Cyber security breaches, attacks, incidents etc just don’t don’t happen out of the blue. There are issues both known that are brushed under the carpet. The unknown which are quite a few these days, the less said the better. It is not so easy to be abreast with the latest in the field anyway. Laxity, lack of expertise and a casual approach more often than not finally turn out to be the accentuating factors. The spate of ransomware does not seem to stop and at times companies lack a reliable back up, and the absence of a DR sort of system, which comes in the way of getting on their operational feet.
If we go by the learning outcomes of the 15 of the recent prominent attacks, inclusive of ransomware attacks, leaders are getting increasingly concerned about their ability to recover mission-critical data after an attack. The gaps in the mission critical data throws up handicaps which costs time and money to reengineer, decrypt or recover and many times it does not happen. Do we ever think of such an eventuality striking us, if we do, and we apply our technical heart and minds, then there are solutions which can work around it. But all this has to be done in advance, and certainly when you are in the midst of a situation.
The other learning is that there is a need for a strong cybersecurity remediation process. The process should necessarily leverage automation and AI. It is only through these means organisations can proactively address vulnerabilities and minimise risks. The non-identification of the root cause of the concerned breaches and the consequent actions comes in the way of improving the cyber security stance for the future. In the case of manufacturing organisations protecting operational technology is important, by adhering to evolving regulatory requirements and ensuring business continuity amid increasing threats.
The Microsoft worldwide outage courtesy CrowdStrike highlights the risks on a single service provider and I don’t think any great changes have happened on this count in the last six months or so. Oddly enough, the single service provider is also without a robust cyber security mechanism in place. What is the other way to bring down the turnaround time in case of a CrowdStrike type situation? The companies and the customers are forced to bear financial losses, that is not an acceptable situation. In the learning outcomes of recent breaches, the expected pattern is that the social engineering attacks are expected to increase in sophistication and frequency due to AI.
THE DYNAMIC NATURE OF CYBER SECURITY IS TURNING OUT TO BE A HUGE CHALLENGE TODAY.
Sanjay Sahay
Have a nice evening.