Can regulations and compliance be the answer to global cybersecurity risks?
By MYBRANDBOOK
With cyberattacks becoming a commonplace within the digital world and with business models and technologies changing, the need of the hour is to have a compliance and a regulatory framework for every organization across industries
For a CIO in 2022, there remains several challenges that need to be tackled but the major concern will always be security.
Though businesses started moving their assets to the cloud even before the pandemic, the switch to a remote workforce further accelerated the process and with it, IT monitoring and security became one of the top priorities for a CIO.
“With the increase in SaaS based applications, organisations are required to build stringent security controls at their edge networks,” says Saravanakumar Krishnamurthy, Executive Vice President – Technology Engineering - IT, Network & Cyber Security at YES BANK.
“The underlined statement should always be to secure the data, whether it is on the cloud or on premises. At the same time I believe that internal threats, which are mostly unknown or internal dark web for many organisations will be one of the key issues CISOs need to address on a war foot basis.
Cyberattack groups are openly challenging and stating openly they are injecting attacks on big organisations. The Lapsus$ group is one of the classic examples,” he adds.
The BFSI (Banking, Financial Services and Insurance) sector has always remained a primary target of cybercriminals over last several years, given the amount of sensitive data that they have to deal with.
As someone from the BFSI sector, Saravanakumar believes that some of the top cybersecurity threats that continue to threaten this sector are Ransomware, DDOS, Bots, Phishing, Data Exfiltration (Data Theft), DNS & Domain Hijack. “These are the most sophisticated attacks that give real threats to the BFSI sector,” he says.
The need for Regulations & data protection laws
A data breach or a cyberattack of any kind can have a long-term psychological effect on an individual or a business, while also impacting the reputation of a brand. Also, every society perceives threats differently and so every different kind of threat has to be measured and addressed in a different manner and approach. The key concern however still remains the ‘Awareness’.
“The amount of initiatives and programs relevant to Cybersecurity happening across the globe and in our country are still in a minuscule percentage as compared with the amount of cyberattacks taking place. Many countries in fact do not have adequate policies and strategies in place to combat these kind of cybersecurity issues,” Saravanakumar observes.
In a country like India, where business model are mostly technology driven and businesses adopt all the latest technologies well in advance than many developed countries, Saravanakumar says that ground level issues should be addressed first before formulating any security policy.
“Security policies, frameworks and standards should be aligned after addressing these issues and only then it will get easily assimilated into the culture itself,” he explains.
The regulatory landscape is however slowly changing with most nations coming up with their individual data protection laws and regulations.
But as Saravanakumar explains, before understanding exactly what we expect from a Data Protection law, we need to, as an organisation segregate the data as structured and unstructured; classify the data; secure the data and then should know how to govern the data.
“We should first formulate a proper data lifecycle model first and then implement the data protection or privacy regulations. As far as the BFSI sector is concerned, the Reserve Bank of India (RBI) should bring more data awareness programs and publications and make an assessment of the industry,” he concludes.
Nazara and ONDC set to transform in-game monetization with ‘
Nazara Technologies has teamed up with the Open Network for Digital Comme...
Jio Platforms and NICSI to offer cloud services to government
In a collaborative initiative, the National Informatics Centre Services In...
BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium
A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...
Pinterest tracks users without consent, alleges complaint
A recent complaint alleges that Pinterest, the popular image-sharing platf...
TVS ELECTRONICS LTD.
TECHROUTES NETWORK PRIVATE LIMITED
LAVA INTERNATIONAL LTD.
DRUVA SOFTWARE PVT. LTD.
Icons Of India : MUKESH D. AMBANI
Mukesh Dhirubhai Ambani is an Indian businessman and the chairman and ...
ICONS OF INDIA : RAJIV MEMANI
As Chair of the EY Global Emerging Markets Committee, Rajiv connects e...
Icons Of India : CP Gurnani
Former Managing Director and CEO of the well-known IT service company ...
HPCL - Hindustan Petroleum Corporation Ltd.
HPCL is an integrated oil and gas company involved in refining, market...
GeM - Government e Marketplace
GeM is to facilitate the procurement of goods and services by various ...
IFFCO - Indian Farmers Fertiliser Cooperative
IFFCO operates as a cooperative society owned and controlled by its fa...
Indian Tech Talent Excelling The Tech World - PADMASREE WARRIOR, Founder, President & CEO - Fable
Padmasree Warrior, the Founder, President, and CEO of Fable, is revolu...
Indian Tech Talent Excelling The Tech World - Steve Sanghi, Executive Chair, Microchip
Steve Sanghi, the Executive Chair of Microchip Technology, has been a ...
Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi
Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation...