Key Cyber Security Initiatives for Indian Enterprises: Gartner
With the digitalization boom in India, more Indian enterprises are upgrading their security capabilities to make their enterprises more secure against the latest threats. Rajpreet Kaur, senior research analyst at Gartner, shared her insights about the latest cybersecurity attacks on Indian enterprises and steps to mitigate risks from the attacks.
Kaur believes that there has been a spike in targeted attacks including state sponsored attacks against Indian enterprises of all sizes not just the large ones. There is an increase in the following four attack vectors, including web application attacks, Distributed Denial of service (DDoS) attack, advanced malware attacks such as ransomware attacks such as WannaCry, Petya to name a few, as well as spear phishing attacks in the form of phishing emails.
“While enterprises are working towards deploying sophisticated technologies, they first need to get their basics right. The majority of cyber-attacks try to exploit an existing unpatched vulnerability and then move in the network using machine privileges. Before investing in new security tools, organizations should get their “3Ps” right: Patching, Privileges, and Passwords. Another grey area is poor detection and response capabilities, which needs a big improvement, explains Kaur.
However, she believes these attacks are still the same. However, with digitalization it has become easier to target Indian enterprises as the networks are expanding as opposed to the earlier closed networks. In such a scenario, security needs to evolve as business evolves, and so does the responsibility of the security team. Years ago the security team used to manage firewalls. Now they are looking after end point security, network security, security monitoring, analytics, forensic analysis and much more based on the network of the respective organization.
Kaur offers CXOs the following three critical steps to manage risk and security in the digital ecosystems. First, sit with the stake holders and ask them about the key risks to the business, categorize the risks into high, medium and low, and then tie it back to the organization’s cybersecurity key initiatives and finally, adapt and evolve the organization’s cybersecurity continuously.
- More Customer-Facing Firms Will Use Chatbots In 2-3 Years
- Using RPA For Greater Accuracy, Efficiency In Business
- AI Interest Among CIOs Is Huge, But Deployment Is Low
- How CIOs Can Unleash App Power In Digital Business
- CISOs Wary Of Threat Intelligence Accuracy, Quality: Study
- What Stops Companies From Adopting Big Data Analytics
- SMB Guide To Effectively Deploy Salesforce CRM
- Top 10 Customer Experience Trends in 2018
- HP Leads In The Declining Global PC Market: Research
- Are We Waiting For A Bigger Cyber Attack To Strike In 2018?