Protecting Our Digital Frontier - National Cyber Security Awareness Month

Jhilmil Kochar, Managing Director, CrowdStrike India-

"It's that time of the year when we delve into the realm of cybersecurity awareness, encompassing the basics of data sharing and protection.  Cyberattacks can significantly impact our daily lives, our economy, and national security by targeting our computer systems and networks, resulting in data destruction, corruption, or theft. To counter these, cybersecurity vigilance is imperative for both businesses and individuals. It needs to be a shared responsibility across any organization. Businesses should enhance their security posture by first gaining visibility into potential gaps and attack paths. The earlier an organization can detect an attack, the less impact it will have on the business and the easier it will be to resolve. Then, they need to prioritize identity and cloud protection. This involves investing in agentless capabilities to protect against misconfiguration, control-plane vulnerabilities, and identity-based attacks, as well as runtime security measures to protect cloud workloads.  It's also essential to understand potential adversaries by investing in comprehensive threat intelligence and regularly conducting tabletop exercises and red/blue teaming to identify gaps and eliminate weaknesses in an organization’s security framework. Cyber-educating employees to recognize and report threats further strengthens the security fabric. For individuals, it’s important to remain vigilant and adopt a ‘verify before trust’ mindset as the rise of generative AI introduces complexities in distinguishing real from fake content, particularly in emails. In the past, spear-phishing attempts were often riddled with spelling and grammar errors, making them relatively easy to detect. However, with ChatGPT, the quality of these malicious communications are improving, making them harder to identify. Moreover, synthetic media like DeepFakes allows adversaries to convincingly mimic trusted individuals on video calls, amplifying social engineering threats. This might contribute to heightened skepticism towards online content, impacting public trust in information from public figures. Furthermore, individuals should exercise caution when sharing private data and consider the security measures of the organizations they engage with.  Using strong passwords, regularly updating passwords, multi-factor authentication, regular software updates, precaution against phishing attempts, data encryption on public networks and responsible data sharing are a few fundamental practices".

Aladdin Elston, Head - Information Security, Altimetrik-

"With the rapid adoption of diverse working models, the onslaught of cyber threats has been unrelenting, and India is one of the worst-hit cyber-attack victims over recent years. In fact, in the first quarter of 2023, India experienced a staggering 18% increase in weekly cyberattacks, almost twice the global average. In the broader Asia Pacific region, the year-on-year spike reached a remarkable 16%. In the face of these persistent cyber challenges, our approach must hinge on crafting holistic and user-friendly network architecture to protect data assets. The proposed Data Protection Bill of 2023 signifies a landmark leap toward a digital realm where data is shielded, aligning with the global aspirations for a resilient digital infrastructure. However, safeguarding our digital world isn't just a technological pursuit; it's a collective responsibility and a crucial business imperative. Organizations must cultivate a comprehensive cybersecurity culture that commences with simplification, equipping business leaders and CISOs to navigate the labyrinth of digital defense. As we face unforeseen cyber-challenges, the call to 'Secure the World' resonates louder than ever. In the digital age, cybersecurity is not just a necessity; it is a responsibility. It is essential that we maintain an unwavering focus on educating individuals about combatting common cyber threats. Businesses should commit to substantial investments in upskilling and bridging the massive gap in the cybersecurity workforce. The formidable task of thwarting cyber threats and ransomware attacks can be overcome with a highly skilled team of cybersecurity professionals who can efficiently safeguard their digital domains to become a future-ready organization".

Balaji Rao, Area Vice President, India & SAARC, Commvault-

"Cyber Security Awareness Month emphasizes the value of gradually stepping up one’s security precautions to enhance long-term cyber fitness. As one of the world’s foremost digital powers, it is India’s time to step up its security posture with the introduction of the Data Protection Bill 2023. The critical interplay between privacy, data protection, and cybersecurity strategy will collectively foster a culture of data empowerment in the digital era. As we operate in a borderless cyberspace, the practice of a holistic approach through zero trust will help us keep current business in a controlled state. Each function of an organization must work collectively to fight cybercrime in a safe, economic, and sustainable manner. Cybercriminals are becoming more sophisticated and traditional security measures are no longer adequate to defend against threats. Enterprises must shift from a reactive to a proactive approach towards cybersecurity, where new-age technologies like AI and cyber deception help identify potential threats and vulnerabilities in the early stages. Automating cybersecurity processes can reduce the time between an attack and its detection and ultimately reduce the risk of cyber-attacks and data breaches".

