8 MINS READ
Rising cyber risks
How secure is your IT landscape?
The rapid migration from on-premise to cloud environments is shifting the security focus from perimeter-based to borderless workspaces. Enterprises must secure their infra, apps, and data in the era of hybrid work to enable business continuity. The global pandemic has only precipitated the need further.
The downside? Expanding digital surface has potentially opened gates for hackers from the dark web to gain dominance in the cyber world. Such instances include DDoS attacks on Moscow Stock Exchange and Sberbank and an instant messenger app Mimi, which was trojanized to deliver backdoors to steal data from major operating systems.
Implement a strong preventative control regime that can periodically and proactively monitor end-to-end operations as recommended by major cyber security frameworks such as National Institute of Standards and Technology (NIST) and Sysadmin, Audit, Network, and Security (SANS).
Paving the way forward with periodic, proactive, and predictive cybersecurity
Fast evolving threat landscape is driving enterprises to double down on efforts to prevent cyber attacks and improve cyber resilience. Companies must be prepared to minimize data loss, ensure steady business operations, and sustain customers’ trust in the event of a breach. So, what can they do? Implement a strong preventative control regime that can periodically and proactively monitor end-to-end operations as recommended by major cyber security frameworks such as National Institute of Standards and Technology (NIST) and Sysadmin, Audit, Network, and Security (SANS).
Beef up defences
Seven tenets you can’t afford to ignore in the cyber resilience roadmap
To keep a check on your organization’s cyber defence effectiveness and efficiency from time to time, we recommend that you focus on these seven key areas:
Asset inventory: Maintain a sanitized inventory of assets, along with mapping of assets to the right business owners and teams. Tag assets based on risks with periodic audits.
Regular security checks: Conduct security health check on assets, especially on your crown jewels. You could start with by performing a simple periodic internal vulnerability assessment and progressing toward penetration testing and then upscaling to niche activities like threat hunting and red teaming by external teams.
Principle of least privilege: Be mindful to provide privileges only for the duration needed to complete tasks and audit the policies and procedures which govern this principle. It is ideal to implement the ‘Deny by Default’ policy and make sure to have a multi-layered authorization system rather than having just a single sign-on (SSO)-based authentication for even privileged internal users.
Contextualized deployment: The philosophy of ‘procure and deploy’ top-notch security products or solutions will not suffice. Companies need to make intellectual investment to study their existing IT landscape, the gaps associated with it, and take informed decisions to pick the right solution to address their security need.
Technology and process audits: Conduct these audits with the help of experts from external firms who might most likely find more gaps, and not just by members from internal teams who may conduct biased assessments.
Transparency of audit findings: Share the observations, exceptions, and results of the audit transparently with the board and CXOs, enabling them to take appropriate technology and process decisions. Enterprises should also minimize shortcuts and workarounds, especially for cybersecurity-related issues.
Prep with a mock cybersecurity breach: Mimic a security breach within projects and periodically test the effectiveness of implemented cybersecurity controls.
Invest in building your cybersecurity muscle.
A successful cyber resilience journey begins by putting the right team in place to define, deploy and monitor the implementation of the cyber defence plan and its efficacy. While even the best of cyber defence walls are prone to breaches, always focus on strengthening it from time to time by creating a strong, layered defence mechanism, which is not just built and backed up by technology elements but complemented by an equally strong and overarching governance mechanism. Aim to deter, delay, and downgrade a cyber attack to minimize damages and maintain business continuity.