Cos Need to Embed Cyber Security into Their Products and services, Supply Chains and Partnerships: CISO, Indiabulls


Rohit Kachroo, CISO, Indiabulls Group, in conversation with dynamicCIO gives an insight into what is it that’s keeping the CISOs awake at night and how they need to transform themselves to stay relevant in today’s dynamically evolving threat landscape.

 

Q. What is your vision as a CISO?

 

In general, monitoring, repelling and responding to cyber threats while fulfilling compliance requirements are the key responsibilities of a CISO. But, the continuously evolving landscape of security threats has widened this role. The strategic approach is now focused on encountering the future security challenges effectively and aiming to protect the critical information infrastructure in terms of reducing organizational exposure to cyber risk, ensuring priority response and recovery, and increasing cyber resilience.

 

Also, time has come to transform from being a business support function to a business enabler and shouldering with business leaders by ensuring adequate security controls as well as response mechanism which will help business grow rapidly. To cater to the upcoming security challenges, a CISO has to be more vigilant, dynamic and visionary. Someone, who can provide security resilience as well as can handshake with business leaders to guide the business through secure path.

 

Q. What is keeping the CISOs awake at night?

 

In recent times, the world has witnessed plenty of targeted and very scary rogue malware such as Ransomware that have created havoc among the business world. Unfortunately, the growth in cyber security talent pool is unable to keep pace with the growing sophistication of cyber threats. These growing security threats are keeping the CISOs tossing and turning at night. The larger issue is the absolute volume of threats and the relative ease with which the least funded adversary can attack and be successful. This is predominantly because of lack of readiness in several organizations across the globe when it comes to pre-emptive infrastructure.

 

Keeping in view the dynamic technology changes, we have to introspect on the sheer volume of vulnerabilities that can be exploited if an organization’s infrastructure is open to credential thefts. Hackers can lock your confidential business information and charge a ransom or even steal something from your data and conceal the tracks. Most of the time businesses as well as government bodies with the lack luster defense become vulnerable to the simplest of malware attacks.

 

Q. In view of this, what best practices would you recommend?

 

To tackle these challenges, CISOs need to reassess their common concerns and consider a different approach. Here are the top three things to keep in mind.

 

·      Increase the awareness among cyber security staff that understand networks and know how to protect them. Team should be equipped with necessary time and skills to both react to attack and proactively hunt for them to ensure organizations remain operational and secure.

·      Security is not only the matter of information but it severely threatens the organization’s brand image. To maintain the confidence of shareholders and customers, organizations must align their brand with one of security — and make sure they can back it up.

 

·      In the present scenario, businesses are more exposed to unseen risks than ever before from employee devices, automated manufacturing, the global supply chain and the Internet of Things. So, organizations need to embed cyber security into their products and services, into their supply chains and into their partnerships.

 

Q. What are the top five information security challenges you foresee in 2018?

 

After analyzing the historical information security related industry facts and figures and predicting about the almost unknowns, the following top five challenges will persist/ emerge in the upcoming year:

 

·      Data leakage through Internet of Things (IoT)

·      Access of sensitive business data on mobile devices

·      Protection from cyber attacks like Ransomware

·      Increasing demand of network traffic that may restrict the legitimate business applications

·      Managing the business security expectations of top management

 

As digital transformation initiatives gain pace across the globe, the threat of cyber-attack grows in tandem. Further risks stem from the evolving business and regulatory requirements and technology trends that are posing new cyber security challenges and endangering the success of digital programs.

 

Q. How are you preparing yourself to address these future challenges?

 

Challenges will always be part of information security because of its consistent progressing nature and vast landscape. However, there is no single security solution robust enough to fully rely on for the security needs of the organization. In this growing and evolving nature of security threats, solutions should also mature themselves enough to counter the upcoming security challenges.

 

In order to counter the future cyber security challenges, we as an organization have taken various security control measures. Few of them are mentioned below, but not limited to:

 

·      Controls in place to collect logs from standard security sources, enrich logs with supplemental data, Global Threat Intelligence (Black Lists), Human Resource / Internet Download Management, correlate finding the proverbial needles in the log haystacks, Investigate - follow up and fix, document SOPs & SLAs and Incorporate Build white lists.

·      Control has been embedded in identifying the privileged accounts, understand the requirement of privilege accounts, design and implement, define PIM policies to meet the compliance requirements, define or enhance the privileged access and increase the operational efficiency.

·      Control placed for accurate threat detection, respond to threat faster, easy administration and effective scaling security across the network.

·      Control placed for enhanced data protection using layered security, flexibility and control while creating and applying policies, block data loss, secure the encrypted traffic and customized dashboard as per business need.

·      Control implemented in fast detection and protection from security threats, speedy analysis of security incidents, immediately block or allow specific files and certificates.

·      Control implemented for protecting the web application on the application level, protect from the known vulnerabilities based on blacklists.

·      Control implemented for DDoS protection by absorbing attacks, prevent DNS forgery, cache poisoning, faster resolution of DNS. Integrated with content delivery network coupled with transparent operational excellence along with over-provisioned resilient infrastructure without impacting legitimate request helps in mitigating the slowdowns.

 

Q. What initiatives around information security have you undertaken in the last one year?

 

Keeping in view the present and future security threat scenario as well as key business objectives, we have identified the following solutions in order to achieve our business as well as regulatory compliance requirements.

 

·      SIEM – helps in collecting logs from standard security sources, enrich logs with supplemental data, Global Threat Intelligence (Black Lists), Human Resource / Internet Download Management, correlate finding the proverbial needles in the log haystacks, Investigate -- follow up and fix, document SOPs & SLAs and Incorporate Build white lists.

 

·      PIM/PAM – helps in identifying the Privileged Accounts, understand the requirement of Privilege Accounts, design and implement the PIM/PAM solution, define PIM policies to meet the compliance requirements, define or enhance the Privileged Access and increase the operational efficiency.

 

·      ATD – helps in accurate threat detection, respond to threat faster, easy administration and effective scaling security across your network.

 

·      Web Gateway – helps in enhanced data protection using layered security, flexibility and control while creating and applying policies, block data loss, secure the encrypted traffic and customized dashboard as our business need.

 

·      TIE – helps in fast detection and protection from security threats, speedy analysis of security incidents, immediately block or allow specific files and certificates.

 

·      WAF – helps in protecting the web application on the application level, protect from the known vulnerabilities based on blacklists.

 

Secure DNS – helps in DDoS protection by absorbing attacks, prevent DNS forgery, cache poisoning, and faster resolution of DNS. Integrated with content delivery network coupled with transparent operational excellence along with over-provisioned resilient infrastructure without impacting legitimate request helps in mitigating the slowdowns.   

Categories: Technology

About Author

Write a Comment

Your e-mail address will not be published.
Required fields are marked*

*

Recent Comments