Pradipta Patro, Head of Cyber Security & IT Platform at RPG Group (KEC International Limited), shared his views on mitigation of ransomware attacks and challenges of CISOs , in an interview with CISO CONNECT
Q1. In the context of continuous uncertainty of Pandemic, what are the cyber security challenges for CISOs?
The coronavirus pandemic has created new challenges for businesses as they adapt to an operating model, in which working from home as well as offices (Hybrid working model has become the ‘new normal’.
Organization are accelerating their digital transformation in multimode and adopting the digital mode in faster pace, and cybersecurity is now a major concern as the threat landscape have been without any boundary.
New challenges for CISO due to acceleration of digital mode and faster adoption is opening larger threats landscape and the dynamics are changing very fast. Cybersecurity controls are not adequate, and we need to have strong identification, detection, protection, response and restore technology with IA / ML / UEBA / SOAR in place. We need to implement defence in-depths with layer of security controls considering from chip to cloud.
Q2. Which are the key security areas that you would identify which will change the course of security Industry?
Key security area of detection, protection, response and restore technology with IA / ML enabled and integrated approach with live visibility with automated response.
Q3. As ransomware attacks is one of the key cybersecurity concern for CISOs, how does your organization deal with this security threat?
Organizations should have Cyber resilience and Defense in depth strategy at all the controls, which is the key to make things difficult for the attackers and also ensure the basic security practices are followed. Some of them are
1. Patches / firmware’s are updated on time endpoints / devices / services,
2. Harden the systems (standard configuration of services / devices at all layers-web, middleware / database),
3. IAM- strengthen Identity and access management including privilege access,
4. Integrated solutions with visibility & Monitoring,
5. SOC services including appropriate partners with SIEM / SOAR (enabled with threat intelligence, threat hunting, threat advisories and faster actions on Zero day vulnerabilities),
6. Regular VA / PT and assessment to improve the cyber security postures,
7. Users Awareness and Skilled Cyber security resources for the guarding and acting on the threats regularly.
Q4. How can the stringent frameworks such as Zero Trust Security, least privilege access, and strong identity management help CISOs secure their organization?
Definitely, Zero trust security and NIST framework implementations will help CISO’s to secure the organization but basic hygiene as mention above is the key factor.
Q5. With the widespread increase in security and data breaches, human error, and insider threats, how can CISOs stay ahead of these challenges?
It has been observed that insider threats due to human errors / lack of awareness is the major contributor for the data breaches, as cybersecurity is everyone’s responsibility. Hence, we need to create the human firewalls for the organization and this requires people, process and technology to work together along with cybersecurity culture of the organization.
Appropriate policies including WFH / Remote access and framework (NIST) implementation with effective controls will help the CISOs to stay ahead of the challenges (Cybersecurity is a marathon without any finishing line and we need to keep vigilant on outside threats as well.)
Another key factor for the CISOs is the support from the board and senior management in terms of policy enforcement, compliance across the organization (top to bottom approach) and budget approvals on cybersecurity projects.