Home >> Insights  >>

Elevating Cyber Security With Emerging IT Trends

by Santosh Nair, CIO, Siemens India Ltd. August-2015

Incorporated in 1847, Siemens Group is an implementer of leading-edge technology enabled solutions operating in the core business segments of Industry, Energy, Healthcare and Infrastructure and cities. The company currently has 21 manufacturing plants, a wide network of Sales and Service offices across the country as well as over 500 channel partners.

 

As the world moves towards an all-encompassing digitalized future, every aspect of enterprise continues to be increasingly disrupted by technology. Fueled by the union of cloud computing, social media, big data, mobile and surging demand for on-the-go access to information, this digital disruption is dramatically reshaping the competitive landscape. Globally, organizations are leveraging digital technologies to enhance business agility and customer experience.

Connected devices powered by the Internet of Things (IoT) offer enterprises opportunities to mine vast amounts of data, penetrate new markets, and enhance existing products. However, the rising levels of digitalization are embedded with an inherent set of challenges such as evolving business models, myriad customer engagement patterns, breach of privacy concerns and cybersecurity threats.

The rapid convergence of organizations, devices and people coupled with the widespread digitalization of our world offer cybercriminals newer vulnerabilities to exploit. Increasing usage of smartphones and the internet has made organizations’ business-critical information both accessible and vulnerable. Moreover, as the digital touchpoints between people and devices multiplies, additional access routes to organization and personal information will be increasingly available. Therefore, it is no longer surprising that the size, severity and frequency of data breaches continue to grow—some of the largest incidents of data breaches ever occurred in 2013 and 2014 affecting banks, governments, retailers, and many more entities.

In a world that is being closely knit by digitalization, cyber-spies, cyber-criminals and cyber-activists have at their disposal advanced capabilities to endanger businesses. Profits harvested by the cybercriminal networks are being ploughed back into research and development. These criminal networks will also invest generously to conduct in-depth research of potential targets and leverage their expertise to identify newer loopholes to infiltrate ‘secure’ networks. Today, the sophisticated expertise developed by cybercriminals rivals those harbored by a select few in the past. What is unsettling is the fact that anyone can buy this expertise from discussion forums on the Internet.

The IoT is bringing in a paradigm shift in the way we interact with the world around us. Market estimates suggest that in 2015 almost 4.9 billion devices will be interconnected. By the next decade this number is expected to reach 30 billion. What does the IoT mean to cybersecurity? Well, it adds a whole new dimension to the frontiers of security risks. The list of devices it connects is expanding with every passing day—from automobiles to thermostats and from mood lights to production plants—the avenues for connecting devices continue to expand.  This interconnectivity also exposes hitherto secure entities to cyberattacks via the burgeoning mesh of mobile phones, sensor networks and services on the cloud.

Cloud computing has emerged as the cornerstone that supports IoT, Big Data, and newer ideas for collaboration. The demand for cloud computing is driven by the almost unquenchable user thirst for round-the-clock access to data. While the trend for cloud computing is on the rise, service providers will be questioned about the resilience of their security architectures in the face of sophisticated cyberattacks.  Users’ trust in cloud-based services will strengthened only when the solutions are secure. In the near future, discussions about making both public and private cloud computing services secure to protect digital assets will only mature.

IT security systems employed traditionally are ill-equipped to deal with the sophisticated attacks in cyberspace. In order to ward off cyber attacks, organizations will have to invest more in information security-the escalation of cyber threats and rising levels of regulatory requirements warrant the rise in IT security budgets. They also need to collaborate with external experts to improve both cyber threat intelligence and enhance security. Moreover, organizations have to internalize effective governance systems for information security systems and mold their processes and tools to ‘safely’ navigate the digital future. Cybersecurity is a business risk that organizations can ill-afford to ignore.  The stakes are too high. It is time organizations judiciously appreciate the strategic value of mature security programs and invest in cybersecurity to safeguard their businesses.