Cybersecurity tips for the digital era - Hindustan Times

Cybersecurity tips for the digital era

ByHindustan Times
Dec 07, 2023 11:28 AM IST

This article is authored by Vijendra Katiyar, country manager for India & SAARC, Trend Micro.

The year 2023 is a momentous milestone for cybersecurity awareness, making two decades of dedicated vigilance, underlining the ever-expanding significance of cybersecurity. In this interconnected digital age, where technology seamlessly integrates into our daily lives, adoption of advanced cybersecurity mechanisms to guard data, both personal and official, is imperative. This year's cybersecurity awareness month’s theme, 'It’s easy to stay safe online,' reminded us that while the basic security measures such as multi-factor authentication, strong password management, software updates, and proactive phishing detection and reporting are crucial, businesses of all sizes should look to go above and beyond in a strategic sense to improve their cybersecurity posture.

Cybersecurity (Representative)
Cybersecurity (Representative)

To guide you on this journey, here are my two cents on four actionable strategies to fortify your online security posture. These recommendations ensure that you remain a vigilant guardian of your online presence.

HT launches Crick-it, a one stop destination to catch Cricket, anytime, anywhere. Explore now!

· Achieving enhanced cybersecurity visibility: As the age-old military expression goes, 'amateurs talk tactics, and veterans talk logistics.' In the realm of cybersecurity, where seasoned professionals now prioritise visibility, this wisdom holds true. Today, veteran cybersecurity professionals are moving beyond tactics and focusing on logistics. Digital environments have grown increasingly complex, and attackers are adept at exploiting complexity, by finding fertile ground and targeting neglected and under-protected resources to manoeuvre laterally, evade detection, and gain privilege. Considering this, relying solely on traditional IT system management databases falls short in today's dynamic landscape as these databases often lack accuracy.

To bolster your security, it's crucial to gain comprehensive visibility over your network. This includes a precise knowledge of the inventory of your entire attack surface, including legitimate assets, shadow IT, and VPN-connected resources. Attackers often exploit unmanaged and unpatched devices, further enforcing the need for complete visibility. But visibility isn't just about being aware of the existence and patch status of assets; it's about understanding their interactions with other elements in your network, as this reflects the overall security posture.

· Real-time risk Assessment: A proactive approach: While semi-annual penetration tests satisfy compliance requirements, they are no longer sufficient in dealing with threats in the near-real time cybersecurity landscape. The industry has evolved towards real-time monitoring and decision-making, as must everyone.

Infrequent events, such as VPN authentications, fail to provide the agility needed for real-time decision-making. During these intervals, indicators of compromise can accumulate, potentially transforming an acceptable risk into an unacceptable one. Time is often the ally of attackers, and organisations must learn how to turn the tables.

· Broaden your security radar for unusual threats: This step is closely associated with the initial recommendation regarding enhancing visibility. Elevating visibility necessitates the proactive compilation of various new types of security-relevant telemetry.

The standard events, typically assessed by cybersecurity teams have become somewhat predictable, enabling attackers to effectively circumvent them. This forms the basis for lateral movement and unconventional pathways, such as exploiting IoT and other elements that may not be immediately recognised as part of an organisation’s attack surface. To avoid this, the key here is: the greater the uniqueness and unconventionality of telemetry data, the higher the potential to reveal previously undisclosed assets, data, connections, and identities within your organisation. Your end goal should be to cultivate a data-rich environment that amplifies your extended detection and response capabilities, ultimately elevating overall security.

· Embrace a unified cybersecurity platform strategy: A robust foundation for these strategies hinges upon the deployment of the right security tools. While diversifying your security stack can be beneficial, avoid the pitfalls deploying disjointed, single-purpose products. Visibility is the foundation of defence, and fragmented solutions only provide fragmented security.

A well-thought-out platform strategy, integrating multiple security solutions into a unified framework, provides a holistic view of your security posture. Seek cybersecurity platforms that support third-party integrations and encompass capabilities such as extended detection and response (XDR), virtual patching, automation, continuous monitoring, and risk assessments.

As part of this strategy, scrutinise your existing security tools, and eliminate any redundant or outdated solutions. A leaner, more efficient security stack will not only conserve resources but also streamline the analysis and bolsters your overall security.

Organisations can no longer afford to rely on traditional mechanisms that may have served and met their cybersecurity needs for many years, as they are no longer adequate or effective in the current digital landscape, where both the nature of threats, and the means adopted by attackers to deploy them are constantly evolving. To ensure seamless operations, and optimal efficiency of an upgraded security framework, organisations need to streamline all functions. The need for businesses to adopt proactive security measures to safeguard their data assets cannot be stressed enough.

This article is authored by Vijendra Katiyar, country manager for India & SAARC, Trend Micro.

Share this article
Story Saved
Live Score
Saved Articles
My Reads
Sign out
New Delhi 0C
Thursday, April 18, 2024
Start 14 Days Free Trial Subscribe Now
Follow Us On