CXO of the Week: Praveen Jaiswal, Founder & Director, Vehere

With the onslaught of the pandemic, there has been a rapid surge in cyberattacks. They pose serious security challenges for both startups and big businesses. The increased penetration of hyper-connected devices and services has expanded the attack surfaces. We have diverse threats, propagated by cyber terrorism, military espionage, corporate espionage, and financial fraud. Besides, the remote work routines induced by the pandemic have further added to the existing security challenges. Thus, these testing times call for the highest levels of situational awareness. Vehere is a Cyber Situational Awareness. We have with us, Praveen Jaiswal, Founder & Director, Vehere, who sheds insights on the current scenario and best practices for Cyber Situational Awareness.

Excerpts:

What are the elements under Cyber Situational Awareness?

Cyber Situational Awareness is not a technology, but an outcome. It is the capacity to understand an organization’s network, applications, assets, and risks in real-time to make informed decisions. These could be about supporting new digital business initiatives, responding to threats/breaches or/also planning for improving the quality of security around your assets. Cyber situational awareness entails continuous monitoring. It also helps in the detection of unknown threats, and dynamic decision making.

The essential elements of Cyber Situational Awareness are acquisition, analysis, and action. The process involves the following aspects:

• Monitoring the network and cyber environment through comprehensive visibility

• Probing the network telemetry data

• Detection of anomalies and threats

• Risk monitoring and sharing actionable information

• Enabling defence management and countermeasures to contain threats

The increasing cyberattacks are a testament to any corporation's resilience. How should a company select the right security solution for the organization?

The right security solution is the one that enables real-time Cyber Situational Awareness and also enhances the network detection and response capabilities by leveraging network telemetry data, full packet captures, and DNS query analysis.  Furthermore, organizations should look at solutions that provide comprehensive visibility, leaves zero blind spots, improves the anomaly detection capability, offers greater automation efficiency, provides visibility into public, private and, hybrid clouds, and offers device, application, network, and user context for better insights.

We are moving to more cloud-oriented operations. Is there a way to be proactive rather than reactive?

Surveys have revealed that approximately 8 out of 10 cybersecurity professionals remain worried about cloud security. To secure the cloud, organizations should proactively focus on the following aspects:

• Align the data protection measures with the business aims of the organization. It is also essential to identify the critical data and information and to keep those resources as safeguarded as possible

• The company should have an agreement on sharing the security responsibilities with the cloud service provider

• Roles and responsibilities should be spelt out so that people have access to only those resources to which they are authorized

• Implement network detection and response (NDR) solution for identification and mitigation of threats

• Software updates and patches pushed out at regular intervals

With WFH policies likely to continue for many organizations, remote workforces need secure access to applications. Where does India stand today?

The digital transition, post-pandemic, has happened at a breakneck speed. While remote working offers flexibility, there are security constraints. Employees at different locations and a decentralized security system are what the bad actors like to take advantage of. It is being estimated that cumulative cyber-attacks in India were up by nearly 300% last year compared to 2019. Information also points to organizations facing 20% more cyber threats as they switched to remote working.

Human errors and oversights are potential vantage points for cyber attackers, and, significantly, a healthy number of people above the age of 25 have admitted that they remain anxious about cybersecurity.

What are some types of attacks targeting enterprises and their employees?

Some of the most common attacks targeting enterprises and their employees include ransomware attacks, malware Injection, phishing threats, Distributed Denial of Service, Insider Threat, Man in the middle & SQL Injection.

Please provide some security guidelines and protocols for individuals and enterprises to stay aware and counter increasing cyberattacks.

To safeguard the network against potential cyber-attacks, enterprises must put greater emphasis on cybersecurity and ensure the following fundamental aspects of network security are adhered to:

1. Zero-trust approach and strict access control based on authentication, authorization, and accounting.

2. No network blind spots and comprehensive visibility of network data.

3. Installation of automated Network Detection and Response (NDR) solution.

4. Securing company's data and applications on a cloud network, using cloud security solutions

5. Encryption of data adds a layer of security

Meanwhile, individuals also need to be well aware of the situation. Here are some guidelines to follow:

1. It is useful to undergo a cybersecurity training module to generate awareness.

2. Individuals should be alert and suspicious when they get emails or messages with attractive offers, discounts, or job opportunities.

3. It is essential to carry out office work on company-provided devices. The use of VPN and multi-factor authentication are also critical while it is better to avoid public Wi-Fi.

4. Passwords should be a mixture of alphabets, numbers, and special characters and should be unrelated to the user. Further, the same password should not be used for different accounts.

5. It is risky to keep computers or laptops unattended in a car