Safeguard your data now before it’s too late, says Mr. Wilfred Sigler, CRIF India

The ever-evolving digital industry has helped improve customer experience in the online world, but with this enhancement, there has also been an underlying threat like cyber fraud that over the years has caused misfortune to many. To spread awareness among the people on Computer Security Day, CXOToday has engaged in an interview with Mr. Wilfred Sigler, Senior Director – Market Development & Digital Solutions, CRIF India on how an individual or businesses can protect themselves from such cyber-attacks.

1. Why is it important to protect personal data on the internet?

Using the internet now, you can access almost anything via your cell phone, including entertainment, credit and financial services, and products from all over the world. Each time we use social media, subscribe to a mailing list or download a free app, we agree to the terms of service of the provider. These service providers define the terms and conditions under which a company can collect and use the personal information of its customers. Our everyday activities online are almost recorded outside of our knowledge. This personal data is generally gathered and analysed to deliver personalized advertisements, registered, and assessed for research, or sold to data brokerages.

Today, personal data is at the highest risk of being exposed and misused in the world of the web. There are many stories about data breaches or cyber-attacks that hit the headlines regularly, whether it involves individuals or large companies. For individuals, it is tough to not leave traces of personal information on the internet, as we are so digitally immersed, thereby lessening the control over our data on the web. Even for businesses, the growing risk of cyber-crime hinders day-to-day operations, and a cyber-attack can cause reputational and monetary damage as well as regulatory and compliance issues. We live in a digital world where hackers are constantly on the lookout to steal your identity. It is now vital, however, for everyone who uses the internet to practice responsible digital hygiene. Although sharing some personal information is part of the internet experience, you can safeguard it by sharing it only with trusted organizations. It is essential to find out how your personal information will be used and protected before giving it out. If not protected enough, your personal information could get into the wrong hands. Hence, the protection of your information on the web is undeniably a necessity and not a choice anymore in this digital era.

2. According to you, what measures can companies take in these times of cyber-attacks to safeguard their information online?

• Report suspicious email sources: Employees are your firm’s first line of defense. Companies can safeguard themselves by advising employees to be wary of emails from unknown sources and immediately report any unfamiliar emails.
• Ensure an appropriate phishing strategy: Plan your reaction to a phishing attempt by incorporating lessons learned from prior situations to plug gaps in your response strategy. Monitor communication with stakeholders, including consumers.
• Recruit cyber specialists: Hiring specialists in data privacy, protection, and policies can safeguard companies from data leaks. Such measures will assist businesses to build methods to improve and evaluate how safe their cyber environment is.
• Compliance training: The compliance and training department should conduct an internal compliance course to educate employees about the risks of accessing work information over unprotected networks. It is crucial that every employee takes up such modules to ensure zero defaults when it comes to protecting critical information of the organization.
• Robust security and monitoring policy: Owing to the risky nature of cybercrime, cyber risk management must be an area of utmost priority for businesses today. Organisations should lay down a robust security layer and monitoring policy to ensure that all employees adhere to the standards of data security.
• Keep your networks and databases secure: Ensure your networks are protected by installing firewalls and encrypting information. In this way, the risk of cyber criminals gaining access to confidential information can be minimized.
• Review Cyber Risk reports regularly, such as the CRIF Cyber Risk Report: It is important for companies to sign up with a cyber risk assessor to foresee the risk and safeguard from any perils. CRIF India is a provider of Cyber Risk reports that offers regular notifications to conveniently assess cyber risks, highlight vulnerabilities, and safeguard the company. This further enables them to take full control over their business activities and take informed decisions.

3. On this Computer Security Day, what tips will you give customers to protect their data online?

On this Computer Security Day, we want to remind consumers to stay safe online with these simple tips.

