“Cyber Hygiene Is Key To Better Cybersecurity,” Notes A Panel At BW BFSI CXO Summit
In cybersecurity, personal data needs to have a high level of security and upcoming data protection framework will be a step in that direction
Cybersecurity is one of the most difficult jobs ever. Cyber attackers and defenders are playing a cat and mouse game. Cyber attackers are constantly upping their attacks and they don’t play by the rulebook. Defenders, however, have to play by the rulebook. Hence, it is important to keep a high level of cyber hygiene and constantly monitor the cyberspace. These were the key highlights of a panel discussion on Cyber Security and Risk in Financial Services Sector at the BW Businessworld BFSI CXO Summit.
"In cybersecurity, personal data needs to have a high level of security and upcoming data protection framework will be a step in that direction. Data protection laws are coming soon and we have to see how the technology landscape will evolve to handle personal information. A lot of cyber-attacks are happening due to the dark web and cyber professionals need to be aware of this. Regulators have an important role to play in security aspect. For cybersecurity professionals, this is the next level of challenge – how to be ahead of hackers in the dark web and win,” said Mithilesh Singh, Head – Technology Audit, IDFC Bank.
Cost is another aspect that has to be kept in mind when designing cyber security networks. The solution is not just having high-end technology solutions, but it’s important to design a framework to understand how data is being used in the organisation. CXOs have a responsibility to explain this to the senior management.
A key point of discussion is the use of ethical hackers to assess vulnerabilities in the system. Ethical hacking enables companies to further safeguard sensitive data.
At the same time, it’s important to apply cyber-security to see where the systems need it the most. “While you can put the best of technology, but if your users are not aware of cyber hygiene, your environment can still be comprised. Also, just like you have fire drills, where you do an exercise and prepare yourself for disasters, you have to go ahead and do a cyber-intrusion drill. These are some cyber hygiene you can implement,” said Mehjabeen Taj Aalam, Head – IT, Muthoot Homefin (India).
Cybersecurity professionals also need to be aware of the breaches through fake ids. Fourth party data leaks can be used to create fake transactions in the system. A solution lies in knowing the customer and implementing stronger authentication.
Organisations also have to focus on employees where there could be mistakes, at the same time a high level of security has to be maintained using third party tools. “We should be cautious in using third-party tools, so we have to look at how well we secure ourselves on all fronts,” said Shashank Bajpai, CISO, ACKO General Insurance.
The cost of a cyber reach for an organisation is $3.5 million dollars.
Avez Sayed, CISO, ICICI Lombard General Insurance stressed on the importance of having a good basic cyber hygiene in the organisation. Rajendran Bhalerao, information security, NPCI noted how they conduct a high level of security check before onboarding banks into the system.