The Ab-Crack of Cyber-Security

Pratima H

MUMBAI, INDIA: It may have taken decades for the six/eight-pack-winds to wipe away pot bellies altogether. But who knew something could dislocate these fitness epitomes too, and hey, so soon? This is where you would not be wrong if you are thinking of washboard stomachs and high-definition security postures in the same vibe when we say the word - 'crack'.

A vertical dimension has arrived on both torsos.

Every industry is facing a specific threat vector of its own kind. Hackers are cracking cars with keyless entries as effortlessly as they are crawling into billion-league companies.

Getting the right crack has become a pressing need for many – whether it is a model struggling to get the right crease, an auto-maker having second thoughts about putting sensors in a digital wagon, a software player struggling to juggle updates for zero days or factories tired of standing on the ring side with IoT (Internet of Things).

Ringside is where we caught up with Ruggero Contu, Research Director and a seasoned security mind at Gartner when he was here for a summit. This is what he says when it comes to those cracks.

What is everyone talking, or shall we say- worrying about this year? Different nightmares flitting about?

The buzz is about digital businesses trying to align their new strategies, transformation goals with security in a sure manner. Security needs to stand in the right way with business objectives of the new age. The change that is needed is about less of the preventive approach and more strengths on development of detection and response capabilities. Organisations would have to face security challenges sooner or later so it is necessary that they are ready to cope no matter what.

Isn’t that an irony of sorts? Automakers like VW, Fiat Chrysler, Renault are confronting prospects of security loopholes for the sheer reason of embracing new technologies. IoT players have still to figure out the flip side in terms of security. Does digital empower and weaken at the same time?

Yes, digital advancements and IoT etc will throw open a new set of issues. IoT will have the aspect of digital devices being everywhere. Specific industries like the automotive one and industrial control systems would face a new set of scenarios as they open up. Automakers would be at the forefront of receiving new challenges, discovering them and dealing with them.

Ruggero Contu

What should businesses remember then?

It has to be about a shift in how one looks at security. The focus on technology alone is not enough. It has to be about business requirements and strategy now. Security should be tightly aligned to risk management.

Has the equation between zero-day-vulnerabilities and availability of patches or updates taken a new form, from what has been observed recently?

Patches are and have to be more relevant to current digital age. Appropriate response is definitely critical. The circumstances would become more and more severe, in all likelihood, and hence detection as well as response capabilities would have to be immensely improved.