As organizations and businesses goes online and people have shifted their daily workplace and shopping to remote online networks and mobile devices, interactions and digital exchanges of data and information has increased, the demand for data security too rises.
A data breach can cause severe cataclysmic damage to both customers and the company if the data falls in wrong hands.
Therefore it is essential to have a cyber security risk management in place that involves the identification of risks while applying regulatory actions and thorough solutions to ensure protection. It is essential that every organization is ready and well-prepared with a cyber risk management plan in place.
Archie Jackson, Senior Director, Head IT & Security at Incedo highlights how protection of critical data and right approach to risk management reduces the risk impact whilst moving to an agility-centric strategy for business continuity.
DCISO: As the Head of IT & Security of your organization what are the key point’s do you think should align security and risk management with business strategy.
Archie Jackson (AJ) Fundamentally, three major points:
- A strong foundation of awareness across the organization at all levels towards social engineering and its impact to security & privacy (the associated risks) and designing an engaging and constructive learning programs for periodic refreshers and as part of new employees onboarding programs.
- Right classification of data and accordingly protection of the critical data as the top priority. With that approach of risk management, the risk impact is reduced whilst business agility continues to be maintained. Complete discovery, apt controls and monitoring of entire IT assets, mitigating the shadow IT risk.
- Cyber forensic and background detection & response mechanism, analytics and dark-web hunting defending the zero day or APTs.
DCISO: Organizations have rapidly accelerated their digital transformation that supported the shift to IoT and a remote workforce. It is asset management reimagined for security teams who are focused to identify all systems comprehensively. It is often said that ‘You can’t protect, what you don’t understand’. Key perspective you would like to highlight on this.
(AJ)Very true, stronger visibility of IT assets with the help of discovery and asset management tools that not only identifies and processes onto endpoints but also servers and IoT devices. Technology has scaled up with efficient discovery and management tools which are essential for all sized organisations.
DCISO: In the pandemic season cybercriminals have taken advantage of virtual business environment with malware campaigns, attack infrastructure, and phishing attacks all showed signs of this opportunistic behaviour. Key steps a cyber security head should advise under present circumstances.
Right time is now for every security professional to bring their potential, intelligence on the table. Highly important is the understanding of the surroundings and being prepared accordingly. There are two kinds of approach which usually security professionals possess. A. Looking at the impact B. Looking and linking the series of issues. The one who follows the approach of joining the dots saves the ship.
Look at SolarWinds breach, there are security professionals confidently claiming that since they have not been using SolarWinds so that are not impacted. However, truth is different. It only emerges once professionals look a little deeper. Almost every organisation is impacted by the SolarWinds breach directly or indirectly because SW was adopted by 425 out of top 500 Fortune500 companies. More than 9 months of data been available to the ‘bad-guys’. Almost every company in some or the other manner adopts some or the other kind of data services with these 425 Fortune500 companies. So it is how we look at a situation. Only major advice is to be observant and sense the winds to predict the storm
DCISO: Security training is critical so that employees understand the new risk landscape. In remote working scenario what are the possible ways to train remote workers?
(AJ)Best way is to engage them via entertaining phishing simulations and link the defaulters with associated learnings programs with the L&D department. Awareness to human deception techniques of fear, greed, urgency etc.
DCISO: Cyber sec professional are daunted with tasks like product security concerns, compliance concerns, regulatory issues, legal issues, breaches and attackers, and incident response along with new priorities that come up. ISACA report State of cyber security 2021 says that 56% security professional lacks soft skills as one of the biggest skill gaps to address the above issues.
What are the ways to bridge these gaps and make sure communication happens smoothly to overcome bigger challenges?
(AJ)This is not only a challenge of the security professionals but with almost every critical roles. Assertiveness, public speaking, right articulation must be part of all leadership development programs across organisations. There must be technical debates, engagements and leaders must be put through the process of imparting trainings. All of this enables them to put through the right message precisely and in the right manner.