Can regulations and compliance be the answer to global cybersecurity risks?
By MYBRANDBOOK
With cyberattacks becoming a commonplace within the digital world and with business models and technologies changing, the need of the hour is to have a compliance and a regulatory framework for every organization across industries
For a CIO in 2022, there remains several challenges that need to be tackled but the major concern will always be security.
Though businesses started moving their assets to the cloud even before the pandemic, the switch to a remote workforce further accelerated the process and with it, IT monitoring and security became one of the top priorities for a CIO.
“With the increase in SaaS based applications, organisations are required to build stringent security controls at their edge networks,” says Saravanakumar Krishnamurthy, Executive Vice President – Technology Engineering - IT, Network & Cyber Security at YES BANK.
“The underlined statement should always be to secure the data, whether it is on the cloud or on premises. At the same time I believe that internal threats, which are mostly unknown or internal dark web for many organisations will be one of the key issues CISOs need to address on a war foot basis.
Cyberattack groups are openly challenging and stating openly they are injecting attacks on big organisations. The Lapsus$ group is one of the classic examples,” he adds.
The BFSI (Banking, Financial Services and Insurance) sector has always remained a primary target of cybercriminals over last several years, given the amount of sensitive data that they have to deal with.
As someone from the BFSI sector, Saravanakumar believes that some of the top cybersecurity threats that continue to threaten this sector are Ransomware, DDOS, Bots, Phishing, Data Exfiltration (Data Theft), DNS & Domain Hijack. “These are the most sophisticated attacks that give real threats to the BFSI sector,” he says.
The need for Regulations & data protection laws
A data breach or a cyberattack of any kind can have a long-term psychological effect on an individual or a business, while also impacting the reputation of a brand. Also, every society perceives threats differently and so every different kind of threat has to be measured and addressed in a different manner and approach. The key concern however still remains the ‘Awareness’.
“The amount of initiatives and programs relevant to Cybersecurity happening across the globe and in our country are still in a minuscule percentage as compared with the amount of cyberattacks taking place. Many countries in fact do not have adequate policies and strategies in place to combat these kind of cybersecurity issues,” Saravanakumar observes.
In a country like India, where business model are mostly technology driven and businesses adopt all the latest technologies well in advance than many developed countries, Saravanakumar says that ground level issues should be addressed first before formulating any security policy.
“Security policies, frameworks and standards should be aligned after addressing these issues and only then it will get easily assimilated into the culture itself,” he explains.
The regulatory landscape is however slowly changing with most nations coming up with their individual data protection laws and regulations.
But as Saravanakumar explains, before understanding exactly what we expect from a Data Protection law, we need to, as an organisation segregate the data as structured and unstructured; classify the data; secure the data and then should know how to govern the data.
“We should first formulate a proper data lifecycle model first and then implement the data protection or privacy regulations. As far as the BFSI sector is concerned, the Reserve Bank of India (RBI) should bring more data awareness programs and publications and make an assessment of the industry,” he concludes.
Download masked Aadhaar to improve privacy
Download a masked Aadhaar from UIDAI to improve privacy. Select masking w...
Sterlite Technologies' Rs 145 crore claim against BSNL rejecte
An arbitrator has rejected broadband technology company Sterlite Technolog...
ID-REDACT® ensures full compliance with the DPDP Act for Indi
Data Safeguard India Pvt Ltd, a wholly-owned subsidiary of Data Safeguard ...
Happiest Minds brings in an innovative GenAI chatbot
Happiest Minds Technologies has announced the new GenAI chatbot - ‘hAPPI...
DRUVA SOFTWARE PVT. LTD.
SECUREYE SERVICES PVT. LTD.
QUICK HEAL TECHNOLOGIES PVT. Ltd.
TATA CONSULTANCY SERVICES
Technology Icons Of India 2023: Bharat Goenka
Bharat Goenka is the Managing Director of Tally Solutions. He is well ...
Technology Icons Of India 2023: Josh Foulger
Josh is the Country Head of India and MD of Bharat FIH Ltd (A Foxconn ...
Technology Icons Of India 2023: Sachin Bansal
Sachin Bansal’s fintech startup, Navi Technologies, simplifies loan ...
GeM maintains transparency in online procurement of goods & services
Created in a record time of five months, Government eMarketplace is a ...
HPCL is transforming the energy landscape, across the nation and beyond
HPCL is world-class energy company known for caring and delighting the...
C-DAC keeps India ahead in IT & Electronics R&D space
Centre for Development of Advanced Computing (C-DAC) is the premier R&...
NETPOLEON SOLUTIONS
Netpoleon Group is a Value-Added Distributor (VAD) of Network Security...
SAVEX TECHNOLOGIES PVT. LTD.
Savex Technologies is the 3rd largest Information & Communication Tec...
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...