Why enterprise security needs a renewed approach

With an increasing number of organizations adopting digital channels at a fast pace, enterprises are being forced to re-look at the way they build IT infrastructure. The IT infrastructure of today requires enterprises to quickly scale up or down and be agile to capture evolving market opportunities. That said, digital businesses are about increasing access and collaboration. This is changing the way enterprises look at enterprise security, as increasingly they need to give their external partners access to their internal systems.

We are also living in an age, where mobile devices have become the default choice for accessing information. In a world which information can be accessed from any device or platform, the earlier approach of confining information to allowed devices or platforms, will not be relevant. With smartphones being the preferred medium of authenticating a transaction, information on the smartphone such as emails, contacts or corporate data become vulnerable. For the CIO or the CISO, the ultimate objective is to protect data using a information-centric approach, as the device or infrastructure that will be used to access the information is irrelevant. This loss of traditional security control demands a new approach to security.

According to a recent research by Juniper Research, the cost of global data breaches are likely to surpass $2.1 trillion by 2019. Besides, over 80 percent organizations (Surveyed by AT&T) have indicated that they came under some form of security attack over the last twelve months. Major security attacks comprised of phishing, ransomware, DDoS and AP, while threats across social media, end-points including connected devices, obsolete software and mobile devices continue to plague IT Leaders.

 The always-on connected world also brings in a new series of challenges. Gartner, for instance, predicts that 8.4 billion connected things will be in use worldwide in 2017, up 31 percent from 2016, and will reach 20.4 billion by 2020. Given the inherent security weakness of IoT devices (given the small size of devices), and the huge volume and diversity of devices (cars, baby monitors, wearables), the risks increase substantially. Hackers for instance, have shown how they can take control of cars. Baby monitors have been shown to be hacked, while connected CCTV cameras have been used to stage DDoS attacks. Not surprisingly, Gartner estimates that by 2020, more than 25 percent of attacks in enterprises will involve IoT.

The other big threat that CISOs face is that of the enemy within. With authorized privileges, insiders or employees can breach the defenses erected by enterprises. In some cases, unintentional actions of insiders can lead to security breaches. A DSCI NASSCOM report states that close to 67% of service provider organizations have experienced insider threats due to unintentional exposure of private and sensitive information.

With CEOs and board members now being held responsible for cyber-attacks, the demand for experienced enterprise security professionals has increased exponentially. This research is corroborated with data from independent analysts. In 2017, research conducted by Enterprise Strategy Group found out that 45 percent of organizations stated that they have a problematic shortage of cybersecurity skills. In another research conducted by the Enterprise Strategy Group with the Information Systems Security Organization (ISSA), more than 50 percent of ISSA members stated that the cybersecurity skills shortage has increased the workload of the existing staff. This has an overall impact on the enterprise security posture of every organization due to the impact on either the budget or the under utilization of existing technologies to its full potential due to the unavailability of experienced professionals.

 Possible solutions

In the digital world, attack vectors change dynamically, and in a world of dynamic change, the cloud is the best medium to protect organizations against real-time and sophisticated attacks. For example, if your organization's website is the target of DDoS attacks, then a cloud-based solution can help in dispersing attacks and minimize the risk. Infrastructure be it on on-premise or on cloud it is important to assess the compliance, workload protection, overall components – storage, network etc. Especially when it comes to cloud SaaS applications require governance and pro-active threat management and round the clock vigilance.

Instead of investing on on-premise security tools and technologies, it may be prudent to explore cloud-based vendors providing real-time intrusion detection systems and malware detection systems to help enterprise prioritize their risks in accordance with organization policies. This helps in quickly quarantining infected systems from the rest of the network or detecting the sources of network intrusions and blocking traffic from those IP address ranges.

Cloud-based security allows organizations to create a centralized policy for any user irrespective of the device or network that he is coming from. This allows enterprises to have a consistent enterprise security policy rolled across multiple devices or regions. The issue of unpatched software is also not a problem as cloud-based security ensures that the latest update is in the cloud, and a single update in the cloud provides instant protection to all users simultaneously.

In most enterprises, early detection of targeted attacks is a great unmet need. This can be rectified effectively with intelligent threat perception and detection and behaviour profiling by using cloud-based systems that base their decision making by analyzing millions of end points across the world.

 Most importantly, with cloud-based security, the overall TCO is significantly lower as organizations save costs on the Capital Expense (CapEx) and the Operational Expense (OpEx). CapEx includes appliance or device costs, software costs, manpower costs; while OpEx includes annual maintenance costs that can be charged by the device vendor. A cloud-based solution encourages pay-per-use, which significantly lowers the TCO.

As they operate in a highly competitive market place, cloud-based vendors deploy the best infrastructure. For a normal enterprise, it is extremely difficult to maintain an updated technology infrastructure at an economical cost. This puts cloud-based vendors at an advantage. Cloud-based vendors or data center providers also help companies deal with compliance related issues by ensuring that the infrastructure is compliant with regulatory guidelines. Cloud-based vendors also offer the latest security, and offer enterprises protection against issues such as shortage of skilled enterprise security professionals. If one looks at all the possible challenges faced by CISOs in the digital world, the cloud is perhaps the best medium that offers all possible answers, in an economical way.

Lastly, it is imperative that safeguarding the key data assets, IP through pro-active risk assessment and management through deployment of world-class tools and security services will help enterprises minimize the rogue threats such as ransomware, DDoS etc combined with time-line based security audits and review of threat management landscape shall ensure seamless availability of infrastructure and business applications.