Guest post by Jyoti Prakash, country director at Micro Focus, Enterprise Security Business (Indo and SAARC Countries).
Are Indian Enterprises prepared to cope with cybersecurity threats posed by rapid automation and digitization?
Cybercrimes in India have risen five-fold in the past year. It is also among the top five most targeted countries for cyberattacks in the world. With data emerging as the new currency, India will need to learn valuable lessons from the European Union (EU), which has taken the lead in data security with its General Data Protection Regulation (GDPR) act. Australia, Singapore, Japan, Hong Kong, and several other countries are working on similar data protection standards.
The Security Blanket
India’s Data Protection Bill 2018, which makes individual consent mandatory for data sharing, is still underway. Meanwhile, Reserve Bank of India (RBI) and Securities and Exchange Board of India (SEBI) have upped the ante with cybersecurity and cyber resilience policies and frameworks. A few months ago, SEBI mandated Cyber Security Operation Centers (C-SOCs) for Market Infrastructure Institutions and registered intermediaries. SOCs give institutions the power to transform data chaos into security insights, enhance compliance, find and repair configuration errors, and respond quickly to actual or potential breaches.
From data on the move to data at rest, it can all be easily breached. That’s where data masking solutions that can de-identify sensitive information play a big role. Recently, the RBI has permitted tokenization of debit cards, credit cards, and prepaid cards. With this move, service providers such as Visa, MasterCard, etc., can mask original data by assigning a random surrogate value or ‘token’ to it.
Beyond Data Security
From data security to application security, a weak link is emerging for highly secured businesses. Apps and websites regularly collect data and make updates. This makes them highly vulnerable to targeted cyberattacks. Applications need to be secure, from the development phase to the testing phase, and be continuously monitored and protected thereafter.
In a rapidly expanding digital economy with no boundaries, security is an ever-evolving and time-consuming matter. Enterprises need to protect their precious data through policy as well as (predictive) analysis. It’s a complex, continuous, long-term task that can only be achieved with the right partner. The question that CIOs need to ask themselves is, “Are we doing enough?”