As India drives into an increasingly digitised world, we are witnessing an era powered by the cloud technology. However, data breaches pose a major roadblock to faster digital adoption in the wake of our ever-growing digital footprint. Companies continue to battle persistent cyber threats in the absence of strong cybersecurity infrastructure, awareness, and data security laws.
According to Kaspersky Security Network (KSN) report, India has seen a 37 percent increase in cyber-attacks in the first quarter of 2020 compared to 2019. For years, e-commerce platforms have been at the top of the target list for hackers. They view these sites as potential treasure troves of data waiting to be exploited. E-commerce platforms rely on technology and user trust, two of the most significant business tenets. As a cyber-attack is a breach on both accounts, it is a huge financial as well as reputational loss.
As we move towards an increasingly digitized landscape, we can expect cybercrime to only increase in frequency and complexity.
Securing the future of e-commerce
In recent years, the sales of products and services over the Internet have grown rapidly and while e-commerce has proven to be a boon for sellers and consumers alike, especially in lockdowns, it also presents new risks. Data security has become more important than ever but for many businesses, especially those just starting out, this could prove to be a daunting task.
For the e-commerce sector to deliver the desired safe shopping experience, companies must implement powerful data security measures and adopt modern data protection tools. Some of the leading security measures include user authentication and identity assurance, data loss prevention and disaster recovery and modern encryptions.
Furthermore, consumer data and privacy must be fully safeguarded. Securing personal data is a necessary step and an absolute imperative in a digital marketplace. Businesses that need to collect customers’ personal data are now expected to put in place protection against malicious threats, prosecute bad actors, and be able to restore the status quo quickly. This is an additional responsibility, as any security breach event must be detected and acted upon quickly.
Hackers today use a variety of techniques like phishing, launching malware, social engineering attacks, etc. to identify weak points and hijack the whole network. They also continuously come up with new ways to trick users and businesses, but they are often helped by staff negligence (which accounts for 70% of knowledge breaches, according to the Kaspersky report).
Here are five ways that organizations close security gaps before an attack.
1. Perform good data hygiene on systems. (Patch management is key.)
Unsupported operating systems and unpatched software open the door for malware infections and other attacker exploits. Once threat actors gain access to the environment, they methodically look for key systems and sensitive data to exploit.
That’s why it’s beneficial to have a well-defined patch management program that promotes the implementation of patches and updates soon after they’re released with the target of three to seven days for critical patches and updates and no more than 30 days for others. In many instances, by the time a vendor releases a patch, cybercriminals are already aware of the vulnerability and have developed or are well down the path to developing a tool to exploit it. For example, WannaCry ransomware was widespread because the targeted organizations failed to update systems using older operating systems even though a patch had been released and was available to them for some time.
System misconfigurations can also lead to breaches. Open ports and improperly configured firewalls or routers can give hackers access to your network or provide information about the network that can lead to access.
2. Implement multi-factor authentication and admin credential vaulting for all systems.
Poor password management practices and improperly secured endpoint devices can create vulnerabilities. But passwords and credentials with privileged access are especially valuable. Vaulting credentials and admininstration credentials provide extra safeguards for credentials of shared resources on your network, offering a repository with passwords automatically refreshed after each login.
If an employee uses the same password for multiple personal and company accounts, and one of the accounts is compromised, attackers can gain access to the other accounts using the compromised credentials. Multifactor authentication adds extra steps and security, requiring a personal device or biometrics to prove identity.
3. Provide consistent logging across entire environment
Security and access logs are absolutely critical to helping you identify the source of an attack — or ”patient zero”. The sooner you can do that, the sooner you can apply the necessary patches and restore a clean backup. After an attack, these logs also allow you to provide required proof of compliance to regulatory agencies, in which you can describe what happened and demonstrate that your organization was, in fact, taking the necessary precautions.
It’s not just enough to maintain security logs. These need to be protected from hackers, too, who will target these logs for deletion or alteration in order to cover their tracks.
4. Implement a fast analytics platform to help identify signs of threat actors in environment.
Speedy, real-time analytics can help spot suspicious behavior, anomalies, and more to alert you to the possibility of an attack. If unusual activity is happening in your environment, fast analytics platforms will spot it before it’s too late. Threat hunters can identify these and eradicate them before your data is widely compromised. Your architecture should be built with resiliency and durability in mind. For instance, implementing a snapshots feature can protect critical backup data from deletion.
5. Regularly run security awareness training and tabletops with a focus on ransomware
Employees can be the weakest link in a company, especially where cyber threats are concerned. Employees frequently fall victim to email phishing scams, one of the most common ransomware attack vectors . Phishing emails trick users into downloading malware attachments or clicking on links that lead to compromised content with hidden malicious code. Inadequate password security policies can result in identity theft or unauthorized access to high-level information.
Remote devices on the company’s network, using out-of-date software or operating systems can also open the door to cyberattacks. Without clear internet and email policies, employees won’t know how to access, use, and share sensitive data securely, or what information should and shouldn’t be shared via email. Data access policies ensure that each employee only has access to the systems and data they need to perform their job.
Organizations that have been hit by ransomware attacks have learnt the importance of having a modern data protection strategy the hard way. With a blend of proper preventive measures, real-time data backups, and a rapid restore solution, businesses can ringfence their digital assets against cyberthreats and be better positioned for the digital world.
(The writer is country manager, Pure Storage India.)
