By Vishak Raman, Head of the Managed Security Services business, Tata Communications
Going back a couple of years, 2014 can be seen as the year of highly publicised and mega breaches, such as the Sony Pictures Entertainment breach. Sony suffered a major online attack that resulted in employees personal data and corporate correspondence being leaked. This was covered widely across global media outlets including social media
Earlier this year, IBM and Ponemon Institute released the ‘2015 Cost of Data Breach Study: Global Analysis’ report. According to their research, the average total cost of a data breach for the participating companies increased 23 percent since 2013 to $3.79 million. The average cost paid for each lost or stolen record containing sensitive and confidential information increased 6 percent, jumping from $145 in 2014 to $154 in 2015.The report also highlights that 79 percent of C-level US and UK executives surveyed say executive level involvement is necessary to achieving an effective incident response to a data breach.
Major trends impacting organisations’ information security plans:
Increased penetration of cloud based platforms – As more and more applications are moving towards the cloud, visibility and control is key to ensure a secure environment. Organisations need to ensure policy based control to provide access to cloud resources and also integrated security services like Distributed Denial of Service (DDoS), Web Application Firewall (WAF), etc. will play a major role to protect the cloud environment. A single pane of glass to view, monitor and manage cloud resources will help organisations protect the business critical applications and the end users. Ransomware –The use of phishing emails or exploit kits by hackers is costing a fortune to organisations. Cyber Threat Alliance states that the recent CryptoWall v3, one of the most lucrative and broadreaching ransomware campaigns affecting Internet users today, has cost hundreds of thousands of users worldwide more than $325 million. The easiest way for an individual is to pay the ransom and get their data back. The use of advanced security tools like Security Information and Event Management (SIEM), DDoS protection, data loss prevention tools etc. & robust structure for real-time security protection can reduce the threat of ransomware.
Known vulnerabilities–The adoption of open-source platforms has levelled the playing field for many organisations. Enterprises today, look to integrate off-the-shelf software packages to existing platforms, reducing cost of developing tools inhouse.
“As more and more applications are moving towards the cloud, visibility and control is key to ensure a secure environment”
Internet of Things – The evolution of IoT implies more devices becoming part of the communication ecosystem. With IDC predicting that 212 billion devices will be connected by 2020, the growing relationship between the IoT and cloud, can potentially multiply the number of endpoints connected to cloud environments exponentially, which may have severe security implications. IoT may provide excellent business opportunities, but companies should be mindful about ensuring that access is limited and secure. Sensitive data should be encrypted, access must be restricted, while role based access must be treated with utmost importance.
Best Practices for a Robust Security Environment:
1) Threats and Compliance – Organisations must take a deep-dive into what specific threats are on the rise and what concerns their business the most. Also worth looking into what new compliance rules (depending on varied nature of business) are set to kick in and accordingly evaluate the need to change the play of products & services. This assessment can help organisations chalk out the most serious potential risks.
2) Applications – Managed services and cloud environments are being used to deliver applications which work in tandem with one resource calling the other. This provides flexibility but also provides access points for attacks. Organisations should build a roadmap to deploy defences at appropriate touch-points, protecting mission critical applications and improving application security posture.
3) Event logs and response plan - Event logs provide ongoing and a near real-time view into what happens in the network. It is one of the most important diagnostic tools. Event logs also help measure overall health of the network and help set up a plan for multiple incidents that might occur in the IT environment. Organisations should create efficient incident response/ recovery plans for smooth running of the business and regularly update their security environment.
Services to Adopt for a Secure Enterprise Environment: Here are some key services that can help create a secure environment that not only takes care of existing threats, but also targeted evolving and unknown threats:
• DDoS protection – A managed service from an established service provider capable detecting a DDoS attack and removing all malicious traffic, before it reaches corporate IT systems.
• Data Loss Prevention – Hardware and software solutions to constantly monitor data entering or leaving an organisation’s network, and businesscritical data stored across all devices. This includes automated alerts to enterprise users to take appropriate actions.
• Malware Protection – Protect organisations from known as well as unknown, zero-day threats. The core technology within the service uses advanced file analysis and sandboxing techniques for identifying ‘signatureless’ threats.
• Security Incident and Event Management – This service provides with information on overall security posture by analysing logs from enterprise networks, servers and applications. The enterprise is presented with actionable information that can be used for auditing the network and taking steps to secure the weak areas.
Enterprises should look at a global provider of managed security services, which is uniquely equipped to balance between cost, performance and operational objectives with a solution tailored to business requirements. The combination of multiple deployment models provided by an established player will help deliver highly secure, flexible and cost-effective solutions.
Established in 2008, Tata Communications serves a wide range of communications services including networking, unified communications, media services and cloud computing. This Indian based Organization supports everything through its presence in 44 locations around the world.