With the digitalization boom in India, more Indian enterprises are upgrading their security capabilities to make their enterprises more secure against the latest threats. Rajpreet Kaur, senior research analyst at Gartner, shared her insights about the latest cybersecurity attacks on Indian enterprises and steps to mitigate risks from the attacks.
1. What are the major cyberattack trends you see targeting Indian enterprises?
Rajpreet: We see a hike in targeted attacks including state sponsored attacks against Indian enterprises of all sizes not just the large ones. There is an increase in the following attack vectors:
2. What should be the focus for Indian enterprises?
Rajpreet: While enterprises are working towards deploying sophisticated technologies, they first need to get their basics right. The majority of cyber-attacks try to exploit an existing unpatched vulnerability and then move in the network using machine privileges. Before investing in new security tools, organizations should get their “3Ps” right: Patching, Privileges, and Passwords. Another grey area is poor detection and response capabilities, which needs a big improvement.
3. Are digital ecosystems driving new cybersecurity trends in India?
Rajpreet: The attacks are still the same. However, with digitalization it has become easier to target Indian enterprises as the networks are expanding as opposed to the earlier closed networks.
4. How have security teams evolved with the changing threat landscape?
Rajpreet: Security needs to evolve as business evolves, and so does the responsibility of the security team. Years ago the security team used to manage firewalls. Now they are looking after end point security, network security, security monitoring, analytics, forensic analysis and much more based on the network of the respective organization.
5. What are the practical steps to manage risk and security in the digital ecosystems?
Gartner analysts will provide additional analysis on IT security trends at the Gartner Security & Risk Management Summits 2017 taking place in Mumbai, India, Sao Paulo, Sydney, London and Dubai. Follow news and updates from the events on Twitter at #GartnerSEC.
Gartner, Inc. (NYSE: IT), is the world's leading research and advisory company and a member of the S&P 500. We equip business leaders with indispensable insights, advice and tools to achieve their mission-critical priorities and build the successful organizations of tomorrow.
Our unmatched combination of expert-led, practitioner-sourced and data-driven research steers clients toward the right decisions on the issues that matter most. We're trusted as an objective resource and critical partner by more than 12,000 organizations in more than 100 countries—across all major functions, in every industry and enterprise size.
To learn more about how we help decision makers fuel the future of business, visit www.gartner.com.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.