‘Abundance of IoT devices gives more attack vector to the cyber crooks’
Published on : Monday 30-11--0001
Paresh Makwana (CISSP), International Identity, Cybersecurity, Cloud Computing expert in Government and BFSI sector.
The flip-side of connectivity is the vulnerabilities that come along. How serious is the threat?
It is indeed a serious threat. With the wave of digital transformation sweeping all across the globe, it is quite obvious that enterprises would opt for the changes to stay afloat in the competition. However, many times, they fail to provide adequate importance to the security aspects of the IT assets of the organisation. There are numerous instances globally where organisations lost money and reputation due to negligence in IT security aspects. Latest research from Accenture says Cyber Crime could cost companies $5.2 trillion over the next 5 years globally. The average cost of cyber attack now exceeds $1.6 million (as per Radware’s 2018-19 report). If we concentrate on Africa, we can see that this region has lost a whopping $3.5 billion due to cyber attacks in 2017.
How can organisations address the issues of cyber attacks and IT Security in the age of connected plants?
Today, no industry is immune to cyber threats. While more connectivity (especially in industrial automation or manufacturing industry) has brought significant benefits in the production figures and overall business growth, the security point of view has been put under the radar due to the added challenges that appeared with digitisation.
In this critical juncture, organisations face security threats to their confidential data assets, reputational damage and eventually overall business growth. Thus organisations allocate handsome budget towards securing their enterprise network from serious cyber risks. In every possible areas like monitoring of privileged accounts, activities happening in the network servers and data centres are put under robust vigilance to ensure safe and smooth operations and security of information assets. The enterprise security team can address the cyber security issues by:
- Real time monitoring of the privileged users
- Authorising the users for specific roles and activities
- Mitigate malicious insider threats with Privileged Access Management (PAM)
- Robust Password vaulting so that the privileged passwords can be randomised
- Session monitoring of the user activities and nail the suspicious ones, and
- Audit of the customised reports generated for better decision making.
One major threat comes from growing proliferation of IoT devices and storage (cloud). How can users deal with such threats?
IoT has made our lives comfortable, easy, smart and exciting, and it has spurred innovation too. However, we seldom think about the protection of those IoT devices that can be compromised under any unexpected circumstances. As newer devices and technologies are coming up for human convenience, the hackers are simultaneously looking for vulnerabilities that they use for data accumulation. Any IoT device – be it a driver-less automobile or a sensor fitted household control system, are all embedded with software. Hence, they are exposed to hacking. The cyber crooks stealthily take hostage of the system access control and make the devices behave according to their instructions. Moreover, these devices contain critical data which makes them more prone to cyber attacks. The hackers looking for those sensitive data take any means to steal those data. In near future, the abundance of IoT devices would give more attack vector to the cyber crooks from where they can serve their purpose.
Similarly, the importance of cloud security needs no bounds. Today, organisations are more inclined towards cloud storage which is a convenient way to keep data assets safe and secure. However, cloud data is not spared by cyber crooks. There are several parameters which the administrators keep in mind to combat cloud data breach:
- Privileged Identity and Access Management
- Data Loss Prevention
- Web Security
- Email Security
- Information Security
- Network Security
- Data Encryption
- Security Assessment
- Intrusion Management, and
- Business continuity & network security.
A leading cybersecurity player recently demonstrated internal vulnerabilities like USB devices. Are employees adequately trained?
There are multiple players in cybersecurity industry. Many times we see organisations not paying heed to the internal vulnerabilities that could be compromised too. Training the employees is highly essential to avert any damage in the internal network periphery. Only a trained and alert individual can stop any suspicious activity in the network and save the organisation from any cyber threat by staying away from phishing emails, refraining from using unknown and non-quarantined USBs for official devices, mitigating malicious insider threats, securing privileged accounts from suspicious users etc.
Do companies compromise security by their unwillingness to spend, attributing it to risk appetite?
Unfortunately yes. Many organisations do compromise their security infrastructure by allocating meagre budget for their IT security infrastructure. Apparently it seems to be saving good amount of funds for the enterprise but it might wreak havoc as a boomerang with any breach incident crippling their business. That is how organisations risk their reputation by their unwillingness to spend more on cyber security. Nevertheless, the situation is changing drastically.
Is there an ideal solution that reaches a fine balance?
Definitely there is a robust, reliable and cost friendly solution that can cord a striking balance between information security, smooth IT operations and business continuity. In any organisation, privileged accounts are always vulnerable and targeted by the hackers since these are the gateways to confidential information. Privileged Access Management (PAM) is the only robust solution that can predict, protect and prevent privileged accounts from being compromised by cyber criminals. Moreover, PAM solution detects any anomalous activities happening in the enterprise network and notifies the administrator about it. PAM authenticates the privileged users and monitors every user activities in real time. In addition, the passwords are stored in vault and randomised to prevent any account hack.
Paresh Makwana (CISSP) is an experienced IT Infrastructure and Security Consultant with more than 20 years of Data Centre and Cyber Security experience, primarily in financial services. He is Business Development and Vice-president Africa at ARCON TechSolution Pvt ltd and well established in both the Indian and African markets, with close working relationship with most of the CIO/CISO of banks, financial institutions, technology vendors, and government regulators.