User behaviour boosting the chance of cyber attacks in this unprecedented time

VARINDIA has recently hosted an event on cyber security. The session started with the topic of how channel partners are helping their customers in navigating through the evolving cyber security landscape.

Rajeev Mamidanna, Founder & MD, Synoptiq Infosolutions, pointed out, “I would probably allude to the fact that we always talk about people, process and technology but I just wanted to quickly throw light on the fact that, why is there so much of information loss, breaches that are happening. People are the weakest link. And whether it is a consumer or an employee working for a large corporation they are the weakest link in the cybersecurity chain. Attackers have realized this and we have observed in the last one and a half years of the pandemic that a number of phishing attacks have just gone through the roof. No organization has an index of human awareness or preparedness, to measure that. If you look at the source code, which developers have left, but the source code carries your passwords, and the focus is always on privileged users and none of them are focusing on users across the enterprise. This is where zero trust falls through the cracks.”

Vishal Bindra, CEO, ACPL Systems, commented, “I think there is one of the very important reasons that we need to figure it out. The data breaches are now becoming less of a technology problem and more of a process and people problem. I think all the technologies which gives you enough strength to really put a lot of controls into the system are available today. We see that most of the breaches which have happened, or people who have come to know those breaches have occurred are from those people who would have probably best of the security. The basic hygiene, which is the absolute key, is really missing from the customer side. A CISO or a CIO believes that there are people who will be changing the password and they would have kept strong passwords and other things. So I think it is extremely important. Second, if you really go through a lot of data breach reports, you'll notice a very strong figure which is more than 38% of businesses had suffered a data breach. People are not coming after your email but very important things like your data."

Whereas, Prashant Jain, Founder & CEO, JNR Management Resources said, “I strongly believe the problem, especially in our country, is that we implement security by compliance, and we do not implement security by design. That is one of the biggest challenges in terms of corporate life, in terms of enterprises, big or small, does not matter. It is all about how you implement the security and why you are implementing any kind of security. It is more of compliance there were more regulatory bodies, putting those compliances probably none of the enterprise would have really cared about implementing security by design. The second point I would like to make here is the user awareness. So we are talking about only one side that breach is happening at the enterprises, and those are the numbers which are published by IBM or other security reports. But there is a huge number, which is on the individual side also as consumers. Breaches are happening by the consumer, for their own.”

Moderating the event, Deepak Sahu, Chief Editor, VARINDIA said, “In most enterprises, one of the biggest challenges they face is that the current levels of cyber security is not enough to protect the endpoints and servers. It is a huge opportunity for all security partners to work on building products and services around endpoint and network security to keep threats like ransomware at bay. It is not just computer networks and computer information systems that are being attacked. Cyber attacks are also infamous for protecting computer infrastructure and people's personal computers."

On the increase of data breaches, Mathew Philip, Senior Director - Business Development & Alliances, LogMein said, “Cyber threats have gone up drastically post-pandemic all of a sudden. According to a Verizon data report, 80% of the breaches are caused by poor password practices, which are reused or weak passwords. It could be even password sharing, which is getting associated with the user behaviour.  In the IBM Security report, it states that 82% of the individuals surveyed admit they use reused passwords. Obviously, remote work and work from home are some of the main reasons why this trend of information stealing is happening. People are using their personal laptop for office work or using office devices for personal work, obviously a lot of shadow IT is getting adopted, which means a lot of software applications and software are coming in, which is beyond the company's approved software on your devices. A lot of things are basically user behavior.”