An excerpt from the forthcoming book “Organizing and Managing Insanely Great Products” by David Fradin with RN Prasad.
Hardly a day passes without reading about a data breach/ cyber attack in some business enterprise or the other. It is believed that more than 75% of the companies with any digital presence across the world have been subject to cyber-attack in some form.
According to British Telecom (BT):
- Every 40 seconds a business falls victim to a ransomware attack
- Cyber-criminals are creating, on average, 1.4 million phishing websites per month
- BT alone detects more than 100,000 malware samples every day – more than once per second
- On a typical day, there are 4,000 cyber-attacks
- BT and its customers see 3 Million suspect emails per month
We can conclude that no business enterprise leveraging digital technologies is safe in the world. Nevertheless, the benefits of digital technologies when used with an appropriate level of information protection needed for that industry environment are far greater than the drawbacks of technology usage. Information security is one of the top five agendas of most business enterprises. Hence every product business enterprise looks at information security as a strategic imperative.
Information security (InfoSec) is the practice of preventing unauthorized access, use, disclosure, disruption, modification, inspection, recording or destruction of Enterprise Information Assets. Business enterprises design information security also called by other terms like cybersecurity, InfoSec is designed to protect the confidentiality, integrity, and availability of data stored in computer systems and other IT infrastructure like storage, communication networks from those with malicious intentions. InfoSec is a set of strategies for managing the security-related processes, tools needed for physical & digital security and policies necessary to prevent, detect, counter and recover from threats to digital and non-digital information.
For successful organization and management, the organization and the roles and responsibilities must take these factors into account to be successful. Those that don’t, take the department store Target, Equifax and the Democratic National Committee, for example, could have dire consequences for senior management, the company lost billions of dollars and society at large. The stakes are huge and the organization must take that into account.
Information security breaches can cause severe damage to business even to the extent of closing down the business. Some of the critical consequences of cybersecurity lapses include:
- Loss of company’s customer data, preventing business continuity
- Potential customer attrition
- Lawsuits resulting from a violation of information protection conditions
- Potential market crash/ share price drops
- Negative impact on brand image
- Impact on individuals in Executive positions, imprisonment and even national elections
- Revenue loss due to business interruption
- Additional time & investment needed for business recovery
- The increased cost of insurance & borrowing rates
Today, the IT infrastructure has become complex and depends on several elements used to build and operate enterprise IT applications. These IT infrastructure elements include data communication networks & networking devices, servers, storage devices (internal/ external & network), Database management systems (RDBMS, Data Warehouses, Big Data sources), Data exchange software solutions, Data replicas stored in disaster recovery sites and so on. Also, data needs to be protected while at rest or in motion. In order to handle the overall information security, business enterprises tend to look at the layers in the system and handle the best options available at every layer of the infrastructure.
The layers are:
- Network – Antivirus & anti-spyware software, VPN, Firewall, etc. are used to prevent cyber-threats occurring at the data communication network level.
- Operating System (OS) – The ability to set file/ folder access permissions like read-only etc as well as preventing users from running spurious programs are handled at the OS level.
- Applications – Business applications provide user log-in controls, activity log, role-based permission capabilities.
- Database – Robust RDBMS provides table level or even column-level access permissions, data encryption, and data masking capabilities to protect enterprise data.
- Web server – Modern web applications are designed to be scalable and support thousands of users and still ensure performance. In order to balance the load, many servers work in parallel and users are typically confined to an allocated server.
Watching every layer of the IT infrastructure for possible intrusion is made possible with the help of specialized tools. There are tools available for handling information security at every layer and also in an integrated fashion. Today, machine learning and AI is used to predict fraud patterns and proactively prevent data breaches. Most business enterprises consider InfoSec as a program involving people, technology and processes. Determining the enterprise policies, user training, acquisition of the right tools, security governance are the typical steps taken to make enterprise cyber-attack resilient.
Here is a quick look at the most common type of cyber-attacks and consequently what are the methods to deal with them. A cyber-attack is any type of offensive action that targets computer information systems, infrastructures, computer networks or personal computer devices, using various methods to steal, alter or destroy data or information systems.
The 10 most common cyber-attack types:
- Denial-of-service (DoS) and distributed denial-of-service (DDoS) attacks
- Man-in-the-middle (MitM) attack
- Phishing and spear-phishing attacks
- Drive-by attack
- Password attack
- SQL injection attack
- Cross-site scripting (XSS) attack
- Eavesdropping attack
- Birthday attack
- Malware attack
Cyber Resilience is the ability to prepare for and adapt to changing information security conditions (attack types), withstand cyberattacks if it occurs and recovers rapidly from disruptions after a cyberattack occurs. This strategy focuses on sensing, resisting and recovering phases of the cybersecurity management. This holistic approach ensures proactive preventive measures using sophisticated tools and guaranteed fast recovery if a cyberattack occurs.
Business enterprises invest in a variety of initiatives to ensure information security. Corporate level programs for security awareness creation, designing robust security architecture, defining security governance policies, inclusion of security specialists in IT application development teams, ensuring the latest and appropriate software tools to monitor and resist attacks are common approaches to enterprise information security. Some of the common practices/ principles include:
- Not everything in the business enterprise needs to be protected at the highest level of security
- Users who need to know specific information based on their role will ONLY have access to such information
- All users are given minimum privileges to access business information
- Maintain a continuous log of all activities, conduct audits, and attack drills
- Run frequent tests (ethical hacking) to simulate possible cyberattacks and ensure resilience
- Plan for failure using disaster recovery and business continuity services
- Put in place multiple defense systems against security breaches so that an external hacker needs to have multiple strategies to break-in
In summary, cybersecurity is a strategic and vital requirement of a product business enterprise. We will need the right talent, tools, processes, organization, and management to ensure continuous monitoring and quick action to observed anomalies.
Podcast: Play in new window | Download (Duration: 9:04 — 16.6MB) | Embed
Subscribe: Android | Email | Google Podcasts | RSS | More