Ideal Security Posture of an Organization
SUMIT PANDITA C.
The Chartered Engineer | The Royal Charter | MIE | The Institution Of Engineers India (IEI)|Cybersecurity and Risk Management Executive | Empowering Organisational Resilience and Compliance | Director
Various breaches have been continuously evolving from Insider threats to external threats, which are hampering the reputation, monetary loss, business loss across various industry verticals.
Certainly, the main vectors for the insider threats are “Privileged users and administrators”, “Regular employees”, “Third parties and temporary workers” and “Privileged business users & executives”
External threats vectors like; malware, viruses, email attachments, web pages, pop-ups, instant messages, text messages, social engineering, malicious hackers, competitions, Ransomware, and service attacks (DDOS, Session Hijacking, Drive-by attack, brute-force, zero-day attacks) are potentially the cause of worries for an organization.
In today’s era, an organization must be covered with the 360-degree revolution of various parameters – which ideally will act like an eagle’s eye from detection to protection.
Thinking How?
Let me put more rays of light. The journey starts from “Process to Technology to Compliance & Regulations”
-?????????Do you have adequate end-end processes in place which are adherence to various Compliance & Regulatory viz: International Standards Organization, NIST, GDPR, PCI-DSS, and not limited to cyber laws. The need is to tighten the organization's policies and procedures in line with the global compliance requirements.
-?????????Is your organization doing the cyber maturity assessment at regular intervals?
-?????????Is your technology intelligent enough or co-created with Artificial Intelligence and machine learning – Behaviour Analysis & Automation are the keys.
-?????????Is the technology in place protecting your businesses?
-?????????Is the technology strategy in line with over business plan, which consists of principles, objectives, and tactics for using the technology to achieve organizational objectives?
Though 100% security is a myth, it is the need of the hour that CISO’s, CIO’s and management work closely with all the levels within an organization to mitigate all the evolving risks.
Hope my experience is helpful to many of you.
~ Sumit Pandita
The Chartered Engineer | The Royal Charter | MIE | The Institution Of Engineers India (IEI)|Cybersecurity and Risk Management Executive | Empowering Organisational Resilience and Compliance | Director
3 年Anita Raina hope this is helpful to yourself.