HOME
VAR Panchayat

Balancing Cloud with Data Protection

by VARINDIA 2017-04-21
Balancing Cloud with Data Protection
Encryption and tokenization are becoming accepted best practices to support compliance
 
India’s National Cyber Security Policy was adopted in 2013 and includes both high-level principles and targeted objectives and proposals. However, the plan has not been fully implemented and the legal framework supporting cybersecurity remains weak. India has been no exception to the devastating cybersecurity breaches that hit multiple industries across the world in 2016. These attacks have proved, time and again, that no one is immune to sophisticated cyberattacks.
 
In this sophisticated threat environment, where traditional security tactics are failing, it is high time we revisit our security posture to build a strong cyber-resilient framework. As businesses lean on technology for business advantage, newer threat vectors are emerging.
 
Substantial growth in the online and digital data, smart city initiatives by the Indian Government have pushed the Internet of Things (IoT) market and indirectly the cybersecurity space in India by leaps and bounds. Cyber-attacks have increased year over year making Indian business and government sites more vulnerable. It is now important for Indian enterprises to look at methods to prevent attacks and not just detect attacks. For protection against today’s attacks, the emphasis should be on speed and prevention. Organizations need to take a more proactive approach to cybersecurity.
 
As businesses and government managed citizen services go increasingly digital, cyber threats are only going to become even more difficult to track, predict and manage. Tackling or preparing for cybercrime is perhaps going to become the most important task for any enterprise. Without a proactive, people-centred cybersecurity strategy in place, businesses run the risk of alienating customers even before they engage with the brand.
 
Components of Cyber Security Framework
 
• Right Security Architecture
 
The right architecture creates a framework for a stable security platform. By implementing the correct architecture, you eliminate single points of failure providing the necessary strength and resiliency to maintain operations and security under any circumstances. Improper architecture is the most common cause for catastrophic failure that leads to unavailability and security issues.
 
• Human Element
 
You are only as strong as your weakest link. If people are improperly trained or (worse) disgruntled, they can misconfigure technology, which can cause catastrophic and unrecoverable disaster. Companies need to educate employees about security – teaching them about the dangers of phishing, unencrypted data and lax reactions, etc.
 
• Choosing Right Security Technology
 
Security products should prevent the enemy from getting inside the network. Detecting and blocking the threat only after it has penetrated the network does not really make any sense, especially when you can prevent it.
 
A robust security framework that seeks to prevent and not just detect security threats is an absolute must. In addition, the framework should evolve with the growing business needs. Periodic optimization of security infrastructure will also help enterprises detect and prevent more threats and lower the total cost of ownership on previous security investments.
 
Peak into the future
 
As we look into 2017, we expect to see mobility, Industrial IoT, critical infrastructure and the cloud being the key areas of focus for hackers, besides the traditional threat vectors that exist today.
 
As attacks on mobile devices continue
to grow in the world of mobility, we can expect to see enterprise breaches that originate on mobile devices becoming a more significant corporate security concern. The recent nation-state sponsored attacks on journalists’ mobile phones mean that these attack methods are now in the wild and we should expect to see organized crime actors use them.
 
Critical infrastructure is highly vulnerable to cyber-attack. Nearly all critical infrastructures, including nuclear power plants and telecommunications towers, were designed and built before the threat of cyber-attacks. In early 2016, the first blackout caused intentionally by a cyber-attack was reported. Security planners in critical infrastructure need to plan for the possibility that their networks and systems will see attack methods consistent with multiple potential threat actors, including nationstates, terrorism and organized crime.
 
There will also be a rise in ransomware attacks impacting cloud-based data centers. As more organizations embrace the cloud, both public and private, these types of attacks will start finding their way into this new infrastructure, through either encrypted files spreading cloud to cloud or by hackers using the cloud as a volume multiplier.
 
No sector is immune to vulnerabilities today. Threat researchers say the number, sophistication and virulence of cyber threats continue to grow day by day. Our core focus needs to shift to threat prevention space across endpoint, network and mobile, besides detection solutions.
 
Cybersecurity is no longer an option, it is an absolute necessity.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
T-Mobile confirms breach by Chinese hackers in ongoing cyber espionage campaign

T-Mobile confirms breach by Chinese hackers in ongoing cyber espionage campaign

Helldown ransomware expands its reach, targeting Linux systems and virtualized environments

Helldown ransomware expands its reach, targeting Linux systems and virtualized environments

Sattrix and Cloud IOT sign JV to drive cybersecurity and digital transformation business in Southeast Asia

Sattrix and Cloud IOT sign JV to drive cybersecurity and digital transformation business in Southeast Asia

SOFTWARE
View All
PhonePe & Bharat Connect to announce easy contributions for NPS

PhonePe & Bharat Connect to announce easy contributions for NPS

Elastic collaborates with LG CNS to enable innovation in knowledge management

Elastic collaborates with LG CNS to enable innovation in knowledge management

Veeam announces update to Veeam Backup for Salesforce on Salesforce AppExchange

Veeam announces update to Veeam Backup for Salesforce on Salesforce AppExchange

START - UP
View All
ideaForge Soars Past 550,000 Flights, Reinforcing Indian Drone Leadership

ideaForge Soars Past 550,000 Flights, Reinforcing Indian Drone Leadership

HCLTech and Inspeq AI Join Forces to Promote Responsible AI

HCLTech and Inspeq AI Join Forces to Promote Responsible AI

Whatfix and Deloitte India Partner to Drive Digital Adoption

Whatfix and Deloitte India Partner to Drive Digital Adoption

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Start-Up and Unicorn Ecosystem
Tata Elxsi, DENSO, and AAtek Open New Robotics and Automation Lab in Frankfurt

Tata Elxsi, DENSO, and AAtek Open New Robotics and Automation Lab in Frankfurt

Prudential Unveils Global AI Lab in Singapore

Prudential Unveils Global AI Lab in Singapore

HPE delivers its fastest exascale supercomputer El Capitan to Lawrence Livermore National Laboratory

HPE delivers its fastest exascale supercomputer El Capitan to Lawrence Livermore National Laboratory

Cloudera announces new AI Assistant with intelligent capabilities

Cloudera announces new AI Assistant with intelligent capabilities

Futurense Launches India’s First Futurense Leadership Council

Futurense Launches India’s First Futurense Leadership Council

MediaTek Powers India's Digital Future with Latest Innovations

MediaTek Powers India's Digital Future with Latest Innovations

Akamai launches ready-to-deploy, cloud-agnostic application platform

Akamai launches ready-to-deploy, cloud-agnostic application platform

AMD debuts Versal Premium Series Gen 2 SoCs to power data-intensive workloads

AMD debuts Versal Premium Series Gen 2 SoCs to power data-intensive workloads

NXP rolls out pioneering Ultra-Wideband wireless battery management system

NXP rolls out pioneering Ultra-Wideband wireless battery management system

Netpoleon India Partners with Cavisson Systems

Netpoleon India Partners with Cavisson Systems