Home CISO CORNERCISO Bytes “Cyber Security is a continuous journey. Hackers only need to get it right once” – Kushal Varshney

“Cyber Security is a continuous journey. Hackers only need to get it right once” – Kushal Varshney

by CISOCONNECT Bureau

Advanced technologies have changed the modern way of life and digital world has penetrated our professional as well as personal lives. The technology and internet provide us with many benefits and now it touches almost all aspects of our lives, however, it also makes us vulnerable to a wide range of threats.

Threats are everywhere and security threats on the rise across the World. We have to put an all-round effort to safeguard Organizations and Individuals. Just basic Antivirus or Firewall are not sufficient in this Hybrid Work from anywhere scenario, we need advanced tools to guard each and every entry point. Be it End point, Applications, Servers, Access Management, Cloud, SaaS etc. everything needs to be protected and all possible vulnerabilities need to be fixed. Security by Design with Real time monitoring, detection and response/remediation should be our strategy.

In addition to the tools, security awareness is very critical aspect for cyber security. We abdicate responsibility to security teams but as everyone is now an IT user and consuming/generating information, so Cyber/IT Security is everyone’s problem and responsibility. And, likewise, improving it is now everyone’s responsibility. We must be vigilant while making use of technology to reduce the risk of cyber threats.

We often see a concerned board member and the IT leader but a vast amount of ignorance in between. There should be a shared sense of urgency about this issue within the executive team and the level below. It’s about the awareness that this is not something that affects others but is an existential threat to the organization in the digital world. It also impact brand value.

There’s a shift from the strategy of “trust but verify” to “never trust, always verify.” In the Zero Trust model, no person or device inside or outside of an organization’s network should be granted access to connect to IT systems or services until authenticated and continuously verified. The idea is that you should assume every machine, user, and server to be untrusted until proven otherwise.

Existing network approaches and technologies simply no longer provide the levels of security and access control digital organizations need. These organizations demand immediate, uninterrupted access for their users, no matter where they are located. With an increase in remote users, BYOD and software-as-a-service (SaaS) applications, data moving from the data center to cloud services, and more traffic going to public cloud services and branch offices than back to the data center, the need for a new approach for network security has risen.

Secure access service edge (SASE) is the convergence of wide area networking, or WAN, and network security services like CASB, FWaaS, Zero Trust (ZTNA), SD-WAN, DNS etc. into a single, cloud-delivered service model.

Cyber Security is a continuous journey. Hackers only need to get it right once; we need to get it right every time.

Contributed by
Kushal Varshney, CTO, Virescent Infrastructure

Recommended for You

Recommended for You

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Close Read More

See Ads