Resilience becomes a top priority for cyber-practitioners today to combat threats

Navin Mehra, Regional Leader- Cyber Security - Cisco India & SAARC 

“We have been seeing a coordinated cyber-attack on our FSI segment and are observant of the fact of how the number of attacks in the last six months have grown exponentially. India becomes the number two target for our adversaries. So what we heard in Indonesia sometime back is also a resonance of what's happening from an Indian economic perspective; a rising economy with rising GDP could result in these types of attacks in general from the infrastructure perspective. Again, we recently saw what happened in terms of the BSNL data breach and this can result in a lot of this data getting exploited. These are some very recent threats on our infrastructure and under such circumstances, resilience becomes a top priority for most of the cyber practitioners to achieve. There has been a survey from Cisco in 2023-24, which talks about what's the state or the mindset of organizations when it comes to adopting cybersecurity solutions in general. Today we live in a connected, complex and complicated world. When we say connected, we have users and we have got them connected from various modes and methods through various devices in general. A hybrid workforce is definitely an important part of a business today. Today the Network is borderless, and as we call it the network starts from where the user is. 

Our applications are no longer in a private data center but they are sitting on a hybrid or a public platform, which was probably not the thought maybe five or six years back. The users and devices in a hybrid world are increasing exponentially. So this is a very complex scenario where a user is connected to an application which can be anywhere on the cloud, in any type of platform or data center across. But the access or connectivity persist through various untrusted, trusted networks across. Some of them are encrypted in nature, while some of them are unencrypted. So the complexity around this axis is very high and it is on the rise. When you want to protect everything, everywhere, every time you prospectively do not know who you are protecting or from whom you are protecting. We already know the users today are accessing their private devices from any network, but are we really looking at contextual access to their data. If a user changes his access from a trusted WiFi network into an office while on the fly into an untrusted network or a Wi Fi, are we putting the right guardrails in terms of giving an access to the application?