That cyber attacks have given sleepless nights to individuals and companies around the world wouldn’t be an overstatement. Governments are taking every possible measure to strengthen the digital infrastructure. While it is important to have latest malware and spyware removing tools, what is more important is to have a proactive approach to keep attackers at bay.
To act before it’s too late is the philosophy of Prasanna Mulgaonkar, a cyber security expert who thinks that the world is on a reactive mode to address threats such as anti-malware and virus detection. He says it is time to proactively manage all settings continuously. Mulgaonkar’s company Cloud Raxak, which is closely working with India’s banking and financial sector and the Ministry of Electronics and Information Technology, simplifies and automates security compliance. But what is security automation?Security automation refers to the use of automatic systems to detect and prevent cyber threats. It also contributes to the overall threat intelligence of an organization in order to plan and defend against future attacks. “The philosophy that we are trying to get people to understand is that by being proactive and doing things in an automated way, it actually improves your security much more than worrying about anti-malware. The biggest void right now is consistently managing your infrastructure so that if a breach does happen, you still have a protected infrastructure,” said Mulgaonkar.With security automation, chances of human intervention is reduced and it also helps in being consistent which in turn becomes cost-effective. But why does India need to be proactive in terms of cyber security?According to Mulgaonkar, India is fourth or fifth in terms of cyber attacks against the financial institutions. “Clearly there is a large thriving financial sector in India and, particularly in the one year after demonetisation, the number of financial transactions went up 300 percent. In India, there is a huge transformation going on in the digital infrastructure. Lots of companies are jumping into technology and that becomes a right opportunity for a hacker.”He added that, “In more mature technology countries, you see less of that because they have processes that are developed over time. In India, that’s not true. In APAC also, there is targeted opportunity for attackers.”But he also believes that India has a great opportunity in leading the world in cyber security if it proactively automates management practice of sustained real-time counter-measures on cyber attacks.In fact, security automation is one of the top trends in the cyber security space in 2019. Mulgaonkar also explained that it is important to be comprehensive because, for example, “a lot of people in India, especially in the financial sector, a lot of fintechs go to e-commerce retailers and ask them to give a server. Very few people understand that the server that the e-commerce retailer gives you, the configuration of that server is very permissive. About 50 percent of the settings are not set correctly in the server and when you put your data on this server you leave room for attacks”.Another problem that needs to be highlighted is that Indian companies due to budget constraints ask auditors to sample a part of the digital environment and using their findings companies only fix a part of the environment and this way rest of the environment remains vulnerable. This is the process in almost every company, said Mulgaonkar. Saving oneself from cyber attacks is not a choice but a need, especially when the attacks are sophisticated and are done at a large scale. VK Saraswat, Member, NITI Aayog, in his paper on cyber security also highlighted the need to be proactive by backing up regularly, updating systems and strengthening real-time defenses. He said if organizations took these simple steps, India could dramatically reduce the impact of ransomware.A 2018 study titled 'Understanding Cyber Security Threat Landscape in Asia Pacific: Securing Modern Enterprise in the Digital World’ by Microsoft and Frost and Sullivan pointed out that although cyber security is a boardroom discussion, very few organizations think about it at an early stage. The report revealed that close to 20 percent of the companies consider cyber security at the beginning of the project compared to over 40 per cent at the latter stages of the project.The report had also said that in 2017, average economic cost of cyber attacks stood at $10.4 million for organisations across India.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
