Cyber Security in India: The Year That Was

Top concerns: Lack of adept cyber security professionals; SMEs not ready to pre-empt and manage cyber-attacks and information breach; Humans stay the foremost common threat to security of companies

India over the past year has seen a pointy increase within the incidence of knowledge breach and cyber-attacks across sectors and company sizes. While, the big organisations are able to contain the harm in most cases by pre-empting attacks on their systems through resilient security systems, in different cases the media has the whiff of it first. To boot, the smaller enterprises are those who have emerged to suffer the foremost from irredeemable loss to information and name.

Here are a number of the key challenges featured by SMEs and C-level executives this year:

Small to mid-market trending business challenges as of 2018:

  1. Hackers are awake to the content nature of tiny businesses once it involves cybersecurity. They perceive that tiny businesses invest little-to-no cash on rising their cybersecurity scenario. Ultimately, it offers a simple chance for attackers to use.
  2. Larger organizations generally have a strong defense system that’s tough to compromise or breach. However, several larger organizations have systems interconnected with tiny or mid-size businesses. Once hackers compromise the safety system of SMEs, they will then simply penetrate into the defense systems of larger organizations.
  3. Knowledge breaches will typically mean doom for tiny and medium-size businesses. As a result, they’re additional prone to ransomware attacks as a result of they’re extremely doubtless to pay the ransom to avoid wasting their knowledge and their company from doom.

Business challenges trending amongst cyber SMEs as of 2018:

  1. IoT has most positively added convenience to hectic schedules. However, it’s conjointly opened new doors for cyberattacks. it’s imperative for employers to currently make sure that all IoT devices are established properly and there’s no space for a network breach.
  2. Humans stay the largest and commonest security threat to businesses of all sizes or industries. There are several cases of staff abusing their privilege access, harming the company’s security layers within the method and leading to an enormous loss. 22nd of companies cursed cyberattacks on insiders. Moreover, a similar survey conjointly discovered that 56 percent of companies according that the attacks were either by new joiners or staff effort the corporate.
  3. the flexibleness and measurability that the cloud offers makes this technology additional compelling to tiny and mid-size businesses. However, immense issues still exist for SMEs once it involves the safety challenge related to the cloud technology. Though cloud technology is obtaining additional and safer, new and greater vulnerabilities, loose ends play security issues.
  4. App customers are currently being tracked through the utilization of unhearable tones. These tones are virtually utterly silent and cannot be picked up by the human ear, however there square measure apps in your phone that are invariably listening for them. The technology is termed unhearable cross-device pursuit, and works by emitting high-frequency tones across ads and billboards, web pages, and across stores, etc. Apps with access to the phone’s microphone will devour these tones and build a profile regarding your viewership details and in some cases even the websites you’ve got visited.

Challenges for C-level executives between 2017 and 2018:

  1. Getting compromised and the media catching it first:Till date, reputation loss due to data breaches proves to be one of the top concerns for C level execs across all multi-national organisations. Ian McClarty, CIO, PhoenixNAP Global IT Services says that the hope is to “ ‘catch’ this breach in a reasonable time to limit and mitigate so that we can notify the victims/public through a controlled message”.
  2. GDPR introduction to Europe:The hottest topic till date amongst most cyber security developments in Europe is the introduction of GPDR. A significant change to how personal data is being and will be stored is yet to determine how companies will interpret guidelines on the data they keep based on having a ‘legitimate interest’ vs. that of requiring explicit ‘consent.
  3. Having a false sense of security:Given threat profiles for cybersecurity and the need to protect intellectual property and financial assets etc., there is no single investment or method that allows one to ‘check the box’ and be rid of cyber risks. End to end visibility of one’s technology footprint—from device to application destination—is a key capability required to enable success in understanding security positions and identifying new attacks.
  4. Lack of cyber security skills amongst employees:People within a firm, till date, tend to be the highest risk factor across all organisations. With the ever-changing landscape of cyber and information security regulations, C-level execs are finding it increasingly difficult to monitor, advise and implement security guidelines for their employees. Phishing, shared WI-Fi, the GDPR regulations, etc. all are proving to be pain areas for exco members as most employees are still not aware of the threats involved.