Why Enterprises Should Have an Evolving Cybersecurity Framework? | HCL Blogs

Why Enterprises Should Have An Evolving Cybersecurity Framework

Why Enterprises Should Have An Evolving Cybersecurity Framework
November 12, 2018

IT has been an enabler and backbone of businesses using various security systems across a wide variety of sectors. With newer challenges and avenues, enterprises have been shifting their security systems focus to next-gen technologies. The adoption of next-gen technologies offers a lot of avenues for the businesses to grow in scale and size in this digital-led transformation era. Billions of non-connected devices are now communicating with each other and providing key business-level critical insights to the concerned stakeholders using internet of things (IoT). This is now a reality because of the increased proliferation of enabling technologies like sensors, fast computing machine environments, remote monitoring solutions and maintenance, and uninterrupted internet access with approximately zero downtime. This, on the other hand, has created innumerable vulnerabilities and led security systems as a primary concern in executives’ agenda. Enterprises today are now being forced to apply cybersecurity skills to pursue control over their IT assets and information. The challenges have now moved from traditional IT infrastructure to connected devices. These new challenges require enterprises to have the evolving cybersecurity framework in place.

“Enterprises may have non-breakable firewall and malware detection software, tuned security operations, and quick incident response systems but they are still exposed to such attacks due to a number of other reasons, like third-party integrations having weak security frameworks, multiple network channels from various vendors, etc.”

Why Is It a Costly Pursuit?

Cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. A major cyberattack can affect billions of dollars in assets and result in the loss of reputation, so it’s important to foresee risk situations while making business decisions related to installing or upgrading security systems in an IT environment. An illegal/unlawful access to the customer/consumer database may incur huge losses, affecting the brand salience and taking away the customers to competitors or bring regulations clauses to compensate. Cyberattacks which cause data manipulation or destroy data can break the trusted systems without leaving an audit trail to identify the owner and have the potential to affect the critical infrastructure. Approximately 29% of the 9,000 executives (surveyed in The Global State of Information Security Survey 2018 by PwC) in 122 countries reported loss or damage of internal records as a result of a security incident, which is growing at a rate of 3% annually.

Cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015

“People want privacy and security, not privacy or security. Companies will need to deliver on that expectation.” - Sean Joyce, US Cybersecurity and Privacy Leader

Know more from a few incidents in the past: in 2011-13, energy and utilities companies in the United States, Canada, and Europe were attacked by the cyberespionage group known as Dragonfly, which resulted in blackouts/power outages in these regions; the WannaCry ransomware attacked several IT and telecommunications companies in 2017, gaining control over their critical systems. These are enough to explain the scale of loss. Earlier, financial organizations and governments were the primary targets but as the other enterprises are adopting next-gen technologies today, the threat is now widespread. The next-gen technologies like cloud and IoT bring more challenges with an increased level of exposure to such attacks, due to their nature of operations.

Enterprises are moving toward the cloud, and its security is a top priority seeing the risk associated with data loss or service outage, whether the cloud is on-premise, off-premise, or a hybrid. The dynamic nature of the cloud means that enterprises need a more automated, agile, and flexible approach than traditional security frameworks.

Enterprises are moving toward the cloud, and its security is a top priority

A few major challenges that may place IT infrastructure at bigger risk:

Less visibility into critical infrastructure – Due to a large number of devices and IT assets across physical, virtual, and cloud infrastructure, it is very difficult to maintain a clear and accurate view. The issue becomes grave when organizations rely on traditional security systems to track and monitor the network.

Unreliable anomaly/vulnerability detection mechanism – As it is difficult to have a consolidated view of the network and devices, spotting and addressing vulnerabilities becomes difficult. The traditional or siloed infrastructure (calling them “dark assets”) does not allow AI and other analytics tools to identify the incident patterns to much extent.

Siloed security ecosystem – The use of disparate security solutions from different technology providers incapable of working together and sharing critical information present a significant challenge to security teams amidst a dynamic and ever-evolving security landscape.

Advanced cyberattacks would move from service outage and data theft to loss in intellectual capital for enterprises.

The global concern – According to the US government, “cybersecurity is the most vulnerable economic and national security challenge as it is growing in numbers and intensity.” A McKinsey research quoted- “There are investments up to $500 million on cybersecurity with more than 100 billion lines of code created annually. Various companies are getting thousands of attacks every month, billions of data sets are breached annually. About 120 million new variants of malware are produced by hackers every year. This explains the intensity of cyber-attacks and why it is a costly pursuit.”

“Threat is grave and substantial and the underlying factors on which they are born are changing consistently.”

