With the digitalization boom in India, more Indian enterprises are upgrading their security capabilities to make their enterprises more secure against the latest threats. Rajpreet Kaur, senior research analyst at Gartner, shared her insights about the latest cybersecurity attacks on Indian enterprises and steps to mitigate risks from the attacks.
1. What are the major cyberattack trends you see targeting Indian enterprises?
Rajpreet: We see a hike in targeted attacks including state sponsored attacks against Indian enterprises of all sizes not just the large ones. There is an increase in the following attack vectors:
- Web application attacks: Number of attacks targeted towards web applications are increasing.
- DDoS attacks: Distributed Denial of service (DDoS) attacks, such as volumetric attacks are increasing.
- Advanced malware attacks such as ransomwares: We all have seen ransomware attacks such as WannaCry, Petya. It is quite evident that the number of such attacks are increasing.
- Spear phishing attacks: There is an increase in the number of phishing emails leading to spear phishing attacks.
2. What should be the focus for Indian enterprises?
Rajpreet: While enterprises are working towards deploying sophisticated technologies, they first need to get their basics right. The majority of cyber-attacks try to exploit an existing unpatched vulnerability and then move in the network using machine privileges. Before investing in new security tools, organizations should get their “3Ps” right: Patching, Privileges, and Passwords. Another grey area is poor detection and response capabilities, which needs a big improvement.
3. Are digital ecosystems driving new cybersecurity trends in India?
Rajpreet: The attacks are still the same. However, with digitalization it has become easier to target Indian enterprises as the networks are expanding as opposed to the earlier closed networks.
4. How have security teams evolved with the changing threat landscape?
Rajpreet: Security needs to evolve as business evolves, and so does the responsibility of the security team. Years ago the security team used to manage firewalls. Now they are looking after end point security, network security, security monitoring, analytics, forensic analysis and much more based on the network of the respective organization.
5. What are the practical steps to manage risk and security in the digital ecosystems?
- Sit with the stake holders and ask them about the key risks to the business.
- Categorize the risks into high, medium and low, and then tie it back to the organization’s cybersecurity key initiatives.
- Adapt and evolve the organization’s cybersecurity continuously.