Even when coronavirus was a thing unheard of, viruses did recurrent rounds at organisations, putting them in compromised situations and making them pay through their nose. And now at the core of the pandemic, cyber crime has become as commonplace as is work-from-home. Zulfikar Ramzan, CTO, RSA Security in an interaction sheds light on various aspects of cybersecurity and how organisations can take informed decisions to have the best experience. Excerpts.
Talking about the on-going pandemic, what kind of vulnerabilities and threats has been witnessed?
We have seen an uptick in diverse cyber criminal activities and threats in the face of this pandemic. This is not a new trend by any stretch of imagination, but certain sectors have seen the maximum hit this time. People are sheltering at a certain place, which means they are buying more groceries and interestingly enough, as a result of that, we have seen a rise in cyber criminal activities in grocery stores. There have been several attempted credit card frauds across the globe.
We have seen instances when people click the sites which claim to provide Covid-19 information, but in reality it is the ploy of bad actors to trap them. How can that be combated?
As a risk management company, we always advocate the idea of focusing on visibility to provide security. You can’t protect what you can’t see, so we need to have to be able to first identify that this is a certain type of threat or potential threat, before we can do something about it.
The way the world is evolving is making things more complex. There is an upsurge of new devices every day. We use cloud on mobile devices, but the real key is to be able to get comprehensive visibility and monitoring across all those different assets. This is what we are informing our customers across the world – to think about security, by starting to bring visibility as the foundation.
How is RSA Security helping enterprises with products or solutions to combat such situations?
Firstly, the most important solution is the multi-factor authentication (MFA), which provides a level of security in a transaction that goes beyond just a password. We all use just passwords, which are not very reliable, as they can be easily pilfered. A smart cyber criminal can trick one into getting the password. We recognise the importance of going beyond just a typical password and this is where MFA comes in, setting a bar.
Secondly, taking a step further, we need to consider the governance and lifecycle of the people in the organisation and their digital identity. Today, the world has become digitally effective. As an organisation, you need to see how you want to manage digital identities – how do you identify, who should be given access to and for what? Even when employee leaves or joins an organisation or the role changes, these movements make the organisation rethink about the access to critical resources, especially when done digitally. For RSA Security, identity governance and lifecycle has been a key focus area for us. We have spent a lot of time working on this area and we have a lot of customers that require management in this area.
The third area is around the future of Security Operations Centre. Today, in a typical organisation, there is a physical room called Security Operations Centre and wherever there is security incident, there will be monitors in this room that lights up with interesting data. There are teams collaborating by setting up war rooms to really focus on how they can deal with every incident. Given the current situation, these physical security operations are empty and employees are working from home. So the challenge arises – how do you actually investigate, manage and remediate a threat to your environment efficiently and what is the future of Security Operations Centre, in a post Covid-19 era? We are asking this question and working towards helping our customers make the transition to enable their security operation centres to continue to work.
Another area, which is really critical, is to manage risk management in this new world we are living in. As I highlighted, the idea of Covid-19 created all these structures and leading to breaking down of supply chain. We need to think about business continuity risks and other specific risks associated with individuals and health and people. Broadly, we have offerings around integrated risk management, to enable our customers to think about risks holistically across the organisation. Every decision made has to have a balance that is against the risks associated with those corresponding actions. And being able to lead effectively requires you to have a complete picture as much as possible, about the various risks that impact the organisation.
There has been latency in how technology is being adopted. Given the present scenario, is there an acceptance in the way people and enterprises are embracing cybersecurity?
There has been a lot of resistance lately, for a variety of reasons. However, the pandemic has been the greatest accelerant of digital transformation of the modern era. If you think about the way people had to go digital, as quickly as they did, in the wake of Covid-19, we have never seen anything like this before.
I think we’re in a similar situation today, I think we can we have a big role to play as a company in engendering trustworthiness and digital technologies, and make those digital technologies much more pervasive help the world manage this incredible crisis is incredibly difficult time.
We often blame the user for frauds, but that is a terrible way to think about security. We cannot expect every user to have a PhD in computer security or know every nuance of every decision they make and the implications it can lead to. As a security company, we want to provide them with an experience that allows them to make the right decision easily and if needed, make those informed decisions for them. It is up to the organisation to provide the right level of experience and capabilities to the customers that allows safe and seamless experience.