Cos Need to Embed Cyber Security into Their Products and services, Supply Chains and Partnerships: CISO, Indiabulls
Rohit Kachroo, CISO, Indiabulls Group, in conversation with dynamicCIO
gives an insight into what is it that’s keeping the CISOs awake at night and
how they need to transform themselves to stay relevant in today’s dynamically
evolving threat landscape.
Q. What is your vision
as a CISO?
In general, monitoring, repelling and responding to cyber
threats while fulfilling compliance requirements are the key responsibilities
of a CISO. But, the continuously evolving landscape of security threats has
widened this role. The strategic approach is now focused on encountering the
future security challenges effectively and aiming to protect the critical
information infrastructure in terms of reducing organizational exposure to
cyber risk, ensuring priority response and recovery, and increasing cyber resilience.
Also, time has come to transform from being a business
support function to a business enabler and shouldering with business leaders by
ensuring adequate security controls as well as response mechanism which will help
business grow rapidly. To cater to the upcoming security challenges, a CISO has
to be more vigilant, dynamic and visionary. Someone, who can provide security
resilience as well as can handshake with business leaders to guide the business
through secure path.
Q. What is keeping the
CISOs awake at night?
In recent times, the world has witnessed plenty of targeted
and very scary rogue malware such as Ransomware that have created havoc among
the business world. Unfortunately, the growth in cyber security talent pool is
unable to keep pace with the growing sophistication of cyber threats. These
growing security threats are keeping the CISOs tossing and turning at night.
The larger issue is the absolute volume of threats and the relative ease with
which the least funded adversary can attack and be successful. This is
predominantly because of lack of readiness in several organizations across the
globe when it comes to pre-emptive infrastructure.
Keeping in view the dynamic technology changes, we have to
introspect on the sheer volume of vulnerabilities that can be exploited if an
organization’s infrastructure is open to credential thefts. Hackers can lock
your confidential business information and charge a ransom or even steal something
from your data and conceal the tracks. Most of the time businesses as well as
government bodies with the lack luster defense become vulnerable to the
simplest of malware attacks.
Q. In view of this, what
best practices would you recommend?
To tackle these challenges, CISOs need to reassess their
common concerns and consider a different approach. Here are the top three
things to keep in mind.
·
Increase the awareness among cyber security
staff that understand networks and know how to protect them. Team should be
equipped with necessary time and skills to both react to attack and proactively
hunt for them to ensure organizations remain operational and secure.
·
Security is not only the matter of information
but it severely threatens the organization’s brand image. To maintain the
confidence of shareholders and customers, organizations must align their brand
with one of security — and make sure they can back it up.
·
In the present scenario, businesses are more
exposed to unseen risks than ever before from employee devices, automated
manufacturing, the global supply chain and the Internet of Things. So,
organizations need to embed cyber security into their products and services,
into their supply chains and into their partnerships.
Q. What are the top
five information security challenges you foresee in 2018?
After analyzing the historical information security related
industry facts and figures and predicting about the almost unknowns, the
following top five challenges will persist/ emerge in the upcoming year:
·
Data leakage through Internet of Things (IoT)
·
Access of sensitive business data on mobile devices
·
Protection from cyber attacks like Ransomware
·
Increasing demand of network traffic that may
restrict the legitimate business applications
·
Managing the business security expectations of
top management
As digital transformation initiatives gain pace across the
globe, the threat of cyber-attack grows in tandem. Further risks stem from the
evolving business and regulatory requirements and technology trends that are
posing new cyber security challenges and endangering the success of digital
programs.
Q. How are you
preparing yourself to address these future challenges?
Challenges will always be part of information security
because of its consistent progressing nature and vast landscape. However, there
is no single security solution robust enough to fully rely on for the security
needs of the organization. In this growing and evolving nature of security
threats, solutions should also mature themselves enough to counter the upcoming
security challenges.
In order to counter the future cyber security challenges, we
as an organization have taken various security control measures. Few of them
are mentioned below, but not limited to:
·
Controls in place to collect logs from standard
security sources, enrich logs with supplemental data, Global Threat
Intelligence (Black Lists), Human Resource / Internet Download Management,
correlate finding the proverbial needles in the log haystacks, Investigate - follow
up and fix, document SOPs & SLAs and Incorporate Build white lists.
·
Control has been embedded in identifying the
privileged accounts, understand the requirement of privilege accounts, design
and implement, define PIM policies to meet the compliance requirements, define
or enhance the privileged access and increase the operational efficiency.
·
Control placed for accurate threat detection,
respond to threat faster, easy administration and effective scaling security
across the network.
·
Control placed for enhanced data protection
using layered security, flexibility and control while creating and applying
policies, block data loss, secure the encrypted traffic and customized
dashboard as per business need.
·
Control implemented in fast detection and protection
from security threats, speedy analysis of security incidents, immediately block
or allow specific files and certificates.
·
Control implemented for protecting the web
application on the application level, protect from the known vulnerabilities
based on blacklists.
·
Control implemented for DDoS protection by
absorbing attacks, prevent DNS forgery, cache poisoning, faster resolution of
DNS. Integrated with content delivery network coupled with transparent
operational excellence along with over-provisioned resilient infrastructure
without impacting legitimate request helps in mitigating the slowdowns.
Q. What initiatives
around information security have you undertaken in the last one year?
Keeping in view the present and future security threat
scenario as well as key business objectives, we have identified the following
solutions in order to achieve our business as well as regulatory compliance requirements.
·
SIEM
– helps in collecting logs from standard security sources, enrich logs with
supplemental data, Global Threat Intelligence (Black Lists), Human Resource /
Internet Download Management, correlate finding the proverbial needles in the
log haystacks, Investigate -- follow up and fix, document SOPs & SLAs and
Incorporate Build white lists.
·
PIM/PAM
– helps in identifying the Privileged Accounts, understand the requirement of
Privilege Accounts, design and implement the PIM/PAM solution, define PIM
policies to meet the compliance requirements, define or enhance the Privileged
Access and increase the operational efficiency.
·
ATD –
helps in accurate threat detection, respond to threat faster, easy
administration and effective scaling security across your network.
·
Web
Gateway – helps in enhanced data protection using layered security,
flexibility and control while creating and applying policies, block data loss,
secure the encrypted traffic and customized dashboard as our business need.
·
TIE –
helps in fast detection and protection from security threats, speedy analysis
of security incidents, immediately block or allow specific files and
certificates.
·
WAF –
helps in protecting the web application on the application level, protect from
the known vulnerabilities based on blacklists.
Secure
DNS – helps in DDoS protection by absorbing
attacks, prevent DNS forgery, cache poisoning, and faster resolution of DNS.
Integrated with content delivery network coupled with transparent operational
excellence along with over-provisioned resilient infrastructure without
impacting legitimate request helps in mitigating the slowdowns.
 copy.jpg)
