Time To Stay Ahead Of The Risk

by Neilmani Sahu, Head - IT, Staples India

Let me narrate a story of how our life has become nowadays. One fine Monday morning, when the organisation is about to start the day, an alert message on the database from a ransom-ware demand­ing money to decrypt, sits on one of the critical applications. The system would not start and the orders won’t get generated, customers need deliv­ery and we can’t even update them. The back-up files are also corrupted and one needs to look out for an old copy of back up and start recovering. Restoration takes time and the older the copy is, the more time it will take for things to recover. The recovery process would take days and hacker will wait for a great deal to give back the   lost data. The loss of data cannot be compared in terms of values as the impact is like a Tsunami that changes our world in a flash.

Today’s virus/malwares are more evolved than what we had earlier. They are first of all not get­ting detected by the signature bases anti-viruses sys­tem. They are using machine learning to learn and act. Things like attacking which terminal will have the maximum impact is learned and executed quietly. Even the day of maximum impact is cho­sen as Mondays.

Risk management is today’s CIO’s one of the top 3 challenges apart from the work force skill-set management and automation.

Today we are in the Digital Era. Three year’s back the risk management would focus majorly around serv­ers, drives, backups and high availability of critical Instances. The focus was around the failures of these hardware’s. Now thanks to technology like cloud, and improvements in hardware’s all these are take care of. There is a complete shift to things like dark net, ransom ware, machine learning virus and malwares.

Merely having a firewall with perimeter security is not just enough. Time has come to change our gears and think seriously about these malicious attacks. Now “Wait and Watch” is “Wait and Die”. We need to be steps ahead of these Proxy and silent Killers, think like them, use machine learning to identify these probable transaction in advance and neutralise them. The same technology has the potential to curb it. Now the fight is not between men and machine, its machine fighting with machine.

We are galloping towards to a connected world, can we afford to stay unconnected. It has its own share of benefits of being competitive, but with benefits also come ‘Risks’. It’s Directly Proportional. The more we expose our self to our ecosystem, the more we live with the risk of getting attacked.

We are embracing technologies like Digital com­merce, IoT and Robotic Process Automation (RPA). Imagine the sensors or the robots are infected the basic transactions are hijacked. Is technology advancement a boon or curse? We cannot be 100 percent risk averse, but we can be in the Journey of continuous improve­ment. We can take necessary actions to reduce its im­pact. Since, Risk Management is an abstract subject; it helps if we assign some “loss values” to our systems.