In an interaction with Dataquest, Sridhar Iyengar, Vice President, ManageEngine throws some light on the increasing need for cyber threat response strategies in the modern day enterprise landscape. Excerpts
What response strategies are required in this era where businesses are highly prone to cyber-attacks?
In today's heteronomous environment where all businesses are IT enabled, the information in these systems need to be highly secure and accessed by authorized personnel only. As data breaches continues and cybersecurity incidents grow exponentially in frequency, size, and cost, even the mightiest of enterprises and governments across the globe are worried about security and cyber-attacks. Emerging trends like mobility, virtualization and cloud adoption have certainly complicated IT security.
Fighting sophisticated cyber-attacks demands a multi-pronged strategy incorporating a complex set of activities. The important measures adopted by the corporates includes deploying security devices, enforcing security policies, controlling access to resources, monitoring events, analyzing logs, detecting vulnerabilities, managing patches, tracking changes, meeting compliance regulations, monitoring traffic and more. Especially, privileged access should be not just centrally controlled, but also closely and continuously monitored.
The situation becomes grave if a stolen password has also been used to access a variety of applications and websites. Nowadays, it is quite common for employees to use the same login credentials for multiple sites – social media, banking, brokerage and other business accounts. If the password gets exposed in any of the sites, in all probability, hackers would be able to easily gain access to all your other accounts too.
How do you see Indian companies responding to cyber threats? Are there significant gaps?
According to a Gartner report, Security spending will continue to grow in 2016 when revenue is projected to reach $1.23 billion in India. Security services (that includes consulting, implementation, and managed security services) are also expected to increase to 60 percent by 2019.
A slow transition is witnessed among Indian enterprises. While the realization is dawning on organizations that while preventive IT security information are important, they are not sufficient. They also need to focus on continuous monitoring and response as a central component of their security strategy.
What is the cost/loss to companies in case of lack of adequate and timely response strategies? Is there is an objective way to measure this?
For enterprises to meet today’s security needs, they have to shift their Security approach from not just an IT issue to overall business crisis. The new age security solutions are designed such that they go beyond simply hindering threats and proactively help business to achieve their objectives.
Deploying sophisticated security technology carries a cost in terms of both budget and time for implementation and training. In India a lot of businesses, may find such cost and budget allocation a barrier. However, they need to understand that the cost can be greater as the existing legacy system with many failure points may ultimately, leave the organizations strapped with great valuable data loss and a longstanding license agreements may find to be of bigger disadvantage.
How technology can play a role in building a solid response strategy?
With rapid advances in technology, including advancements in mobile, cloud and social networking, the enterprise perimeter is rapidly eroding. The threat landscape is constantly evolving. Employees regularly use hundreds of applications; most of them are cloud based. So, information is not confined within the network perimeter any longer. It flows freely across boundaries, applications and devices. Technology decisions are being made outside the respective perimeter. Still, organization’s IT department is responsible for information security, data privacy and integrity.
Regardless of the size or type, IT organizations must have security inherently security strategy designed. This involves a complex set of activities - defining information ownership, access control policies, encryption infrastructure, continuous monitoring of systems and usage, auditing of actions, proactive and reactive alerting, and forensics capabilities. Both internal and external threat sources should be treated with the same scale. Enterprises and technology providers should keep pace with emerging trends on all these aspects.