all sizes not just the large ones. There is an increase in the following four attack vectors, including web application attacks, Distributed Denial of service (DDoS) attack, advanced malware attacks such as ransomware attacks such as WannaCry, Petya to name a few, as well as spear phishing attacks in the form of phishing emails.
“While enterprises are working towards deploying sophisticated technologies, they first need to get their basics right. The majority of cyber-attacks try to exploit an existing unpatched vulnerability and then move in the network using machine privileges. Before investing in new security tools, organizations should get their “3Ps” right: Patching, Privileges, and Passwords. Another grey area is poor detection and response capabilities, which needs a big improvement, explains Kaur.
However, she believes these attacks are still the same. However, with digitalization it has become easier to target Indian enterprises as the networks are expanding as opposed to the earlier closed networks. In such a scenario, security needs to evolve as business evolves, and so does the responsibility of the security team. Years ago the security team used to manage firewalls. Now they are looking after end point security, network security, security monitoring, analytics, forensic analysis and much more based on the network of the respective organization.
Kaur offers CXOs the following three critical steps to manage risk and security in the digital ecosystems. First, sit with the stake holders and ask them about the key risks to the business, categorize the risks into high, medium and low, and then tie it back to the organization’s cybersecurity key initiatives and finally, adapt and evolve the organization’s cybersecurity continuously.
- Do Indian Techies Stand Exposed To The Current Tech Evolution?
- Edge Computing Drives Internet Of Thing's Growth: Study
- Dell EMC Leads Server Market In Q4 2018, Says Gartner
- 5 Steps CISOs Can Implement to Enhance Customer Experience
- MoneyOnMobile Introduces Bharat Bill Payment
- Businesses Speed Up Adoption of Augmented Analytics Tools
- IT Should Focus On Business Results: IT Expert
- Travel Meets Technology To Redefine Customer Experience
- Top Enterprise Software Tech Trends So Far In 2018
- 10 Reasons That Make SMS A Powerful Marketing Tool