Enterprise Security Management To Create And Sustain Security

By Abhay Munje, Head IT, Safari Industries India Limited

Abhay Munje, Head IT, Safari Industries India LimitedOrganizations need to place more focus on ESM (Enterprise Security Management) to create a security management framework that can create and sustain security for their critical infrastructure. ESM is a holistic approach to integrating guidelines, policies and proactive measures for various threats.

With enterprises moving towards new technologies to minimize costs and optimize resources, they face increased security risks as cyber-criminals adopt new techniques to target devices, corporate networks, backend servers and more. As a result, it has become crucial for stakeholders to understand how to balance the security management landscape with enterprise operations.

Deploying ESM Framework

All stakeholders will look to the CISO/CSO/CIO to deploy and manage ESM frameworks, as well as the steps the organization is taking to reduce risk to the enterprise. How does a CIO integrate ESM framework and cultivate a security culture that finds long-term success throughout the organization? The answer lies in adopting a strategic approach towards enterprise security management.

Software vulnerabilities are one of the leading issues in the enterprise environment. Patches are additional code to replace flaws in software. Patch management is part of the SDLC (software development life cycle) and can occur in any primary process of SDLC.

“Cloud-based security is especially important in a hybrid-cloud era as cloud services have presented many security challenges”

The importance of implementing patch management as a part of ESM is gaining value, as there have been an excess of breakout and data breaches around the globe. Scanning and updating of patches to prevent and mitigate undiscovered vulnerabilities is important and requires security management at all phases: QA, development, staging and maintaining strict policies to avoid any unexpected events.

Who might attack the enterprise? Is it only cyber-criminals, or nation states as well? What about company insiders?

In a truly converged 2020, the following cyber-related activities may become more apparent

1. Electronic attacks on critical infrastructure, including power supply, transport, IoT devices/applications, locally developed/deployed workflow application and data services.

2. Highly distributed denial of service attacks using Cloud processing

3. A move from device-based to Cloud-based botnets, hijacking distributed processing power.

4. Physical attacks against data centers and Internet exchanges.

5. Bio-hacks for multi-factor authentication components.

6. Cyber-enabled violence against individuals, and malware for humans.

7. Interference with unmanned vehicles and robotic devices.

For many years, organizations would build technology solutions and then ‘bolt on’ security measures as an afterthought. This would often lead to deployment delays and additional costs. Organizations then shifted towards ‘building in’ security at various stages along the way. The security team was engaged periodically during development, but cybersecurity was still ‘tagged on’ at the end.

It’s believed that cybersecurity will become more intelligence-driven in 2020-2025. In a world of fastmoving, automated attacks, intelligence is the key to being able to respond swiftly or even predictively, rather than reactively, to individual threats. Additionally, it will allow for the organizations overall cybersecurity posture to change dynamically in response to the changing threat landscape.

What will ESM & Cyber security look like in 2025?

Our online world gives us unlimited opportunity, but it’s paired with significant risk, specifically when it comes to cybersecurity. Risks are coming from all over the globe as our planet becomes more and more connected, our online world has grown very quickly. What will our global cyberspace look like in 2025?

Nearly 79 percent of those in emerging economies will be using the Internet. Internet dependence will not just be a concept, but rather the new reality.

Around the world with more and more connections are being established every year, attacks on critical infrastructure are becoming a growing cause of concern. These attacks are coming in from cybercriminals and hackers with many different motivations, some looking to undermine their governments and others simply looking to make a quick buck. The fear that governments and private companies alike show for these potential attacks is justified, as the frequency of these attacks is increasing just as exponentially as the number of humans using the internet year over year.

This increasingly connected world has laid the fertile ground for new cyber-attacks to take hold. However, companies across the globe have begun the necessary investment into technologies to counter the attempts to compromise critical company infrastructure.

By 2025, explosive growth will be clearly apparent, and its affects will be felt. New technology adoption is happening quicker than ever before, but cybersecurity laws and social standards are lagging to keep up. Massive online technology growth without considering the potential downsides has led us to believe there are certain predictions we can make for 2025.

Machine learning will play a critical role in gathering intelligence. Moreover, machines will start making more of their own decisions and execute changes themselves to minimize an organization’s cyber-risk, based on this intelligence.

While machine learning is helping organizations to protect themselves, we need to be mindful that cybercriminals are also using machine learning in their attacks.

This is going to let them move much faster. Once malware has infiltrated a network, its decision-making will be instantaneous. It’ll be able to move unilaterally within the organization, across different ports and domains, more rapidly than ever.

Standards groups, industries, and governments are constantly implementing new security policies. Compliance pressure on organizations has grown in the last year with the introduction of the General Data Protection Regulation (GDPR) in Europe.

As a result, we expect to see governance and compliance playing an increasingly important role in how organizations manage their risk profile in coming years. If, for example, they’re deploying a new application or technology, they’ll be more critical in their decision-making process. They’ll need to carefully consider what additional risk it might add and how it will affect their risk posture. Security operations can be complicated by regulations that lag behind the criminals’ strategies. As criminals keep coming up with new ways to attack, regulation, while necessary and important can sometimes make security harder. Organizations, many of which have limited IT and security resources, need to find a way to adapt and ensure compliance with these new regulations, while still managing day-to-day operations.

Cloud-based security is especially important in a hybrid-cloud era as cloud services have presented many security challenges. Often IT would have no knowledge of new cloud services being switched on or connections being made. But because of the flexibility and scalability of cloud-based security, organizations now have additional visibility across their environments, rather than a static view of the organization with a defined set of technologies, protecting specific points of the network.

Cloud-based security also allows for more automation and orchestration. With the advent of runbooks, security practitioners have a knowledge base that gives them a view on what, how, and when to respond to unusual new connections and cybersecurity incidents. It also lets them automate responses where appropriate. Leveraging machines, they can scan the environment for changes, gather and build intelligence back into the platform (and into runbooks), taking action where there’s a clear threat. Coming years would be more risk prone; every individual should be aware and alert before downloading any application, each individual will be responsible for Enterprise security.

Don't Miss ( 1-5 of 25 )