Express Computer
Home  »  Columns  »  Security risks in the Internet era

Security risks in the Internet era

0 517

The Internet is now connecting people and things at a breathtaking pace and bringing together information from previously unconnected sources; it is promising expanded business capabilities, a richer user-experience and hence unprecedented economic opportunities.

By Pravin Srinivasan

Over the next decade, this network of physical objects accessed through the Internet-the “Internet of Things”, will bring billions of data-generating devices online and connect this vast stream of data with people, processes and other devices.

Described as the “Internet of Everything “(IoE), this will help create a connected world that can intelligently and intuitively respond to what people need and want.

However, the capability for businesses to capture the value of the rapidly evolving IoE hinges on making the most of their IT infrastructure to leverage five key technology trends: cloud, mobile, social collaboration, distributed data and security.

As businesses invest in these new technologies CIOs are tasked to cut overall costs and rationalise the different mandates to enable IoE. They are challenged to develop new business models that take advantage of this emerging technology environment and manage the associated cyber risks.

It is critical that businesses develop capabilities to analyse and understand weaknesses within the security landscape, create awareness—about the entire attack continuum—before, during, and after an attack—and adopt security solutions that operate everywhere a threat can manifest itself.

This is because the cyber threat landscape today has grown in leaps and bounds. The potential ‘attack surface is much bigger today and cyber-crimes are not only sophisticated but are also well-funded, capable of causing major business disruption.

The evolved threat landscape

According to the Cisco 2014 Annual Security Report, the average cost of a security breach has increased to $5.4 million in 2014, up from $4.5 million last year, threat alerts grew 14% year over year and malicious exploits are gaining access to web hosting servers, name servers, and data centers.

More than 90% of websites are vulnerable to hackers as against a mere 8.3% websites that are protected. In fact 100% of corporate networks surveyed showed signs of malicious traffic. The main targets of attacks were company websites while social media, phishing, and email spam were prime attack vectors. A case in point is the May 2014 report from eBay confirming that its site was hacked and users’ passwords were compromised although there was no evidence of any financial information was accessed.

A report by Arbor Networks reveals that the year 2013 India witnessed a huge rise in attacks on the banking and financial services sector (136%), and government establishments (126%), over the previous year. The second half of 2013 saw increased attacks on Indian websites, the most vulnerable being those of government organisations, banking and finance, oil and gas, and emergency services, according to a report by the Indian Computer Emergency Response Team (CERT-In).

Global concerns about India’s internet security practices rose after June 25, when hackers broke into the National Informatics Centre (NIC), which runs e-mails of all central government officials as well as websites of various ministries and accessed information on its root directory that hosts the most sensitive data.

Holistic security is the need of the hour

Given the above, businesses must transform at a fundamental level to ensure they take the maximum advantage of the shift to IoE. Considering that the number of attacks has grown at an unprecedented pace, security solutions need to take a visibility-driven, threat-focused and platform-based approach, only then will they have a security posture that aligns with changing business models and attack vectors. Such solutions will continuously protect networks across a dynamic threat landscape, reduce complexity and fragmentation of security solutions and enable business to support new technologies.

Solutions that can provide full contextual awareness of users, mobile devices and apps and provide users with dashboards and drill-down reports of discovered hosts, suspect applications, threats, and indicators of compromise for comprehensive visibility will be sought after. Using such advanced security platforms will dramatically expand the addressable area of attack and protect against the full spectrum of attacks, known and unknown. Opportunity and way forward.

The addressable security market opportunity in Asia Pacific today is worth more than $2 billion. While the firewall is still the largest piece of the pie, the fact that security budgets are on the rise across sectors (be it government, financial services or ITS) means that partners, vendors and solution providers have a part to play in providing a broad portfolio of integrated solutions that deliver visibility and continuous advanced threat protection across the entire attack continuum. In countries like India it is estimated that IT spending has gone up from 1-2% of revenues a few years ago to as much as 5-10% in some cases.

Organisations must relook at the way they have built security services in the past and re-evaluate the security policies they need to invest in the future if they have to take advantage of the new business opportunities. Clearly devising a robust security strategy and reforming dated policies is the first area that CIOs and CISOs need to evaluate.

Investments in secure infrastructure to address the challenges that trends like BYOD, IoT and mobility are another aspect that cannot be ignored. Having a framework that ticks all the right boxes is imperative. The key is to keep evolving. With an increasingly sophisticated threat landscape, it is vital to ensure that the solutions don’t stagnate when the risks multiply.

Lastly, every organisation must be prepared. The possibility of an attack cannot be ignored. Hence, it is always advisable to have a contingency plan that can be put into effect as soon as there is a strike instead of going into a disorderly crisis mode.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image