With many new connected assets, need a single source of truth

The band-aid security solutions that were put in place last year now need to be replaced with scalable, long-term, strategies, feels Adam Palmer, Chief Cybersecurity Strategist, Tenable.

The post-Covid world has expanded the workspace thanks to the work-from-home and mobile workforce. But with the proliferation of so many devices, how has the threat landscape also expanded and what are the major threats?

The shift to a remote work model pushed organizations to leverage new cloud-based technologies and approaches to optimize their teams' performance. The issue is many of these cutting-edge technologies aren’t built with security in mind — they’re designed for ease-of-use. This lack of security may have exposed assets and networks to vulnerabilities that can now easily be leveraged by cybercriminals for attacks.

Thanks to this, the job of the CISO has expanded and been made more complicated. What is the new role of the CISO and what are the metrics he or she uses to assess cyber risks?

The band-aid security solutions that were put in place last year now need to be replaced with scalable, long-term, strategies. CISOs need to harmonize and ensure that security is integrated across all applications, critical data, cloud-based assets, DevOps, network infrastructure, and operational technology. With so many new connected assets, having a single source of truth can make a world of difference.

Just as other organisations have a system of record for managing their business and understanding risk, strategic business and technology decisions need to factor in cyber exposure as a quantifiable metric of cyber risk in the same manner as other business exposures, such as economic or environmental risks.

Security leaders need to understand where to focus resources and investment to maximize their cyber risk reduction. Business executives and boards of directors require a means to objectively measure cyber exposure, in non-technical terms and understand how they compare to their industry peers or organisations with best-in-class security.

These business insights will help CISOs communicate cyber risk to the C-suite and Board in a way that fosters a business-based dialogue for better, more informed decision making which focus on efforts that maximize risk reduction.

What is the cybersecurity scenario in India? How mature are we and what more needs to be done?

In recent years and particularly since the onset of COVID-19, more organisations are relying on technology and have a complex mix of digital platforms which represent the modern attack surface. To add to the complexity, cyberattackers are also targeting critical infrastructure.

According to a Forrester study commissioned by Tenable, 97% of Indian organizations witnessed a business-impacting cyberattack last year and 67% of security leaders admitted that these compromises involved their organization’s operational technology systems.

Attackers can easily infiltrate a network in a variety of ways including changing program commands for programmable logic controllers (PLCs) by plugging in an infected laptop and by moving from IT to OT, or even directly through OT.

In many cases, organisations don’t have a complete inventory of the devices in these complex networks which leads to increased risk in both enterprise IT and industrial OT environments.

This complex, sensitive and expanded attack surface is what more and more security teams and CISOs in India are tasked with managing without the proper visibility. Unfortunately, antiquated security tools and practices are not adequate for modern businesses.

To overcome this challenge, organisations require a unified, risk-based view of where they’re exposed and to what extent across their IT and OT environments.

What about governments? With the rapid rise of digitization, especially for official purposes, how are they coping and what are the major threats there?

The underlying infrastructure to ensure that government services are available to citizens of India contains a complex mix of digital computing platforms and assets. Increased activity in a digitally-connected environment increases the potential of cyberattacks.

To ensure the integrity and security of government initiatives, security teams need to have a holistic view of all their assets and associated vulnerabilities, only then will they understand where they’re exposed and to what extent.

CISOs within government organizations cannot solely rely on technical data to make a case for cybersecurity. They need to be able to translate technical data into business insights to foster a business-based dialogue with key decision-makers. These insights help security teams prioritize and focus remediation based on business risk and receive guidance on the optimal actions to remediate those risk for better collaboration with IT.

Nowadays every citizen puts a whole lot of data online and that trend is seeing a sharp rise. What can the common citizen do to secure their private data in such a scenario?

Data breaches are occurring with significant frequency and it is important to exercise caution on what personal information people disclose online. Not repeating passwords and changing them frequently is important to protect data. Using strong passwords and complex password combinations is not only important but a necessity. An effective method is to use a password manager to create and store strong passwords. Using two-factor authentication on devices also adds another layer of security.

Organisations that collect sensitive information also have a duty of care to ensure that baseline cyber hygiene such as applying patches in a timely manner are followed to defend their networks.