Cybersecurity: How to make businesses more secure and resilient
November 2, 2020 1:15 AM
The recent increase in cyber-attacks have mandated businesses to take a serious look at their cybersecurity measures
According to an industry estimate, nearly one third of the cyber incidents are caused due to weak access control mechanism / IDS Intrusion detection services.
By Joyjeet Bose
The sudden switch to work from home has catalysed the digital enablement of business environments and workplace transformation. With employees logging in remotely to access corporate network via their home broadband network, they are inadvertently opening a multitude of new attack vectors. Here are a few cybersecurity strategies that businesses should adopt to make their operations more secure and resilient.
Zero-trust approach To bolster overall security, businesses need to implement tools aligned with SSO (single sign on), Identity protection, multi-factor authentication (MFA). With the zero-trust approach, the organisations establish trust for every access request, regardless of where the request is coming from. The method of access controls like DAC, MAC, RBAC & ABAC (Discretionary, Mandatory, Role & Access based access control) needs to be implemented at various levels.
Cyber awareness and hygiene Businesses are required to implement IDS (intrusion detection services) and educate their workforce digitally. They need to communicate regularly with their employees on cyber security protocols and develop training programmes on data security and privacy issues. The training programmes can include identifying phishing attempts, using a secure VPN and using end-to-end encrypted collaboration tools.
Regular software updates The rise in the cyber-attacks is also a constant reminder of the importance of pushing regular software updates with security patches in the system. According to an industry estimate, nearly one third of the cyber incidents are caused due to weak access control mechanism / IDS Intrusion detection services. With the new norm of remote working, businesses are utilising the concept of bring your own device (BYOD) or the corporate owned personally enabled (COPE) devices. These devices should run with tools like (AMP) advance malware protection to avoid active, passive attacks and on the updated software version with all the regular security patches. Additionally, enterprises should have a smart unified endpoint solution that provides enhanced visibility, security, and awareness to their IT department.
Security as a Service (SaaS) orchestration Businesses need to invest in a cost effective and comprehensive Security as a Service (SaaS) solutions. Having platform-based Cloud Content Security provider that include web, email, end-point security, next generation firewall and multi-factor authentication services will enable them to circumvent cyber threats. With the fast-moving workforce and the continuously changing environment, there is a need for enterprise-grade smart solutions that provide access to an all -inclusive smart perimeter security proposition that is robust, scalable and can be readily deployed. With service providers introducing new capabilities, enterprises need to stay abreast of the innovations and must have a definite cybersecurity plan to implement these market leading threat protection solutions.
The writer is senior vice-president – SME Operations,Tata Teleservices