“Today, there are a considerable number of targeted attacks, some of which are even state sponsored. The government has been the biggest victim of such attacks,” he added. In situations like this, traditional firewalls aren’t enough.
Another major route for launching a targeted attack is through social networking sites. Today, almost everyone is on one or the other social network and tracking a person’s interests is easier than it used to be. In such a scenario, a person is a soft target and malware can easily be targeted towards him by matching his interests.
There have been numerous discussions around Cloud computing and its architecture. However, there is no particular security strategy that is followed when using the Cloud. This means that the strategy for security should be aligned to the platform that’s being used by a company.
“In the government, there are a lot of physical servers and there has to be security, not just for the data on these servers but also for virtualized data. Therefore, we recommend having several layers of security,” said Sarkar.
A zero trust security model is required. “The question that we should keep asking ourselves is if our security infrastructure is enough? Are we 100% safe?,” he asked.
Further, companies should always adopt best practices and keep checking their security modules. They need to have a network monitoring module as it enhances security.
“There is no magic bullet to ensure complete security but you need to have a defensive security strategy. Incident response, is a key requirement. How quickly you can respond to an attack adds to the competency,” Sarkar concluded.