“If data is the new oil, then every click is the new signature.”
- To err is human, but a minor mistake can lead to the loss of critical data, hard-earned money, or even disasters.
- The magnitude of losses resulting from cyber incidents is horrifically evident based on past cyberattacks across all sectors and geographic regions.
- This highlights the need for the serious adoption of cyber discipline and cyber hygiene practices among all digital users, whether they are utilizing personal or enterprise systems.
Challenges & Opportunities
- One persistent challenge has been to channelize and recondition human behavior to cultivate a “Security Mindset” for ensuring cyber-safe practices when using digital systems.
- Regular cyber awareness trainings, workshops, and engagement tasks should be conducted to keep users vigilant about their cyber-safe habits.
- In line with this objective, the Ministry of Power has issued an advisory to conduct monthly awareness trainings by celebrating ‘Cyber Jagrookta Diwas’ on the first Wednesday of every month.
- Organizing mock drills that simulate plausible cyberattack scenarios can sensitize employees on observing and responding to actual incidents.
- AI/ML-based behavior analytic tools are essential for complete observability of abnormal access behaviors and prompt notification for reactive responses.
- It is crucial to clearly define and document security frameworks, guidelines, and best practices after conducting comprehensive assessments and gap analyses. This approach enhances cyber security posture and promotes safe usage by digital users.
Best Practices & Key Takeaways
- To prevent mishandling of digital systems by human users, it is imperative to implement systematic access controls based on the principles of ‘Zero Trust’ and the ‘Principle of Least Privilege’.
- As we all agree, within the trio of ‘People, Process, and Technology’, humans are the weakest link. Approximately 60% of attacks occur due to human errors. Therefore, cultivating a ‘Security Mindset’ at all levels – management, IT teams, and end-users – is of utmost importance in bolstering the security posture of any organization.