Securing Cyber World

Navdeep Singh Ahluwalia, Head Network & Information Security, Dalmia Bharat Group

Securing Cyber World

Cybersecurity is a combination of techniques and processes used and deployed for the protection of networks, data centers and big data from unauthorized access. It also involves protection of information, systems and disruption of services from cyber-threats like cyber terrorism, cyber warfare, and cyber espionage.

Cyber-attacks are mainly targeted at nation’s information related to military, infrastructural assets, banking and people database.  Therefore cybersecurity forms a critical part of country’s security strategy.

Cybersecurity includes managing security of application, information, network and operations. It also includes planning for DR (disaster recovery), BCP (business continuity) and educating the end-users on security aspects.

Application security protects applications from threats that can come through flaws in the application design, development, deployment, upgrade or maintenance. Basic techniques used for application security are - input parameter validation, user/role authentication & authorization, session management, parameter manipulation & exception management, and auditing and logging.

Information security protects information from unauthorized access to avoid identity theft and privacy. Techniques used for this are – identification, authentication and authorization of user.

Network security includes protecting the usability, reliability, integrity and safety of the network. This security includes – anti-virus, anti-spyware, firewall, IPS (intrusion prevention systems) and VPN (virtual private networks).

DR (disaster recovery) planning is a process that includes performing risk assessment, establishing priorities and developing recovery strategies in case of a disaster.

Security threats are constantly evolving and it’s really tough to keep pace with them. At such rate the cybersecurity market is expected to hit $200 billion within next 5 years.
Depending on technical capabilities and motives of the hacker – the attack may vary and accordingly preventive measures have to be taken. Governments will take cyber security measures for the protection of financial systems, defense, aerospace, public health and intelligence agencies of the country. Enterprises adopt cyber security for protection of data, revenues, brand reputation and control legal liabilities.
Accordingly cyber security appliances such as web/network firewalls, hardened routers are deployed in data centers. These provide a layer of security but they also have some significant short comings

  1. Only inspect and filter incoming traffic and become a single point of target for hackers.
  2. Being inside the data center these devices cannot block the attack on internet lines that link DC with ISP.
  3. On premise cyber security appliances hold a high commercial value with small life cycle.

Cyber security plays an important role in a country’s strategy designing related to management of forces, corporates, finances and medical facilities. Huge amount of data is collected, processed, and stored on computers and centralized storage systems - now being termed as Big Data. This contains sensitive information related to citizens of the country, personal and financial data of the country. Any unauthorized access to this could have serious consequences.

To increase business, employees of the organizations are transmitting sensitive data across countries and networks – so companies need to take steps in order to protect this critical information. Cyber security has listed the disciplines for protecting the systems storing this critical information.
In the current scenario organizations are advised to be prepared in responding to the inevitable cyber incidents, restoring normal operations and should also ensure that company assets and its reputation is protected. Assessment of cyber risk is focused on three things

·  Identification of information/data that requires protection

·  Threats and risks associated with the information/data.

·  Damaged caused to the organization in case of exposure of this critical data.

The best practices defined in cyber security should be able to accommodate the evolving attacks by the hackers.

Cyber security is pretty complex – technology is evolving and hackers are becoming more inventive resulting in increased focus and dedication towards cyber security. One of the biggest challenge being faced by the internet-connected world is shortage of skilled and qualified cyber security professionals. Those available are facing challenges related to zero day attacks, ransom-ware etc. and for confronting these our experts need to have a good knowledge.

Millions of records are being stolen, secure applications are getting hacked - cyber threats are the emerging risks that is gaining momentum and regulatory attention. With this multiple career opportunities like security analyst/engineer/architect, forensics investigator and cybersecurity specialist have come up. These positions are expected to rise in next 5 years.
Billions of dollars have been invested in cyber security but still organizations are struggling and the problems seems to be getting worse, not better. Cybersecurity remains a tough problem because cybersecurity laws, policies, and practices are yet to get defined and developed fully.

Comprehensive framework on cybersecurity has not been developed because of no clarity on multiple issues like -

·   Division of responsibility between governments and the private sector.

·   Approach of regulators towards cybersecurity.

·  Demarcation between actions to be and not to be taken by government, organizations and individuals within the country and across international boundaries.

To reduce the cost organizations are going in for an OPEX cloud based security model which are providing security to web content and applications thus reducing the demand of scaling up the infrastructure. Cloud security solutions provides defense both at the network and application layer.