PV Vaidyanathan, Co-founder and CEO, ProcessIT Global

Popularly known as PV in the industry and as the CEO of ProcessIT Global, he is responsible for Business Development and Marketing functions at the orgnanisation.  PV brings his vast experience and functional knowledge across various industry verticals to his role.  Before this role here, PV was a Professional Consultant and IT Advisor for 7 years where he provided solutions on process and technology to leading business houses of India.

 

As we see today, large, medium and small businesses are predominantly driven by technology and automation.  This phenomenon is observed across industry vertical, much beyond IT/ITeS companies.  Digital transformation drives higher quality products, smoother, seamlessly connected supply-chain and enables faster go-to-market strategies and deeper business insights.  It also delivers customised, superior quality products and services, higher throughput and improves customer experience significantly. 

Traditional, assumption-based business models are swiftly giving rise to data-driven ones in the fast growing digital economy.  Organisations, today, are relying on new-age technology and tools that are constantly evolving.  Remote working or working from home culture is followed for business continuity and sustainable growth. Such dynamic business environments demand the digital assets be secure all the time with authorized access given to relevant employees and partners.   Digital assets are complex and evolving with complicated connections between IoT devices, cloud instances, servers and endpoints, making cyber-security a business challenge. Infact, the World Economic Forum’s ‘Global Risks Report 2021’ considers, ‘Cybersecurity failure’ among the top 5 risks, a large threat to business continuity and economic stability.  The business sustainability is certainly threatened by cyber-attackers and this is so evident that some organisations are even including ransom demands in account of ransomware attacks as part of their annual budget!  Cybersecurity systems and processes have to be dynamic, proactive and robust to address threats that are more sophisticated, frequent and occur in large numbers, in the current complex technological landscape.

‘Cybersecurity first’ policy is no longer an option

The modern work environment is getting more digital and mobile with increasing dependency on the internet and cloud technology, where cyber security is becoming critical.  The economic slowdown and pandemic outbreak have further stressed the importance to proactively and quickly address cyber-attacks.

For uninterrupted functioning of all business units leading to better outcomes, the IT and Network infrastructures have to be secure and available for easy access by employees.  With enterprise networks getting more complex, covering larger area, the threat landscape exposed to cyber-crimes are also expanding.  Yes, cybercrime economy is booming today!  Malicious attempts are being made to restrict legitimate personnel to access organisation’s networks.  Some common types of attacks include, DDoS attacks, rasomware, social engineering, phishing and more.  These attacks are slowing down or even freezing business functions.  There is an adverse impact on customer confidence and brand reputation, leading to revenue losses.  

Cybersecurity is not an after-thought anymore, if businesses have to grow then, they have to be resilient. Cyber-security is today earning itself the role of a critical business function, where security, network, infrastructure, application and business managers have to work in tandem for the effective implementation of a relevant security strategy and take “NO MORE SILOED APPROACH”. Gone are the days, when business leaders took cyber-security seriously only after an attack with only the CSO considering it a top priority, every day, 24X7.

Today, it is crucial for business heads and digital-security leaders to collaborate to improve the cyber-security posture at their organisations.

A robust cyber-security strategy – an imperative

Protecting businesses and sustaining them translates into securing data, applications, operations, customers’ privacy and ensuring regulatory compliance.  Based on the business risks and objectives, security teams have to configure and implement a strategy that succeeds in strengthening the cyber security landscape.  The cyber-security measures along with controls, tools, technologies and processes should be in-line with the business risks.

Prior to implementing these measures, the existing security posture at the orgnaisation has to be assessed and recommendations on technology controls should be provided while maintaining the regulatory compliance.  This should be followed by a cyber-security strategy that has to be designed and deployed across the enterprise.  The deployment should aim to cover, Identity & Access Management, Governance Risk & Compliance, Endpoint Security, Data Security, Application Security, Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), User and Entity Behaviour Analytics (UEBA). 

Enterprise Asset Management Solution has to be configured and implemented to deliver auto discovery of hardware and software assets along with license usage compliance as well.

For Data Loss Prevention (DLP), a DLP solutions can be designed and deployed delivering visibility and protection across the enterprise.  

If required, a multi-locational disk-based backup with central monitoring and management platform can be architected and deployed with the implementation of multi-tier replication for Disaster recovery across multiple geographical sites.  Policies have to be defined to manage the information lifecycle, from backup to archival, to achieve compliance and data protection.

Defined Standard Operating Procedures and Best Practices on Support Management are to be followed for successful deployment of the Cyber-security strategy.

Creating, implementing and permanently housing a cyber-security driven culture in the organisation is the responsibility of business and IT Leaders as well as all employees, irrespective of their roles and functions.  As it is said, employees can be the weakest link for security, training them with the basic knowledge of cyber-security tools and technologies, is a good investment towards establishing the culture.

Cyber-security is the new KPI for businesses today in addition to acting as a key differentiator as well.  Understanding new business security gaps, improving security capabilities to effectively respond to online threats is vital to business growth.  Cyber-attack mitigation should also be able to address advanced and evolving threats, besides be able to deliver ongoing protection.

Enterprises that integrate cyber-security measures with every business function will be able to deliver greater customer experience, attract new customers and enjoy a larger market share, which is a result of having the competitive edge!

Related Articles