Cybersecurity Implementation And Future Strategies For Enterprises With the lockdown in place and employees coerced to work remotely, we only have digital transformation to thank for helping ensure minimal glitches to business continuity. And yet, the challenges don't end here.

By Shomiron Das Gupta

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

Pixabay

The pandemic has caused a paradigm shift in the way businesses used to operate, having set into motion some unprecedented effects that businesses are gradually learning to cope with. With the lockdown in place and employees coerced to work remotely, we only have digital transformation to thank for helping ensure minimal glitches to business continuity. And yet, the challenges don't end here.

Most employees now work from the comforts of their homes but on relatively less secure networks and devices. This leaves enough room for cyberattacks attempting to steal business-critical data. With no end to this pandemic in view, at least in the near future, cybercriminals will continue to exploit and mould the grim situation at hand to their advantage. A case in point is the recent Maze ransomware attack on a renowned IT company, which, while wrecking the company's internal systems, also tried to gather crucial information about the system it infected (whether it was a standalone server, backup server, or primary domain controller). Such information becomes useful to influence the ransom amount. In fact, according to a KPMG report, this lockdown has caused 18 million daily malware and phishing attempts and 24 million cases of COVID-related spam messages. In such challenging times, it is imperative for us to look at enterprise security with a fresh pair of eyes:

  1. Since most of the security and risk teams are operating from a remote environment, the incident response and protocols need to be upgraded to identify risks. The response team should be reviewed to ensure all members of the team can access the equipment to be effective. Risks that could be well managed earlier can be detrimental if the team cannot respond effectively. If the organization does not have cybersecurity incident response capability, then consider using the services of a managed security service provider instead of implementing a new system.
  2. The company's security teams must perform basic endpoint hygiene and connectivity performance on systems. Corporate systems should have the minimum viable endpoint protection configurations for off-LAN activities. Employees who are using personal PCs for work should have anti-malware capabilities installed and must be in synchronization with corporate endpoint protection platform vendors to ensure the device is free from vulnerabilities. Mechanisms like software-token based multifactor authentication should be used to ensure only authorized personnel have access to corporate applications and information remotely.
  3. Your threat monitoring tools must provide maximum visibility. Due to remote working, there is a possibility that the security operations (SecOps) teams will miss events. The internal security monitoring and log management rule must be fully functional to detect threats. If enterprises are using managed security providers, ensure that the monitoring can detect breaches in a new environment of working.
  4. Use of self- supervised AI can thwart threats. Self-supervised AI is based on machine learning, which is capable of identifying and labeling threats that earlier required human intervention and was time-consuming. It functions by collecting data to form a baseline of the network; if it detects any abnormality in network performance, it will alert the security team.

The aforementioned steps, if implemented properly in synchronization with all the verticals and silos of the organization, can help streamline data security to the maximum extent. Hopefully, the pandemic will end soon and we'll all emerge out of it stronger, but a little precaution never hurts.

Wavy Line
Shomiron Das Gupta

Founder & CEO, DNIF

With his extraordinary skill set as an intrusion analyst and immense passion for tech advancements, he has been building threat detection systems for close to two decades and has established partners in 14 countries across several industries like healthcare, insurance, transport, banking, and media.

Prior to founding and developing DNIF a product that delivers quality attack detection products and services to its customers, he worked with ICICI Infotech Ltd. as a Senior Consultant, where his core responsibility was to solve critical cybersecurity challenges faced by customers.

Shomiron, a TedX speaker, is also an eminent speaker at many industry events including DSCI (Data Security Council of India) and SACON (TheSecurity Architecture Conference).

He is an alumnus of St. Xavier’s college. Outside the tech world he is a trained mountaineer with expedition experience in the Himalayas.

Related Topics

News and Trends

KL Rahul Invests In Sequoia-Backed Hyugalife.com

KL Rahul, who is currently recovering from a sports injury has joined hands with HyugaLife.com to inspire every Indian to be their healthiest and best self with its all-encompassing platform

Branding

How I Made Money From My Book Without Selling a Single Copy

Did you know you can make money with a book without selling copies? Here's exactly how I did it.

News and Trends

B2B Fintech platform BharatNXT Raises $1.2 Million Seed Fund

The funds will be utilized to invest in product development and expanding the team size by 4 times and enhancing the scalability of the core technology to accommodate ten times the current growth

Money & Finance

3 Ways to Create Multiple (Big) Streams of Income

Here are three ways to create multiple streams of income. These strategies require effort and resources but offer significant financial potential.

Science & Technology

She's Been Coding Since Age 7 and Presented Her Life-Saving App to Tim Cook Last Year. Now 17, She's on Track to Solve Even Bigger Problems.

Angelina Tsuboi, a full-stack mobile and web developer who also happens to be a pilot, has always been solution-oriented.

Business News

This Is the Most Loved Company of 2023, According to a New Report

A new Axios and Harris Poll ranked the 100 most visible U.S. companies.