Cybersecurity has always been a moving goalpost. Hence, enterprise security needs to be adaptive and dynamic, states Ratan Jyoti, CISO, Ujjivan Small Finance Bank, in an interview with EC’s Rachana Jha.
What kind of security risks does your organization face? Have you encountered any threats in recent times?
We have not faced any security risks recently. The banking system, in general, is facing many security challenges. New technologies like the Internet of Things (IoT) or IIoT are giving cybercriminals ample opportunities and platforms to launch more sophisticated attacks on banks. Banks and Financial sector firms intertwine services from multiple vendors and other third parties and these pose significant cyber risks. International cyber-attacks are another area of concern. The emergence of mobile banking is bringing new threats. With BYOD and mobile devices, the opportunity for infected devices to connect to a network has dramatically increased.
Today, enterprises are moving away from prevention-only approaches to focus more on detection and responses? What are your views on this trend?
Prevention is still mandatory. However, banks are moving away from prevention-only approaches to focus more on detection and response. With new age technologies and data analytics, it has become possible to detect threats early. Integration of all security systems and threat intelligence and their working in unison to stop attack has increased the response capabilities of the bank.
How can enterprises benefit by taking this approach? Is this a long-term solution to tackle modern day threats?
The detection and response approach supplements and expands upon traditional Security Information and Event Management (SIEM) which now can better correlate events, detect anomalies and analyze logs, network packets, and network flows. In cybersecurity, no solution is a long term solution and we need to be very dynamic and adaptive.
It is being noticed that skill shortages are further driving spending on security services. Are you seeking help from external partners?
Cybersecurity skill sets are not adequately available and, therefore, are a challenge for banks. This forces banks to use services of vendors, partners, and third parties. On one hand, we should work with partners and at the same time, we should put our efforts to build our own team to have a balance.
As enterprises shift towards balancing prevention with newer detection and response approaches, CISOs are changing how they measure the success of their security strategy. Please comment.
Prevention alone is less effective unless it is tied to a detection and response strategy. And due to this shift, the new generation security systems are built with more intelligence. CISOs should use intelligence and statistics to measure the success of their security strategy. Incident management systems have become intelligence driven and by using these systems, CISOs can measure ROI on their security infrastructure by developing effective security matrices. The disruption in cyber technologies will make CISOs change their security strategy to fight newer threats.