In today’s fast-paced world where our actions are powered by strong and ubiquitous technology inventions, we are constantly battling the fear of information leakage. Call it the perils of becoming a globalised economy, but the fact remains that cybersecurity is one of the major concerns for businesses today.
Cyberthreats are becoming rampant as we make our way into this connected world amped with the cloud and mobile-based platforms, new-age applications and accessibility features. Each and every digital transaction is tricky as it is exposed to the threats of various kinds often involving classified information, financial business data and sensitive stakeholder information.
According to the Global Risk Report 2019 by the World Economic Forum, India faced a high number of data breaches in 2018 due to poor cybersecurity protocols. As internet of things (IoT) becomes more pervasive, a greater number of things will get connected, and as a result security-related responsibilities will become more complex and vital. In order to survive in this increasingly challenging environment, it is important for businesses to become cyberresilient.
This quest for robust cybersecurity strategies is compelling new-age businesses to commit necessary budgets and resources to mitigate the risks pertaining to cyberthreats.
Role of next-gen technologies
Enterprises today are leveraging digital technologies to scale up their businesses. For cybercriminals, increased digitalisation can also be seen as a window of opportunity. They are targeting digital ecosystems such as cloud infrastructure, software-as-a-service (SaaS) and IoT, and are using highly sophisticated techniques to launch malicious attacks.
5G networks will unlock tremendous potential for exploring vertical industries, including connected health, smart cities, connected vehicles and industrial IoT, all of which will demand new and varying levels of security.
The traditional cybersecurity measures offer limited help to control such attacks. They use standard rules to detect threats and respond to them. However, this approach of managing incidents
based on previous known attacks often fails to spot new-age threats. Relying solely on conventional security technology or human expertise to handle these threats is not sufficient and this is where next-gen technologies such as artificial intelligence (AI) and machine learning come into play.
With AI, computers can carefully analyse the big data that systems produce. AI algorithms first make a baseline of normal patterns and then deep-dive into abnormal events to detect attacks/breaches. The compiled data is further used for predictive analytics.
While AI, machine learning and deep learning have been largely employed by security device original equipment manufacturers (OEMs), adversaries are simultaneously brewing AI-based tactics and techniques to launch attacks. As most of the AI, machine learning engine brains reside on the cloud, it is imperative to protect the analytics residing on the cloud from adversaries.
Researchers are working on the concept of deep learning, a technique that combines the logical capabilities of the human brain with AI to help think and reason better. Going forward, AI will be a game changer in combating and outwitting cyber adversaries.
How can enterprises be prepared?
- Education and awareness: Extensive research in cybersecurity has revealed that the best way to tackle cyberattacks is by creating ample awareness around the issue and by implementing a holistic strategy on information security.
- Strengthening cybersecurity standards: It is crucial to strengthen cybersecurity standards “at all levels” from those who collect data to those who transmit it, process it, store it, and use it.
- Push from senior management: The boards and senior leadership of any organisation must take the lead in the battle against cyberthreats.
- Other measures: Investing in workforce training, regulatory compliance/audits, and best-in-class security products and services to help all in the business chain to identify and mitigate threats.
Some other effective measures that can help mitigate the risks of cyberattacks include:
- Training employees in privacy policies and best practices
- Limiting personal data collection, retention and access
- Conducting compliance audits of third parties that handle personal data
- Ensuring that all third parties comply with the company’s privacy policies
As the saying goes, “prevention is better than cure”. In this digital age, businesses need to invest in an intelligent cybersecurity framework to become resilient. Rather than putting corrective methods in place after a security breach has happened, they need to adopt a comprehensive framework from the very beginning. If we truly wish to savour the fruit of digitalisation, we must take collaborative steps to safeguard our ecosystem.
By Rajiv Singh, Global Head, Cybersecurity, Tech Mahindra