Digital Lenders Association of India

Blog

Minimizing cybersecurity risk – Understanding the How-To aspect

September 19, 2019

With great data, comes great responsibility.

From 2013 to 2019, there have been 5 massive cyberattacks that have resulted in breach of information of more than 400 million users, each time. Yahoo, First American Fin Corp, Facebook, Marriott International, these are some of the biggest international corporates, and all of them have been recent victims. However, individual users should in no way use these cases as an excuse to be an ostrich in the sand as they too are vulnerable. Considering the massive amount of personal, financial, social and biometric data that crowds the digital world, the importance of implementing strong cybersecurity is greater than ever before.

Connectivity begets vulnerability

The world is getting connected at the speed of thought. India alone is estimated to be the home to 700 million smartphone users by 2022! Reduced data consumption costs further boost connectivity, and leads to increased security vulnerabilities. This requires a more refined approach to cybersecurity that guarantees more protection, detection, analysis and performance. As enterprises incorporate IoT technology in the midst and smartphones assume the central role in day-to-day activities, a detailed blueprint to deal with cyber-threats is required. So what are the fundamental steps one can take to ensure better security?

Avoid pop-ups, unknown e-mails and links – One of the basic online hygiene for employees and entrepreneurs is to completely avoid clicking on pop-ups and e-mails from unknown and unverified sources. Also, enterprises should put in place strong policies about connecting unsecured devices to the enterprise networks. Considering the advent of IoT and improvement in machine-to-machine interaction, unsecured devices need to be minimized within an enterprise digital boundary as they can easily compromise the security status of others.

Protection from Malware and viruses – In a recently published report, Quick Heal Security Labs identified over 3.3 million malware, potentially unwanted applications and Adware on Android OS during 2018 – most of which were trojanized fake applications. The Bring Your Own Device (BYOD) culture being adopted by enterprises also increases this risk.

Better password protection and identification – Enterprise Security and Mobility Management solutions need to incorporate better security thresholds within their framework. For instance, face/fingerprint sensors are definitely a better option than password protection. Bio-metric identification enhances the privacy of accessing workspaces and systems immensely. For enterprises still implementing password protection, the inputs used should be as fragmented and random as possible, reducing the probability of patterns to emerge.

Preventive mechanisms – Lastly, enterprises and individuals should keep fundamental protective mechanisms always on, and frequently check the vulnerability alerts. For centrally protected enterprises without individual system armors, it is important to keep updating the central security mechanism to protect against new viruses. Also, organizations should carry out cybersecurity drills and train the employees to identify and deal with basic security issues at their own to ensure risk is minimized at an initial stage before it assumes epic proportions. Governments, policy makers, and regulators are increasingly prioritizing cybersecurity and the need to protect the new oil-data. Recent large-scale implementations, such as the EU-GDPR, mark this change in both public and policy sentiment. However, the first step begins within our enterprises, homes and public facilities, and most importantly, in our own minds as we consciously seek to become more aware about protecting our own information.

Article byNeoGrowth

Disclaimer: The opinions expressed within this article are the personal opinions of the author. The facts and opinions appearing in the article do not reflect the views of DLAI and DLAI does not assume any responsibility or liability for the same