Jehan Jeyaretnam, Director, Head of Compliance Services, Acuity Knowledge Partners-

"In today’s digitally driven world, the financial industry is a prime target for cyber threats. The importance of cybersecurity in this sector cannot be emphasized enough, as it plays a critical role in protecting sensitive financial data, client trust, and the overall stability of the industry. The financial sector holds a vast amount of confidential information, from customer financial records to transaction data. Cybercriminals are aware of the potential rewards, and they constantly adapt their tactics to exploit vulnerabilities. A security breach can result in more than just financial losses; it can erode trust, damage reputations, and expose institutions to regulatory penalties. To tackle these pressing challenges, financial organizations must prioritize cybersecurity and invest in robust defences. Regulatory bodies around the world have set stringent requirements to safeguard sensitive data. Compliance is not just a legal obligation; it is a fundamental step toward protection against cyber threats. However, cybersecurity goes beyond mere compliance. It demands a proactive approach that keeps up with evolving threats. To stay ahead, institutions should adopt cutting-edge technologies, strong encryption, and real-time threat detection. Training employees is equally essential because human error remains a leading cause of breaches. In conclusion, cybersecurity is an indispensable investment for the financial sector. It is not a one-time effort but an ongoing commitment that requires vigilance, compliance, and a forward-thinking approach. In a digital era where cyber threats continually evolve, safeguarding financial data and client trust is paramount. Cybersecurity is the foundation upon which financial institutions secure their future".

Sanjeeb Patel, Director Software Engineering, Sabre-

"The travel and tourism industry faces a growing threat from cyberattacks due to the extensive personal data it handles. The COVID-19 pandemic led to a surge in cyberattacks, highlighting the sector's vulnerability. Cyberattacks can disrupt operations, causing financial losses and inconveniences. Vulnerabilities in mobile travel apps and high-profile cyberattacks have been frequent. It is of utmost importance to establish strong cybersecurity measures to safeguard data, uphold trust, guarantee uninterrupted business operations, and comply with regulations. Embracing the latest trends and best practices, such as zero-trust security, AI-driven solutions, biometric authentication, blockchain technology, and continuous monitoring, can enhance security. Multifactor authentication and staying informed with threat intelligence are also key. Prioritizing proactive measures and industry-specific standards is essential to safeguard customer data, maintain trust, and minimize losses. In an era where trust is currency and data is gold, safeguarding the travel industry's digital future requires not just compliance but innovation in cybersecurity"

Minatee Mishra, Director, Product Security – Security Center of Excellence, Philips Innovation Campus

"In today's healthcare landscape, robust cybersecurity practices are imperative. Defending our systems and data remains vital, but a proactive strategy to ensure a secure Healthcare ecosystem is equally essential. This involves having all parties in the Healthcare ecosystem have a minimum-security baseline and having clear communication channels. Among other things, this primarily includes staff readiness, strategic partnerships, information sharing and a well-tested response plan. The healthcare sector is a prime target for cybercriminals due to sensitive data and evolving threats. At Philips, we embed security throughout our product development lifecycle and believe that collaborative efforts among healthcare organizations, manufacturers, infrastructure providers, and government bodies are crucial for a safer, digitally transformed healthcare landscape in India".

Kokil Vira, Director of Solution Engineering, VMware India-

"India's progressive economic growth, fueled by initiatives such as Make in India and Digital India, is rapidly shaping the nation's digital landscape. However, this digital transformation also brings heightened cybersecurity concerns. At VMware, we recognize that cybersecurity is an inherent necessity in safeguarding critical assets. Whether a large enterprise or a small and medium-sized business, every organization must prioritize cloud security as a cornerstone of comprehensive cybersecurity. The relentless targeting of small and medium-sized enterprises by cyber threats underscores the urgency of a strong cybersecurity framework. Such a framework not only ensures compliance but also cultivates trust among employees, partners, and consumers. In the dynamic digital landscape of India, VMware remains committed to providing cutting-edge solutions that empower organizations to thrive securely in the face of evolving cyber challenges".