Investing in employee training & awareness enhances an organisation’s cyber resilience: Dr. Yusuf Hashmi- CISO, Jubilant Bhartia Group
In an exclusive interview, Dr. Yusuf Hashmi, CISO, Jubilant Bhartia Group, underscores the impact of digitisation on cybersecurity, heightened vulnerability, and the imperative for robust strategies. He advocates proactive breach response tactics, such as assuming breaches, comprehensive playbooks, and employee training. Moreover, he recommends optimising security investments by assessing RoI, consolidating technologies, and prioritising skills development for resilience.
Here are the edited excerpts:
As most organisations are digitising their processes and moving to the cloud, how has their overall cyber posture been impacted in terms of vulnerabilities to cyber-attacks? How do you think the new normal changed the cyber strategies of companies across the globe?
As organisations transition towards digitisation and cloud adoption, their cybersecurity posture undergoes profound changes, impacting vulnerability to cyber threats and necessitating strategic shifts in cyber strategies globally. The digitisation of business processes and migration of workloads to the cloud significantly expand the attack surface, amplifying the responsibilities of cybersecurity professionals. Crucially, the decision to opt for a single cloud provider or a multi-cloud approach becomes pivotal, influencing the organisation’s resilience against evolving threats.
Cloud misconfiguration emerges as a critical challenge, requiring a nuanced understanding and effective management of cloud environments, distinct from traditional infrastructure. Establishing robust controls, conducting thorough asset discovery, and implementing stringent configuration management protocols are essential steps in mitigating the risks associated with cloud misconfigurations.
I think laying down a comprehensive framework for cloud security is imperative, encompassing network security, asset management, configuration management, logging, and audits. Despite the reliance on cloud service providers, organisations bear ultimate accountability for data protection, underscoring the importance of maintaining vigilance and implementing robust security measures. Navigating these challenges demands a proactive and strategic approach to cybersecurity. So that’s what my perspective is. Laying down comprehensive frameworks, understanding cloud environments, and embracing resilient strategies, organisations can effectively adapt to the new normal and safeguard their digital assets amidst an evolving threat landscape.
Despite the best security measures there is a high probability every organisation will experience a breach at some point of time. What are your suggestions on cyber resident strategy and tips for security leaders that will help recover from the incidents quickly with minimum damage?
In today’s cybersecurity landscape, the inevitability of breaches underscores the importance of adopting a proactive cyber resilience strategy. Embracing the “assume breach” mindset is foundational to this approach. By acknowledging the possibility of a breach and preparing accordingly, organisations can position themselves to respond swiftly and effectively. This involves identifying potential touchpoints of attack, understanding the organisation’s assets, and establishing protocols to protect critical systems and data.
Developing comprehensive security playbooks and response plans tailored to common attack scenarios, such as ransomware, DDoS attacks, and SQL injections, is essential. These plans outline predefined steps and procedures, enabling security teams to react promptly and decisively when incidents occur, minimising their impact and facilitating a faster recovery process.
Moreover, prioritising a proactive approach to prevention and detection is crucial. Robust security measures such as intrusion detection systems, endpoint protection, and regular vulnerability assessments preemptively identify and thwart potential threats before they escalate into full-scale breaches.
Investing in employee training and awareness programs significantly enhances an organisation’s cyber resilience. Educating staff on cybersecurity best practices, phishing awareness, and incident response protocols empowers them to recognise and report suspicious activity promptly, bolstering the organisation’s overall security posture.
In summary, while breaches may be inevitable, proactive cyber resilience strategies enable organisations to mitigate their impact and expedite recovery. By assuming breaches, creating tailored response plans, prioritising prevention, and detection, and investing in employee awareness, organisations can enhance their ability to withstand cyber threats and minimise the damage inflicted by inevitable incidents.
As an industry leader, what are the best practices you would recommend for improving our way from existing security investments?
As an industry leader, optimising existing security investments requires a strategic approach tailored to the evolving digital landscape and increasing cloud adoption. It’s imperative to ensure that security expenditures yield tangible returns and effectively mitigate potential risks.
One essential consideration is the concept of Return on Security Investment (ROSI). Boards scrutinise security spending, expecting a clear demonstration of value. Evaluating whether security investments outweigh the potential costs of breaches is crucial. Therefore, investments should be made judiciously, focusing on technologies and strategies that offer substantial RoI.
A key strategy is to consolidate and unify security technologies. Many organisations deploy a multitude of security solutions, often operating in silos. However, a unified architecture streamlines operations, enhances efficiency, and fosters economies of scale. By integrating disparate security tools into a cohesive framework, organisations can reduce complexity, optimise resource utilisation, and improve overall security posture.
Furthermore, prioritising skill development is essential. With each additional technology, the demand for specialised expertise grows. Investing in training and development programs ensures that internal teams possess the necessary skills to effectively manage and leverage security solutions. Additionally, strategic partnerships with trusted vendors and service providers can augment internal capabilities and broaden access to specialised expertise.
Ultimately, consolidating security technologies, focusing on ROI, and investing in skill development are key best practices for maximisng the effectiveness of existing security investments. By aligning investments with organisational goals and adapting to evolving threats, industrial leaders can enhance security resilience while optimising resource utilisation and cost-effectiveness.
