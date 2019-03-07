Cybercriminals have the advantage of operating in a decentralised market, which helps them to adapt and innovate faster than cyber defenders

By Anil Bhasin

Cyberthreats have quickly risen up the ranks to become the main business threat that enterprises face today. In response, businesses across the board are taking cybersecurity more seriously. The Palo Alto Networks: The State of Cybersecurity in Asia-Pacific survey revealed that cybersecurity budgets have increased by 92% for Indian organisations in FY’17. This is primarily driven by the growing volume of cyberthreats, its increasing sophistication and the enhancement of existing security frameworks to automated technologies.

However, cybercrime itself is staying ahead of the game with sophisticated evolutions ranging from malware to cryptomining, leaving businesses increasingly vulnerable. Cybercriminals have the advantage of operating in a decentralised market, which helps them to adapt and innovate faster than cyber defenders, whose effectiveness is shaped by bureaucratic and top-down decision making.

Read | Sensex rises 194 points, Nifty closes above 11,000 first time since February 7; RIL, ICICI Bank, HDFC up

Cyber preparedness, however, is not only about reliance on the internal cybersecurity team or the technology it has at its disposal. The Palo Alto Networks survey also listed employees’ lack of cybersecurity awareness (47% of respondents) as the main cybersecurity challenge that organisations face. Without effective employee education, planning and operational understanding in place, businesses in India will continue being extremely vulnerable.

As companies no longer operate in isolation and are accountable to their stakeholders, cybersecurity calls for necessary guiding principles in determining how stakeholders are informed about a breach, and how they will be provided with further relevant information as more data is analysed to paint the full picture.

Also read | What is GSP status; how US withdrawal of zero duty import benefit hurts India

Furthermore, cyber crises are also uniquely challenging—many cybersecurity breaches are discovered by third parties and leaked to the media, with company executives waking up to the news instead of being updated in real time. How companies discover and report breaches takes on tremendous significance as governments across the globe are moving towards a more stringent data and privacy protection regime, as we saw with the European Union’s General Data Protection Regulation (GDPR) that came into force in 2018.

Here are some tips to make your crisis planning more robust and effective:

Stay current and relevant by updating the plan regularly: Include input from all key stakeholders and schedule time on the team’s calendars to revisit the plan regularly—on a quarterly basis, if possible.

Test the crisis plan: Train all employees, including the board, with mock drills. Inject different scenarios into the basic plan and imagine all the different ways in which a breach could impact the business.

Understand your business: Explore all the machinations of the way your business operates day-to-day. Plan for day-to-day operations with a business continuity plan that is also tested and rehearsed. Understand what critical systems your business relies on, how they are interconnected, and what their dependencies are. If your response team is busy turning off exposed systems, your business may no longer be in operation.

Be absolutely sure of your continuity plan: If your continuity plan is virtually covered in dust, it may also be filled with dated information about old systems and the contact details of response personnel who no longer occupy that position.

While cybersecurity itself is evolving towards prevention, rather than response, enterprises and governments also realise that every single entity is vulnerable to a cyber breach and are preparing their response strategies. Such preparation takes time, but is worth investing in to build the foundation of how organisations respond to a cyber breach. As cyberattacks continue to grow in volume and complexity, it is essential to have a robust and tested crisis plan.

(The writer is regional vice president, India & Saarc, Palo Alto Networks)