Bipul Sinha believes the Covid-19 pandemic has left IT security professionals with a growing dilemma. Sinha, co-founder and CEO of cloud data management company Rubrik, says IT professionals are struggling to balance the need for fast, easy access for remote workers with the need to tighten up security as more applications and data move online.
“What we’ve seen in the past year is a huge acceleration in digital transformation and in turn that’s led to a big increase in organisations’ vulnerabilities,” says Sinha. “If we don’t change the way we approach data security then the risk is that businesses will not be able to recover from these ransomware attacks, which are happening almost daily.”
The typical IT department uses between 40 and 50 security solutions but there are still stories every week about data security breaches. Obviously, we need to understand where the gaps remain, says Sinha. “Most of these tools focus on prevention and intrusion detection, rather like a lock on the gate of your compound,” he says. “But what we’re seeing is that attackers are getting smarter. Rather than forcing a door, they’re using social engineering to get your own people to allow that attack to take place.”
Preparing for the inevitable
The growth in remote working has created a wealth of new opportunities for cybercriminals. Rather than trying to work out how to hack into a mail database without being detected, why not simply email a member of staff with a spreadsheet or send out a cruise offer that carries ransomware code? “These days, if the CEO sends an email of people’s payroll data, you’re likely to just open it because it makes sense that the document was shared over an email,” says Sinha.
IT security specialists need to put data security at the top of their to-do list, says Sinha. Companies need to start with an ‘inside out’ view of security in a digital environment. Rather than focusing only on the perimeter of your IT infrastructure, look at the data inside. How valuable is that data? Does it contain personally identifying or other sensitive information? Can you tell who is accessing it and what they are doing to it? Can you see if data is being deleted, changed or shared? And if that data is compromised, can it be quickly and safely restored?
“There is no question that organisations will be attacked, simply because there are so many attacks and so many vulnerabilities. The question becomes how do you verify that the attack has happened, how can you mitigate the impact and recover?” says Sinha. A breach may happen weeks before you notice the impact, because many ransomware attacks may lie dormant for weeks or even months. It is vitally important to have real protection and back-up of data.
The answer to this question lies partly in improving data back-up, Sinha adds. “Of course, everyone has a back-up, but what happens if your back-up is compromised? You might not be able to get your business back.”
Alongside an audit of back-up capabilities, Sinha recommends that IT teams partner closely with security operations teams to review and update data security and management policies. It is vital that people across your organisation understand data management and know the importance of following policies, like multi-factor authorisation, for example.
Sinha believes it is also time to start looking more seriously at the role of AI and machine learning in cybersecurity. “If you look at the world today, we’re often trying to solve the problem of cybersecurity by throwing human bodies at it, and we’re seeing an increasing number of trips and alerts,” says Sinha. “The only way we get control of the cyber-vector is a combination of policy-driven management and applying artificial intelligence and machine learning.”
In the years ahead, Sinha predicts the volume and sophistication of cyberattacks will outpace humans’ ability to track them. “When things go beyond human comprehension, you’ll be using machines to analyse and figure out the volume and velocity of attacks, and predict vulnerabilities,” he says. “Machine learning and good policy is going to be the answer to identifying attacks and mapping the route to recovery.”
To find out more please visit www.rubrik.com
Promoted by Rubrik