Need of The Hour: A Scalable 360-Degree Approach

The adoption of multilayer authentication for user access and encryption of data exchanged over various channels are some of the old techniques to manage user access and ID management when it comes to accessing an enterprises’ resources. But now with advanced cyberattack techniques, such authentications are required to be upgraded with a 360-degree approach which includes predictive analytics and remote monitoring solutions.

“All stakeholders need to consolidate their thoughts and must come to a conclusion, that this should be dealt by applying industry standards with nonnegotiable compliance.”

Enterprises are running seamless operations outside the four walls, enabled by connected infrastructure and, therefore, need 360-degree dynamic or scalable security framework to enable quick response system against the future threats. Earlier, a global corporate network was limited to thousands of end points, but today this has reached to millions of end points interacting with each other in an open environment, making security as a ubiquitous issue.

Also, the technology gap comes into play when an enterprise starts adding IT security solutions from different vendors/manufacturers irrespective of the granularity of their configuration settings; these are the threats at the edge. Hence, the most critical and effective policy to mitigate and reduce the effects of a cyberattack is to build a solid foundation for the cybersecurity technology stack.

The technology gap comes into play when an enterprise starts adding IT security solutions from different vendors/manufacturers

“One can’t answer every question, as far as security threats are available today and hence, a static policy would do more harm.”

In most of the standard cybersecurity deployments, thousands of alerts are generated per week but due to unavailability of trained resources, few of them are investigated and even sometimes a lot of capital and time go in chasing false positives or performing investigations with inadequate intelligence and insufficient expertise.

Executive’s Agenda on Cybersecurity

“As per a recent McKinsey survey, 75% of experts consider cybersecurity to be a top priority or nonnegotiable component of IT implementation”

The security concerns grow continuously as enterprises grapple with technology changes. Business decision-makers have to think more and quickly while adopting next-gen technologies to prevent such catastrophes, and that needs a lot of work on predictive cybersecurity models to reduce/avoid the potential consequences. Deep learning models with analytics can help in identifying the possible security threats and mitigate through proactive response systems. Therefore, while adopting next-gen technologies or building IT infrastructure, CXOs must think of developing a cybersecurity corridor simultaneously. This will not only reduce the cost of implementing security framework but will also help in scaling it with the evolving nature of future threats with less complexity. This needs an identification of the right IT service provider, having rich expertise in providing complex engineering solutions at scale by assessing the existing setup and setting the secured platform for the transition.

Aligning security with business objectives – Business must know what to protect and how to protect through a rigorous evidence-based assessment. This will enable them to prioritize the risks, prepare strategies, and tactical plans aligned to their business objectives having cybersecurity at the core. The fundamental ask is – how quickly they adopt this to stay protected?

“Cyber risk is not an IT problem; it needs to be considered as risk management issue”

They need to establish a new model of governance which can enable the teams concerned to oversee all cyber risks across the enterprise. There are estimates available that by 2020, almost 20 billion devices would be connected globally and this increased proliferation of devices present new set of challenges which can only be mitigated by swift, efficient, and refined processes.

“Enterprises are required to come up with a strategy of integrating cybersecurity in management and governance processes to deal with the today’s attacks by surrendering the security that feels distinctly old-fashioned”

The Future

In the past, the primary effect was on IT but as the adoption of next-gen technologies is growing through IoT, automation, and other digital fronts; operations technology is getting severely exposed to such attacks due to siloed upgradation of security framework in IT and OT.

“As the ‘smart’ is touching homes, cities, cars, manufacturing, and even apparels, the more cyber vigilance is required for smart future”

About 46% of the internet connections would be machine-to-machine by 2020, without any human operators and is expected to grow at a very fast pace, making the devices vulnerable to threats and causing serious damage if adequate security measures have not been taken. This can be avoided by ensuring –

  • Uniform cybersecurity standards and policies for next-gen IT implementation
  • Business objectives aligned to enterprise security strategy
  • Remote monitoring of IT/OT systems and installation of proactive security frameworks for automated recovery
  • Upgraded next-gen firewalls and anti-malware policies thwarting advanced threats
  • Automated data backup and recovery systems
  • Quick incidents response systems with automated alerts
  • Remote services and maintenance for system upgradation with one click
  • Building up the required human capital to deal with the issue as cybersecurity labor crunch to hit 3.5 million unfilled jobs by 2021

The need is to learn and adapt evolving security framework and make it a part of technology vision for the enterprise to address the risk in business context.

The need is to learn and adapt evolving security framework and make it a part of technology vision for the enterprise to address the risk in business context.