An excerpt from the forthcoming book “Organizing and Managing Insanely Great Products” by David Fradin with RN Prasad.
Hardly a day passes without reading about a data breach/ cyber attack in some business enterprise or the other. It is believed that more than 75% of the companies with any digital presence across the world have been subject to cyber-attack in some form.
According to British Telecom (BT):
- Every40 seconds a business falls victim to a ransomware attack
- Cyber-criminalsare creating, on average, 1.4 million phishing websites per month
- BTalone detects more than 100,000 malware samples every day – more than once per second
- On atypical day, there are 4,000 cyber-attacks
- BTand its customers see 3 Million suspect emails per month
We can concludethat no business enterprise leveraging digital technologies is safe in theworld. Nevertheless, the benefits of digitaltechnologies when used with an appropriate level of information protectionneeded for that industry environment are far greater than the drawbacks oftechnology usage. Information securityis one of the top five agendas of most business enterprises. Hence every product business enterprise looksat information security as a strategic imperative.
Information security (InfoSec) is the practice ofpreventing unauthorized access, use, disclosure, disruption, modification,inspection, recording or destruction of Enterprise InformationAssets. Business enterprises designinformation security also called by other terms like cybersecurity, InfoSec isdesigned to protect the confidentiality, integrity, and availability of datastored in computer systems and other IT infrastructure like storage,communication networks from those with malicious intentions. InfoSec is a set of strategies for managingthe security-related processes, tools needed for physical & digital securityand policies necessary to prevent, detect, counter and recover from threats todigital and non-digital information.
For successful organization and management, the organization and the roles and responsibilities must take these factors into account to be successful. Those that don’t, take the department store Target, Equifax and the Democratic National Committee, for example, could have dire consequences for senior management, the company lost billions of dollars and society at large. The stakes are huge and the organization must take that into account.
Informationsecurity breaches can cause severe damage to business even to the extent ofclosing down the business. Some of the critical consequences of cybersecuritylapses include:
- Loss of company’s customer data,preventing business continuity
- Potential customer attrition
- Lawsuits resultingfrom a violation of information protection conditions
- Potential market crash/ share pricedrops
- Negative impact on brand image
- Impact on individuals in Executivepositions, imprisonment and even national elections
- Revenue loss due to businessinterruption
- Additional time & investmentneeded for business recovery
- The increased cost ofinsurance & borrowing rates
Today, the ITinfrastructure has become complex and depends on several elements used to buildand operate enterprise IT applications. These IT infrastructure elementsinclude data communication networks & networking devices, servers, storagedevices (internal/ external & network), Database management systems (RDBMS,Data Warehouses, Big Data sources), Data exchange software solutions, Datareplicas stored in disaster recovery sites and so on. Also, data needs to be protected while atrest or in motion. In order to handle the overall information security,business enterprises tend to look at the layers in the system and handle thebest options available at every layer of the infrastructure.
The layers are:
- Network – Antivirus & anti-spywaresoftware, VPN, Firewall, etc. are used to prevent cyber-threats occurring atthe data communication network level.
- Operating System (OS) – Theability to set file/ folder access permissions like read-only etc as well as preventing users from running spuriousprograms are handled at the OS level.
- Applications – Businessapplications provide user log-in controls, activity log, role-based permission capabilities.
- Database – RobustRDBMS provides table level or even column-level accesspermissions, data encryption, and data maskingcapabilities to protect enterprise data.
- Web server –Modern web applications are designed to be scalable and support thousands ofusers and still ensure performance. In order to balance the load, many serverswork in parallel and users are typically confined to an allocated server.
Watching every layer of the IT infrastructure for possible intrusion is made possible with the help of specialized tools. There are tools available for handling information security at every layer and also in an integrated fashion. Today, machine learning and AI is used to predict fraud patterns and proactively prevent data breaches. Most business enterprises consider InfoSec as a program involving people, technology and processes. Determining the enterprise policies, user training, acquisition of the right tools, security governance are the typical steps taken to make enterprise cyber-attack resilient.
Here is a quick look at the most common type ofcyber-attacks and consequently what are the methods to deal with them.A cyber-attack is any type of offensive action that targets computerinformation systems, infrastructures, computer networks or personal computerdevices, using various methods to steal, alter or destroy data or informationsystems.
The 10 most common cyber-attack types:
- Denial-of-service (DoS) and distributeddenial-of-service (DDoS) attacks
- Man-in-the-middle (MitM) attack
- Phishing and spear-phishing attacks
- Drive-by attack
- Password attack
- SQL injection attack
- Cross-site scripting (XSS) attack
- Eavesdropping attack
- Birthday attack
- Malware attack
Cyber Resilience is the ability toprepare for and adapt to changing information security conditions (attacktypes), withstand cyberattacks if it occurs and recovers rapidly fromdisruptions after a cyberattack occurs. This strategy focuses on sensing, resisting and recovering phases of thecybersecurity management. This holisticapproach ensures proactive preventive measures using sophisticated tools andguaranteed fast recovery if a cyberattack occurs.