Offensive techniques need to be adopted to get the actual assessment of an organization’s security posture
By MYBRANDBOOK
Prof. Triveni Singh IPS
SP, Cyber Crimes - Uttar Pradesh Police
Key priorities for 2021
For the organisations to be in the business, one has to get into “Being Digital Mode” and since this has been mandated from top management / board, CIOs / CTOs responsibilities have changed drastically. “Being Digital” means almost all the areas of operations need to be migrated to a digital platform. The actual meaning of Being Digital shall be all the operations need to follow the concept of Manage, Monitor and Measurement digitally. CIOs / CTOs need to work with every department to bring them on the digital platform, especially for those tasks, which are in manual monitoring mode now. It is going to be a total paradigm shift culturally.
Adopting Work-From Anywhere
The “New Normal” – Work from Anywhere or Telecommuting, earlier it was more confined to IT Sector/BPO/KPO sector only, which has been extended to other departments now. Barring the manufacturing & R&D sector, all of them are now working remotely. To enable this, corporate IT infrastructure and connectivity had to be extended to workstations used by an individual employee in the form of VPNs, Corporate Collaboration Tools.
Companies had to arrange for workstations / laptops for every employee who could use them from home or anywhere. Since now the majority of the workforce working outside the regulated and controlled office infrastructure, appropriate security controls on the individual workstations had also to be implemented, which was challenging. That’s the reason Cyber Attacks have increased drastically since the pandemic globally.
Redesigning IT & Security strategy
New Threats have been a problem from the beginning itself, now it has propelled like anything because earlier there were very few entry points for the threats and vulnerabilities to enter for example adversaries had to target corporate network firewalls but now since the entry points have been multiplied in terms of the number of employees - each employee of the corporate working outside the corporate network are considered as entry points. The basic and foremost priority is to make employees aware of these threats in practical mode. We have been trying to conduct awareness sessions on cyber security, cyber hygiene by giving practical demos of how vulnerable are they. Employees are encouraged to participate in talk shows/webinars.
As far as medium-term strategy is concerned, there have been efforts to include the RED Teaming exercise mandatorily to check the actual defensive posture of corporate infrastructure in terms of PPT: People, Process & Technology. Currently, methods of defensive controls are more kind of reactive where processes are defined as per ISO or industry standards but the People & Technology area lags. With offensive techniques we shall get the actual assessment – which is the weakest area – If we know this, it shall be easier to put the remediation strategies more effectively.
InterGlobe’s Rahul Bhatia and C.P. Gurnani together announce
In a move that is set to transform the AI landscape, Rahul Bhatia, Group M...
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
ID-REDACT® ensures full compliance with the DPDP Act for Indi
Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...
ATRIE TECHNOLOGY PVT. LTD.
SECUREYE SERVICES PVT. LTD.
WIPRO LTD.
VERSA NETWORKS INDIA PVT. LTD.
Technology Icons Of India 2023: Byju Raveendran
Byju Raveendran is the founder of edutech start-up Byju’s. Raveendra...
Technology Icons Of India 2023: Rajendra Singh Pawar
Rajendra Singh Pawar is an entrepreneur and businessperson who founded...
Technology Icons Of India 2023: C P Gurnani
CP Gurnani (popularly known as ‘CP’ within his peer group), is the...
Aadhaar: Architecting the World's Largest Biometric Identity System
The Unique Identification Authority of India (UIDAI) is a statutory au...
CERT-IN protecting the cyber security space of India
CERT-In serves in the area of cyber security threats like hacking and ...
New defence PSUs will help India become self-reliant
MIL, India’s biggest manufacturer and market leader is engaged in Pr...
ADITYA INFOTECH LTD.
Aditya Infotech Ltd. (AIL) – the technology arm of Aditya Group, is ...
RAH INFOTECH
RAH Infotech is India’s fastest growing technology value added dist...
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...