Niranjan Gidwani, Consultant Director, Member of UAE Superbrands Council, and Former CEO of Eros Group, speaks about the security threat landscape in the region
How has the security threat landscape evolved over the past few months?
Cybersecurity threats are continuously evolving. Cybersecurity threats are not only damaging individuals, organisations, and governments financially, but also causing serious damage to reputation. These threats are seriously impacting the delivery of critical services, and many businesses are failing, or putting in grossly inadequate resources to protect themselves from potential losses. Mainly because cybersecurity threats and data leakages are still not a part of most organisations’ strategic plans.
What sort of security challenges are people facing when working from home and how is your company equipped to handle those challenges?
Serious challenges are a very strong likelihood of data leakage, information sharing, data thefts, business secrets, billing, and pricing information, downloading of sensitive data, customer data. Also downloads of objectionable material, and so on, on official laptops.
Our organization has done the following:
- Data loss prevention policy in place.
- Device data encryption policy in place.
- Usage of VPN-based connectivity.
- Continuous monitoring of suspicious user activities.
- Robust infrastructure and proper security policies in place.
How has ransomware evolved during the pandemic period and what are you doing to tackle the problem?
Yes, ransomware has increased a lot during the pandemic because organizations have become more vulnerable. Hackers are taking advantage as businesses and individuals are distracted by many more issues during the pandemic. Hackers who commit cyber-attacks know that many will be able to get what they want.
We have to constantly be more vigilant, and take more proactive actions like frequent training of staff associated with handling cybersecurity issues. Also, to periodically check the integrity of such staff, as that could become the weak link. Tighten all open ports (loose links) in network security. Get frequent network and device security audits from a third party. More important is, once such audit reports are received, review the same immediately, and take immediate action on recommendations and investments.
How can companies overcome digital security and privacy challenges?
By encryption of all device’s data. Run end-to-end Security, Network security test assessments like VAPT (Vulnerability Assessment and Penetration Testing) every six months. Remove all redundant data from various devices.
Increase budget and time in implementing cybersecurity advice. Hire trained and highly ethical staff for monitoring potential loss due to digital security. Regular reviews to see that policies and procedures are in place, and working.
Do you believe companies today have accelerated their digital transformation initiatives?
Yes, companies today have accelerated their digital transformation initiatives as compared to previous years. Organizations are using a step-by-step approach to digital transformation. At the same time, it would be interesting to quote a study that also says that most companies are using technology to modernize their existing business model rather than transforming it.
Although 87 percent of senior business leaders say that digitization is a company priority, only 40 percent of organizations have brought digital initiatives to scale. And most business leaders make the mistake of confusing digitization, which is not the same as digital transformation, which is far more strategic.
For 39 percent of CIOs, digital transformation and cybersecurity is the most important task given to them by their CEO. (IDG)
What are the Cybersecurity Trends for 2021?
Data Security would be the number one issue, as, during the pandemic, lots of people have started working from home. Even teachers and students are engaged in remote teaching and studying. An increase in access to personal data carries the risk of destabilizing the digital society. There seems to be an overload of data being collected globally by a multitude of agencies/organisations/governments/licensing authorities/property developers/aggregators, all of which increase risk significantly.
Personal computers, Mobile, IOT, and smart consumer devices security issues as there is a multifold increase in the use of wearables and home/office automation products. Millions of IoT devices are open to the risk of remote code execution (RCE) attacks. Vehicles and transport infrastructure, health and medical infrastructure are new targets for cyber attacks as hackers are targeting smart supply chains. Cloud security since more business processes, infrastructure, and data are moving towards the cloud.
What are the key factors to consider making sure the digital economies of today are secured?
Heavy, and frequently monitored investments in Cybersecurity. Adoption of advanced technologies, robust infrastructure, and architecture. Professionally trained professionals to build a secure and innovative platform. Last but the most important – finally, even the most sophisticated digitization and digital transformation are created by people. Therefore, ensuring by whatever means available, the ethics and integrity of people associated with such initiatives. Because, it is the same highly intelligent minds who also find ways to counter and break into, or steal all good initiatives. Ethics and integrity or lack of it make that difference.