Key Cyber Security Initiatives for Indian Enterprises: Gartner
With the digitalization boom in India, more Indian enterprises are upgrading their security capabilities to make their enterprises more secure against the latest threats. Rajpreet Kaur, senior research analyst at Gartner, shared her insights about the latest cybersecurity attacks on Indian enterprises and steps to mitigate risks from the attacks.
Kaur believes that there has been a spike in targeted attacks including state sponsored attacks against Indian enterprises of all sizes not just the large ones. There is an increase in the following four attack vectors, including web application attacks, Distributed Denial of service (DDoS) attack, advanced malware attacks such as ransomware attacks such as WannaCry, Petya to name a few, as well as spear phishing attacks in the form of phishing emails.
“While enterprises are working towards deploying sophisticated technologies, they first need to get their basics right. The majority of cyber-attacks try to exploit an existing unpatched vulnerability and then move in the network using machine privileges. Before investing in new security tools, organizations should get their “3Ps” right: Patching, Privileges, and Passwords. Another grey area is poor detection and response capabilities, which needs a big improvement, explains Kaur.
However, she believes these attacks are still the same. However, with digitalization it has become easier to target Indian enterprises as the networks are expanding as opposed to the earlier closed networks. In such a scenario, security needs to evolve as business evolves, and so does the responsibility of the security team. Years ago the security team used to manage firewalls. Now they are looking after end point security, network security, security monitoring, analytics, forensic analysis and much more based on the network of the respective organization.
Kaur offers CXOs the following three critical steps to manage risk and security in the digital ecosystems. First, sit with the stake holders and ask them about the key risks to the business, categorize the risks into high, medium and low, and then tie it back to the organization’s cybersecurity key initiatives and finally, adapt and evolve the organization’s cybersecurity continuously.
- Cyber Security Predictions For 2018
- How CIOs Can Ensure A Seat At The Strategy Table
- Customer-Facing Web, Mobile Apps Pose Highest Security Risk: Study
- Ness Appoints Vinay Rajadhyaksha To Drive Digital Business
- Nokia Expands Bengaluru R&D Center To Focus On 5G
- CISOs, Beware Of Crime-as-a-Service, IoT Threats In 2018
- Yes Bank Automates Field Sales Processes Using Kaizala
- How Robotics Is Changing The Shared Service Landscape
- The Enterprise Gains From Micro Frontend
- Banks Investing Heavily On IT With Rising Digital Payments: Gartner