• Safeguarding your accounts: If you have several online accounts, use strong, unique, and complicated passwords for each one. It is advisable to not use your social media credentials for other purposes like online gaming, shopping, etc. as your personal information is at risk of being exposed to hackers.
• Use two-step authentication: Additionally, it is highly recommended that everyone uses two-step authentication for their online accounts. A two-step authentication process requires you to enter both your password and a number that can only be accessed by you. Nowadays, most banks and major social networks provide this option.
• Installation of anti-virus: While surfing on the web, individuals should be careful about the bugs and viruses across the internet. Strong anti-virus software not only protects your data and information from the active viruses in your system but also alerts you ahead of time about the potential bugs that might harm your data.
• Encrypt your web browsing: Installing browser extensions that block intrusive adverts and prevent malware from running in your browser can help to lessen the chances of a data breach. Furthermore, surfing secure websites (URLs that begin with HTTPS) makes it more difficult for attackers to digitally eavesdrop on your activities.
• Upgrade your software: Use the most recent versions of the operating system and software on all your devices to keep hackers at bay by taking advantage of the latest features and security improvements.
• Use secured networks only: Individuals should only use trusted networks and refrain from using unsecured internet connections. To ensure security, sensitive transactions such as online banking should only be accessed on home networks and purchases should only be made from secure sites. Restricting network and data collection access are critical for preventing data breaches since it lowers the impact of breaches when/if they occur.
• Do not save your payment information on the Internet: To make future purchases more convenient, do not save your credit card or debit card details online. This is because having your financial information online makes it easy for hackers to steal it.
• Avoid sharing sensitive information online: If you receive an email, text message, or pop-up that asks for personal information, do not reply. Refrain from sharing sensitive information such as bank accounts or credit card numbers over the phone or via email as these modes could easily be hacked to be used for fraudulent activities.
• Keep your mobile device safe: As most of our activities are performed on mobile devices, make sure to download any kind of content and install apps only from authorised and trusted sources, and always keep your device updated.
• Reviewing personal data permissions: Find out what personal information is collected and what privacy controls are offered before registering for an online service or downloading an app. As permission requests give the app access to sensitive information on a device, and they should only be accepted when it is necessary for the functioning of your application.
• Use specialized data monitoring services: Make use of smart tools available in the market to monitor your personal data online as it makes us aware of the exposure of our data and helps to secure data online.

4. Could you elaborate more on different cyber risk management, digital, and fraud prevention solutions and their benefits for businesses?

Cyber risks are at an all-time high and must be carefully handled, as having a digital presence exposes any company to multiple cybersecurity dangers. Our way of doing business is changing, bringing with it new types of threats, not just to businesses but also to customer data. The only way for organisations to prevent security breaches and online threats is to incorporate robust cybersecurity measures. Assessing all potential threats is the first step in formulating a cybersecurity strategy. A cyber security risk assessment identifies a company’s critical IT assets and determines all possible cyber risks that may impact them. Through a comprehensive risk assessment, an organisation can identify all potential security threats across its IT ecosystem, including compliance concerns and data privacy concerns. As cyberattacks and security breaches can lead to various issues across the organisational structure, a cyber check report protects an organisation against financial losses, damage to the brand’s reputation, regulatory and compliance shortcomings, supply chain disruptions, and damage to business relationships. Cyber security reports identify factors that expose an organization to cyberattacks and provide guidance to decision-makers and security teams on the most effective way to close these security gaps.

A cyber check report can insulate your organisation against various online threats and provide a detailed analysis of vulnerabilities and risks based on an exhaustive cyber security risk assessment which includes –

• Domain risk analysis to ascertain the vulnerabilities of all domains connected to your network
• Service risk analysis to identify and assess all the software running on your domains
• Comparative risk profiles to demonstrate your organisation’s cyber risk exposure against that of similar businesses
• Phishing risk assessments to ensure that no risky content is being hosted on your websites
• Malware risk assessments to identify if your organisation’s domains are being misused or impersonated to host phishing scams or malware
• Site and certificate risk assessments to ensure that your website’s security certificates are up to date

The CRIF Cyber Risk Assessment Report, enables business managers, owners, and professionals to simply assess the cyber risk associated with their digital presence. The report assists in analysing existing weaknesses that may expose companies to such cyber-attacks. It also enables enterprises to examine their partners, vendors, suppliers, or distributors for digital vulnerabilities that could interrupt business activity with such partners. It gives quick confirmation of high, medium, and low severity vulnerabilities, allowing businesses to take targeted actions to stay ahead of future cyber threats. As a result, their business continuity and brand reputation are protected.

5. How does Sicurnet ensure the security of data and personal information shared by the customer for monitoring purposes?

SICURNET is a CRIF-developed solution specially designed for protecting personal data online. It automatically monitors the personal information submitted by the user such as credit cards, savings accounts, e-mail addresses, telephone numbers, or usernames, etc. It alerts customers by notifying them via a text message or an e-mail when their monitored data is exposed or detected in high-risk web environments. In addition to the alert, the customer will also receive tips on how to safeguard against possible fraud. Every month, they receive a summary of the checks conducted. This helps in protecting and monitoring the customer’s sensitive information and avoids the risk of falling prey to cybercriminals. At CRIF, with SICURNET we take all precautions and allow customers, to securely share personal information for monitoring for data breaches. CRIF is an ISO 27001-certified organisation and takes all physical & digital safeguards to protect your privacy and personal information. CRIF constantly updates its technology based on vulnerability assessments and penetration testing of application, network, and servers.