You can be on Entrepreneur’s cover!

How Enterprises Can Combat Cyberisks and Deploy Advanced Technologies Besides nation-state attacks, entreprises are today facing a host of other cyberisks including global non-state cyber risks, breaches, repeat breaches, time to recover and cybersecurity regulatory changes.

By Priya Kapoor

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

L-R: Priya Kapoor, Feature Editor, Entrepreneur India, Neehar Pathare, Tech CEO & CISO, 63 SATS, Josey George, General Manager, Cybersecurity & Risk Services, Wipro Ltd.

From 2018 to 2022, a staggering 39 per cent of nation-state attacks have targeted the private sector, exposing organizations to all manner of threats, including espionage, digital lockdowns and damage to critical infrastructure, according to a State of Cybersecurity Report 2023. The report by Wipro also states that besides nation-state attacks, other cyber challenges that organizations face today include global non-state cyber risks, breaches, repeat breaches, time to recover and cybersecurity regulatory changes.

As a result of such cyber attacks and challenges, a whopping 75 per cent of organizations suffered on brand reputation. Others reported loss of customers, opportunity loss and regulatory fines. A case in point is the cybersecurity incident in 2021, involving Air India wherein data files from more than 4.5 million customers were leaked in a cyber attack. In a separate incident, personal data leaks of around 180 million users were stolen from Domino's India's database."

So, the big question is: what can be done to mitigate these risks? During a panel discussion on 'Deploying advanced technology to reduce current and future cyber risks', at the Tech and Innovation Summit in Bangalore, organized by Entrepreneur Media, and moderated by Priya Kapoor, Features Editor, Entrepreneur India, CISOs came together and shared their thoughts on the same.

According to Neehar Pathare, Tech CEO & CISO, 63 SATS, the solution lies in deploying technology. "We need to evolve with the times. If you don't, the threat is real. Everyone will be affected. We were running a lot of exchanges, and we were faced with millions of state-based attacks and we defended this with the best and latest technology."

Josey George, General Manager, Cybersecurity & Risk Services, Wipro Ltd says that mitigating the risks starts from identification. "In the enterprise context there are two types of companies. One is being hacked and one that will be. If you look at the essence of what should be done, it starts from identification of risk. And risk itself is evolving. If you look at attack surfaces in cyber security context, earlier it was IP based services. Today, AI itself has become a potential attack server. Nursing syringes that are used automated in a nursing station that has an IP address. Detection becomes equally important. You have to assume that at some point whatever infrastructure you are running with, will get breached and you have to limit the damage caused."

Modernizing cyber laws

There are several pieces of legislation that govern India's legal, regulatory and institutional framework for cybersecurity, promoting maintenance of security standards, defining cybercrimes and requiring incident reporting. But the pace of modernizing data protection laws is growing in both depth and scope. A number of countries including Argentina, India, Canada and the USA have proposed changes to their data protection regulations through tabled bills. The Indian government on August 11, 2023, passed its long-awaited Digital Personal Data Protection Act (DPDP).

Added George, "For a secure digital future, regulations are critical. Most of the regulations around the world are focused so much on how soon you will report to the regulator that you have been breached. We work with lots of customers who have a global footprint. So if you are operating in 50-60 different countries, the way the governments look at regulating their ecosystem from a cybersecurity viewpoint and risk is very very different. For some reasons dealing with regulatory compliance, the biggest challenge is how do I meet all of those broader requirements that seem to be conflicting in nature and yet do what is right for the organization. One should look at the principles behind the regulations first. That always is a good place to start. The underlying principles are meant for the greater good of the economy you operate in, the stakeholders including consumers.

Pathare says that regulators are catching up, and the privacy act is going to change how data is collected, stored but reporting a crime is still low. "Although we are an IT-based nation, we follow rules everywhere, but when it comes to us we become relaxed. We don't like to report for fear of a bad image. But regulation is gearing up and in the next few years it will be very stringent.

Investments in Cybersecurity

While across the globe, the cybersecurity budgets allocated in the IT budget ranges from 4-15 per cent, there are issues with the utilization of budgets, "There is an overload of tools available that people use across the board for securing the stack starting from networks and going upwards. In today's economy, the struggle that many security organizations are going through is a cost optimization drive so you have to deal with those measures as well."

According to Pathare, the budget for cybersecurity is going upwards now. "The management and board is ready to up the scale of the budget these days. My own budget for cybersecurity has gone up to 35 per cent. Security is an integral part. Anything that is digitally connected will be hacked and therefore the budget is increasing."

Priya Kapoor

Feature Editor

Priya holds more than a decade of experience in journalism. She has worked on various beats and was chosen as a Road Safety Fellow in 2018, wherein she produced many in-depth & insightful features on road crashes in India. She writes on startups, personal finance and Web3. Outside of work, she likes gardening, driving and reading. She can be reached at her email id: kpriya@entrepreneurindia.com

 

 

 

Side Hustle

This Insurance Agent Started a Side Hustle Inspired By Nostalgia for His Home State — Now It Earns Nearly $40,000 a Month

After moving to New York City, Danny Trejo started a business to stay in touch with his roots — literally.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

News and Trends

Blockchain Technology: The Apple of India's Eye

The country, while remaining cautious on the crypto topic, has embraced blockchain with contrasting enthusiasm

Growth Strategies

Exploring Transformative Potential Of Blockchain In Banking And Financial Services

Blockchain solves very critical part of the problem which is identification, reliance on information, and accessibility to newer ways of differentiating data that was not accessible.

Management

HR Could Be Withholding The Critical Data You Need to Boost Retention and Drive Results. Here's How to Take Control and Gain Access

To get people data into the hands of managers so they can use it to drive business results, companies must break down barriers between HR and the rest of the organization

Business News

Google's 'Find My Device' Will Finally Roll Out to Android Phones. Here's Why It Was Delayed.

Both Android and Apple iOS users will receive unknown tracker alerts on the Find My Device network.