The increasing security threat surface is a major challenge for businesses, particularly those functioning in the BFSI sector. There has been a lot of news of frauds as well as hacking from this sector, which is giving CISOs sleepless nights. In this context, Chief Information Security Officers (CISOs) not only have to act as defenders but also think ahead of the curve. As technologies continue to evolve rapidly, they have their task cut out for them.
“There has been increasing flow of news that a lot of fraud is happening on the backend. In such a scenario, a CISO has little options but to stay ahead of the hackers. He has to put the most modern security tools and technologies at the forefront and judiciously choose from the products available in the market such as fraud management systems, SOC, or technologies like DNS solutions, Anti-APT, NAC, Encryption at all levels, robust endpoint enterprise antivirus and patch management solutions etc. CISOs should have the best-in-house security analysts to face the latest threats. But the catch is that it should be implemented quickly and with desired outcomes,” says Anshuman Pund, Head – Information Security & ISO Compliance, IDBI Intech Limited.
This is particularly important as the latest security threats such as ransomware, Memchached attacks, Petya keep piling up, putting the CISO on the defensive. Modern attacks can cripple the operations of an organization and can irreparably damage a company’s reputation. Losses can run into millions of dollars. Global pharma giant Merc lost $300 million dollars in just one quarter due to a cyber-attack. The biggest headache of a CISO is that threats keep on emanating from both within and outside organization.
There are threats from the outside as well as from the inside. We have to be equipped to handle both. Attempts are also made on data going out of the perimeter. Patch management and endpoint security should be sound enough to handle such incidents. Patches need to be updated for each and every system, so that advanced threats can be mitigated.
Digital deployments bring with them increased vulnerabilities. The attack surface has increased because of the extensions within enterprise. Frequency and sophistication of cyber threats are continuously growing. In the evolving threat landscape, digital transformation technologies such as Artificial Intelligence and Machine Learning hold a great deal of hope.
This is a cat and mouse game where we are trying to update our security strategies and at the same time new threats are emerging at the speed of light. New technologies such as AI and ML can help in proactive threat detection and mitigation. A lot of it can be automated.
There is little doubt that attackers are getting more sophisticated with every passing day. Moreover, the they make significant investment of resources to bypass security checks as well as the latest technology tools. Therefore, cyber security professionals need to evolve rapidly to stay ahead of the attackers.