AI has the potential to counter advanced cyber security threats
Mehmood Mansoori, Member of Executive Management & Group Head, HDFC ERGO General Insurance says, AI follows adaptive or machine learning algorithms which are designed into an intelligent security system and have the potential to identify and respond to changing threats as and when they occur. Express Computer interacts with Mehmood Mansoori on various aspects of information security.
Please discuss the best practices against cyber-attacks like Ransomware
Ransomware is a malicious software attack that generally threatens to delete or publish the data from the user’s system, until a ransom is paid. From a technical perspective, this is best tackled with proactive patch management process. Older systems are much more vulnerable to such cyber attacks and therefore, organisations must ensure a road map for the roll out of regular updates and phase out old systems gradually, as a practice.
To ensure the sensitivity of such attacks as it affects all employees (non-technical), companies should roll out a periodic communication campaign on its awareness. On a generic basis, it would be ideal to avoid opening attachments with unknown extensions or emails from unknown users, thereby practicing caution. Also, keeping systems updated would ensure the system is averse to these vulnerabilities.
Were you affected by the WannaCry Ransomware attack?
We are an ISO 27001 certified company, with consistent and robust processes that ensures relevant security patches are tested and updated timely on all our critical systems. Our systems were safe and remained unaffected from the recent Wanacry Ransomware attack.
What kind of Cyber security drills HDFC ERGO does on a regular basis
Any cyber security incident ultimately impacts the business and hence, from business continuity perspective we consider cyber threats as a higher risk.
Being an ISO 22301 certified company with consistent Business Continuity Management System (BCMS), our business continuity tabletop exercises cover cyber security threat scenarios. We exercise Disaster Recovery (DR) drills every 6 months, which cover cyber security threat scenarios, to test our critical business systems ensuring continuity in operations
Have you calendarised your cyber security practices, for example, to run the business systems entirely out of your DR site once, twice in an year or, doing ethical hacking on a quarterly basis, IT audit etc ?
We have set processes in place to test the vulnerability of our systems to cyber threats. As a practice, we regularly undertake Pen test for public facing web applications and also conduct DR drills every six months. IT audits, too, are done on an annual basis.
Your opinion on the use of AI in ensuring cyber security
Existing security software databases and algorithms have a limited scope and hence, most often, are unable to keep pace with the rapid development of new cyber threats. AI follows adaptive or machine learning algorithms which are designed into an intelligent security system and have the potential to identify and respond to changing threats as and when they occur. Hence, AI has the potential to increase the scale of resistance that a system can have to counter ongoing attacks which makes the future of AI in cyber security a promising as well as an interesting one to look forward to.
Have you employed any agency or ways for cyber security awareness campaigns?
Awareness has a profound impact on the behaviour of user, which is critical in cyber defence. We look for interesting ways to build the awareness and keep our employees informed. Apart from traditional methods – like mailers and short quizzes, we always explore alternatives to raise the awareness and also reach out to agencies providing innovative ways to spread cyber security awareness among our employees.
How often do you engage with the police, enforcement agencies to discuss cyber security?
We frequently use advisory from CERT-IN, US CERT for the latest information on Cyber threats, which helps us take precautionary measures from time to time. Reporting cyber security concerns to the Police or enforcement agencies, if required, is done on case-to-case basis.
How strong is your cyber security team?
We have an entire structure which is headed by the Chief Information Security Officer and a four member technical team, having competencies across the spectrum to handle and resolve issues pertaining to information and cyber security. Apart from this, an Information Security Committee (a Steering Committee) is also in place, with representation from critical functions like – Risk Management, Legal & Compliance, HR, Administration and other Business departments to take critical decision on information and Cyber security. In addition, we also have an external information security expert, who provides certain specialised services to our team.