By Jyoti Prakash, Regional Sales Director, India and SAARC Countries, Splunk
Ever since businesses went remote, cyber-attacks have been on the rise. Our transition to a hybrid working world triggered a widespread adoption of cloud infrastructures by organisations, resulting in increased system and application vulnerabilities. India reported over 6.07 lakh cyber security incidents during the first half of 2021 and by over 54% from 2019 to 2021. What is equally worrying is how fast these security incidents are taking place.
In fact, Splunk’s latest SURGe ransomware report revealed that a median ransomware variant can encrypt nearly 100,000 files totaling 53.93GB in forty-two minutes and fifty-two seconds. This speed in encryption means that organisations can be left with no access to critical IP, employee information and customer data within an hour.
Organisations are trying to combat looming threats while innovating and keeping pace with the digital age. They need to deliver services as efficiently, meet critical customers’ demands, and catch up with market expectations. Prioritising cybersecurity has helped companies manage supply chains and business operations while safeguarding shared data integrity. A robust security management infrastructure acts as a nerve center to provide real-time data analysis, recommended actions and instant reporting on security status.
Remote working has taught businesses to be flexible and agile in their business processes and operations and cloud computing tools have made that possible seamlessly. Establishing a foundation of trust with a cybersecurity everywhere mindset has helped create perpetual resilience against any such pitfalls and threats. To manage security risk more effectively and address uncertainties as they come, leaders must consider security strategy as a business priority. Here are three areas leaders need to invest in to help fortify their security posture.
Zero Trust to safeguard your data
Moving sensitive data out of the perceived safety of on-premises systems opens new avenues for cyber threats and expands the attack surface. When an attack happens, companies have to count on the speed of their defence.
This is where adopting a zero-trust security strategy comes into play which is centered on the belief that organisations should not automatically trust anything inside or outside its digital boundaries and must verify anything and everything trying to connect to its systems before granting access. Zero-trust emphasizes on building defensive layers to protect assets and data from the potential impact of any hack or breach. Adopting the model helps to ensure a level of trust at each access point, removes the anxiety around securing a remote office and reduces the threat of data loss due to unforeseen internal negligence or external threat incidents.
Automation is required to deal with cybersecurity fatigue
Cyber fatigue is real as it is becoming common for security teams to manage hundreds of alerts from various systems daily which can be overwhelming and can cause errors at work. Companies simply cannot afford to rely on human analysts to respond to every attack. Often, security threats can be mitigated with better visibility, automation, and greater simplicity in management and response. The solution is a consolidated and automated cyber management service backed by Security orchestration, automation and response (SOAR) model, that can help accelerate threat detection and reduce mean time to respond to threats.
Automation allows businesses to streamline business processes, reduce security risk at speed, free up SOC resources from repetitive tasks, centralize investigations and achieve operational efficiency. Businesses across various industries that have successfully implemented SIEM solutions and SOAR technologies were able to achieve improved performance, accuracy in threat detection, and reduction in incident management resources to name a few.
Security skilling is an urgent need
A growing organisation facing increasing threats needs to not only scale its security team, but also keep them skilled and up-to-date with the latest developments in cybersecurity. While companies can enhance the effectiveness of their security analysts through automation and analytics, they can also simultaneously invest in training and upskilling their workforce. Beyond just the cybersecurity professionals, cybersecurity training should be conducted to a larger pool of personnel about the pitfall of digital threats in the IT environment and the concept of zero-trust to beef up an organisation’s overall cyber immunity.
The increase in the severity and velocity of cyberattacks in recent times may just signal an essential, turning point in cybersecurity. There has been a major push by the Government, through its National Cyber Security Policy (NCSP), to protect organisations from cyber-attacks as the cybersecurity landscape of the future will only get more volatile. If cyberthreats like ransomware move faster than organisations are equipped to respond, organisations would do well to think strategically about deploying robust security systems based on overcoming security risk as a business priority rather than a reactive approach.
Security is a responsibility across stakeholders, not just CISOs and their IT departments, and companies that understand the urgency in investing resources towards their data and security needs and make this a business priority will inevitably prove to be more resilient and agile.