The quiet lurking threat of a cyber attack is ever present on the online world and it gets more magnified with more number of devices being connected to the web, not to forget the number of apps that are released in the market which get downloaded onto to a smartphone. Cyber attacks whether in the form of a virus, ransomware malware, botnets or pure stealing of data through online, have become very real for both ordinary consumers and enterprises. This has become a everyday battle between those who launch these malicious attacks and the ones ever ready to defend and prempt such acts.
Though today the scale of operations has just got bigger for the providers of these security solutions and the members of the dark web. There have been cases where the computer systems of a particular enterprise had been breached and they were not aware of it for a good 218 days. As Diana Kelley, executive security advisor (ESA) to IBM Security, with a wide ranging experience in the whole area of internet security said, “The biggest trend we are seeing is that criminals have started to organise.”
It is estimated that 80% of attacks globally are instigated by criminal organisation and they operate like businesses, provide technical support and congregate on areas of dark web to provide the expertise. The sophistication of these attackers has just increased manifold with deep technical expertise and they are willing to share the malicious information. According to Kelley the scale of the attacks are larger, deeper, “our defence have to be very smart and we need to collaborate.”
Given the changed scenario from the online threat perspective, enterprises today are looking to do a full risk assessment of the entire situation rather than any piece meal approach. Sandeep Sinha Roy, leader—security services, India & South Asia, IBM India, said there has been dramatic changes in the awareness level of Indian enterprises as far as these threats are concerned and are taking all kinds of proactive steps.
To deal with these threat, Kelley listed out three steps: protect, detect and respond. Though ideally she felt that it would be better for both the security solution provider and their customers collaborate together. At the same time there are high number of cases where breaches have occurred largely because of ignorance on the part of the employees in following the principles of maintaining the standards of security. “Part of being prepared is creating a very layered defensive strategy and implementing that,” Kelley said.
In India, according to Roy, the common trend has been that enterprises are still reactive and get into action mode only after getting breached.
According to him, emergency response services of IBM has got very high value in India and given that it has global teams dealing with security the response also happens to be fast.
The biggest threat to the online world is now coming from the proliferation of internet connected mobile handsets. A smartphone is not just a device today to make calls or receive text, it performs many other critical functions which contain sensitive information. Given that mobile phones are being used to conduct financial transactions, the threat gets magnified. Added to this, there is thin line of difference of using the phone for personal and official purposes.
To deal with this threat, Kelley said the key priority must be creating the policies and educating the employees. “Risk of mobile devices is pretty varied and we need a good hygiene. We should also have some kind of automatic device management,” she remarked. This becomes more important given the number of apps which are downloaded on the phone. Kelley felt that there is a need to enforce policies where enterprise give the approval on which apps it can be used.
This is not done with the idea that there should be a restriction of the use of the apps but largely because of certain inherent vulnerability in them. According to Kelley, studies have shown that 35% companies do not do testing of their mobile app and 48% of the them that have found the problem do not actually go and fix them. “The full story of developing a app is not just the responsibility of a developer but also the company will have to be responsible for the security,” she said.
The targets of the cyber attacks has largely been on the financial sector given the high value attached to their data. However, there has also been a shift towards healthcare sector where these criminals find it lucrative to get these records. Though it seems that these cyber attackers are one step ahead of the defenders, but Kelley said, “We rarely talk about the days went well about how much companies did not lose money or records. The focus is on so much what goes wrong that when something get stolen it becomes a headline. We better focus on all the good that happens everyday.”