“Establishing a culture of awareness around cyber-security is crucial to the ongoing information security”

Kapil Madaan
CISO, Minda Corporation

Measures adopted for combatting threat
Since the COVID-19 pandemic started approximately one year ago, the world has changed in many ways. The biggest, most damaging and most widespread threat that all businesses are facing is phishing attacks. They have grown approximately 65% over the last year, and they account in billions in business losses.

A Cyber security leader strategy is needed, as the attack surface grows, and we rely more on digital technologies in all areas of business and industry. Cybersecurity challenges are increasing and cyber resilience can help organizations prevent, detect, respond, and recover.

The functions—Identify, Protect, Detect, Respond, and Recover remind us of how important it is to balance proactive safeguards while preparing for worst-case scenarios. This balance is especially important in all the business settings where a worst-case incident could drastically affect the solvency of a business

Upcoming threat 
Deepfake is going to be the biggest threat. Deepfake, a combination of the words ‘deep learning’ and ‘fake’. I will suggest preparing strategy against such incidents.

Social engineering attempts & Email based phishing – Make Employee training and awareness mandatory. By offering adequate training and creating awareness employees can be turned into an additional line of defence.

Plan, Act & Response Strategy – Ensure that your organization is ready to adequately respond to such incidents.

Further So many Security service providers are working on an AI-powered deepfake detection software for this purpose. The tool can automatically analyse videos and photos to provide a confidence score that the media has been manipulated.

Safeguarding customers & employees
Remote workers are typically the first to face security threats. They are often the source of network security incidents that can wave quickly through the rest of the organization. Even if we do not have remote employees, mobile devices like smartphones and laptops pose security risks.

Now the Cybersecurity leader role comes in picture to prepare strategy. We have to think from a broader perspective like Application Security, Network Security, Endpoint security, Email Security, IoT Security and so many based on the environment.

From support to strategy and set the culture, while most companies recognise the pressing need for technical security measures, without a culture of security in the workplace, the risk of threat can remain high. Human error can very quickly and easily undo even the most stringent digital protection, so establishing a culture of awareness around cyber-security is crucial to the ongoing information security.