Hybrid working environment, business requirement to access data from anywhere at any time, from any device has thrown multiple challenges for Cyber Security. The need for Cyber security has grown beyond the traditional security pathways. With accelerated changes in businesses and operations, organisations need to adapt their approaches for technology investments, so that these investments generate value. Deployment of risk-based programs ensure reasonable security assurance to businesses.
With rapid adoption of digital technologies, industry 4.O, smart products, cloud adoption, IoT & OT convergence etc. has changed the threat landscape many fold and Cyber risks must be looked at holistically. Cyber security is a foundational element and not an option anymore. Cyber security must be driven by the top management.
Challenges & Opportunities
Organizations must adopt new age Digital technologies to meet business opportunities, customer requirements and employee needs. Business would like to use advanced data analytics to derive insights. As adoption of technologies such as Chatbots, Robotics Process Automation (RPA), Data Lake, Cloud adoption, API economy and many more is happening at very fast pace, similarly, threat landscape is changing. Traditional organization who has started their Digital Transformation journey recently, need to look at current and new Cyber risks holistically. We need to ensure that required security controls are deployed and ensure smooth business operations. Spend on Cyber security must increase as IT spends increases. Some of the studies talk about at least 7-10 % of the IT budget must be spent on Cyber security to have reasonable security assurance.
It is a fact that no matter how much we deploy security controls, security incident / breach is a reality. NIST Cyber Security Framework (CSF) also talks about, if protection fails then how effectively organization can respond to an incident and recover quickly. Cyber Défense strategy must be in place to counter any kind of incident effectively.
Critical components of Cyber Défense strategy are –
- Security by design and Défense in depth.
- Operational Security Operations Centre (SOC)
- Well thought through Cyber Incident Response Plan (IRP)
- Conducting Cyber drills and ensure participation by all including leadership.
- Continuous assessment and improvement of the Cyber Défense by improving deployed technical controls, processes, enhancing awareness and skilling people.
By looking at last two decades, technology has transformed the way we work, interact, digital adoption, connectivity etc. In my view, pace of technology invention and adoption will become faster and demand for more integration is going to throw a lot of challenges for Cyber security professionals. We have already started talking about Web 3.0, Metaverse, Open AI etc. and adoption has also started by some companies. In my opinion, every organization will have their own Cyber security maturity journey based on risk exposure and appetite of the organization.
Every organization is going to face threats which were not existing before, new business models driven by technology, customer demands, privacy concerns, investment challenges and bitter reality of skill gap in Cyber security is going to multiply challenges for Cyber security professionals.
Best Practices & Key Takeaways
It is an old saying that “More we sweat in peace, the less we bleed in war” It is very much relevant for Cyber security function. As we are in constant war with knowns and un-knowns and resources are limited, we need to ensure our security controls are working as desired, processes are not breached, and we have right skills to meet challenging needs of the hour.
From Cyber Défense perspective, here are some of the key points I would like to emphasize:
- Conduct of Cyber drills at regular intervals – At least one un-alerted Cyber drill must be conducted annually to assess real readiness. Un-alerted drill means, no one knows about it, and it is executed. This will be the only drill out of drills we have been conducting such as Check list, Tabletop, planned simulation etc. which will be the closure to a real Cyber incident.
- Ensure all relevant IT & Security infrastructure assets are covered under SOC and regular reviews are being done to ensure adherence.
- Conduct Breach & Attack Simulation (BASH) to assess efficiency of Security defences.
- Continuous review of efficacy and efficiency of currently deployed security technologies.
- Right focus on threat hunting program and threat feeds you are getting.