It could be called beau ideal looping a cyber-security honcho, when the digital-driven world and enterprise for bye is griming with sophisticated cyberattacks. WannaCry, Petya are not anymore previously owned terms amid the growing global threats of cyberattacks. While talking to BIS Infotech; Maninder Singh, Corporate Vice President and Head – Cyber Security and GRC, HCL Technologies sturdily ravel the ongoing menace of vicious cyberattacks. Edited Excerpts.
- The recent growing attacks are getting more vulnerable than ever as they are been attacked from silos and unidentified geographies. How HCL does identify these malwares and keeps the digital-drive secure?
The need of the hour for global enterprises is to formulate and implement an Adaptive & Evolving approach towards their security posture. To achieve this HCL has a proven framework around “Dynamic Cybersecurity Framework” that enables enterprises to assess their current cybersecurity strategy and validate if their security architecture is scalable enough to defend against relevant risks and support business initiatives. Additionally it takes an integrated view of architecture, technical design and underlying operations, which means putting frequent checks and balances including a comprehensive review at least once a year.
- What are the trending ransomwares in the enterprise segment and how can enterprises combat the sophisticated ransomwares?
Every day, cybersecurity threats continue to rise and get more sophisticated, with their impact more severe. Enterprises need to renew their focus on solutions that ensure their systems are secure, or they risk the loss of their data, time, money and most importantly, their credibility. Such ransom–ware attacks prove that all efforts of threat protection against cyber–protection can never be considered complete – they need to be ever–evolving to prepare for more and more complicated types of attacks in the future.
- WannaCry attack has been identified as the biggest ransomware outbreak in history. What are your suggestions to the CIOs and how to prevent it in future?
The prime reason why WannaCry has been successful in expanding its tentacles at such a wide scale globally is because of its ability to spread across the organizational network without user interaction by exploiting a known Microsoft Windows vulnerability.
Global enterprises need to formulate and implement an Adaptive & Evolving approach towards their security posture. To achieve this adaptive security posture, enterprises need to assess their current cybersecurity strategy and validate if their security environment architecture is scalable enough to defend against future threats. After strategizing a scalable future ready architecture, enterprises must transform their security posture with the help of requisite advanced controls and continuously integrate them in their environment to securely enable business growth.
- A good number of enterprises are still on traditional infrastructure and loitering to find cheap solution to migrate to digital forms of architectures. Does this sentiment put their IT infrastructures on major risk?
Most modern attacks are a result of lack of awareness/education on the part of users or laxity on the part of organizations to continuously secure their environments through regular vulnerability assessment and mitigation/patching updating programs.
CISOs have struggled with ROIs due to point investments. They need to make programmatic investments and HCL has been engaged with helping clients to take a portfolio–based approach to overall technology and process controls. HCL helps clients define the ‘Investment and Deprecation’ areas to ‘rationalize’ their current investments (removing duplicate licensed/shelf–ware software through a maturity driven roadmap) as well as refreshing/standardizing through HCL’s ‘Cloud Driven’ offerings and minimize Capex.
Threats such as ransomware do not always necessitate advanced security toolsets for defense. A proactive and planned threat protection approach, with support across the enterprise security journey will can help organizations to securely grow their business, while remaining compliant to all the business and regulatory compliances. With a proactive approach, CyberSecurity leaders need to adapt and evolve towards the security challenges to inspire overall business confidence.