After several cyber incidents in the island nation, the Government of Sri Lanka proposed the CyberSecurity Act under the National Cyber Security Strategy of Sri Lanka, finalised by Sri Lanka Computer Emergency Readiness Team (SLCERT). It is a comprehensive framework to prevent and mitigate cybersecurity threats effectively and safeguard critical information across various industries.
The sudden ‘new normal’ emerging for global organizations due to the pandemic and resulting remote work culture has increased IT security concerns, especially malicious insider threats. Inadequate transition time for adapting to the changes and insufficient IT security safeguards have made global organizations more vulnerable to insider threats and cyberattacks.
Still, implementing best practices can help ward-off IT threats emanating from the misuse of digital identities and credentials. So we thought to disseminate information around that. The stage was set. ARCON being the pioneer in Information Security solutions partnered with KuppingerCole, one of the leading Identity and Access Control advisors and consultants in the world to host a webinar.
ARCON’s marathon with the virtual summits continues! To expand IT security awareness among global enterprises amid digital transformation, ARCON participated at the CIO Axis Roundtable Summit 2020 on 20th August 2020. Mr. Anil Bhandari, the Chief Mentor of ARCON was the speaker of a keynote session discussing the transformation of the current state of cybersecurity by reducing the friction and striking the right balance between IT security and user experience.
How can we overcome cultural resistance?
In our previous blog (posted on 30th August 2019) we discussed how resistance to IT cultural changes can obstruct organizations from strengthening their enterprise security posture. In this blog, we are going to discuss five ways how this crisis situation can be handled effectively by assuaging the workforce’s fear and misconceptions.
Recently, while interviewing some of the global CIOs and CISOs in an event regarding the reason of extensive privileged account compromise, we came across a very interesting point of view, which was highlighted by a few of the respondents. Work culture and employee mindset can be a big barrier in establishing a robust IT security framework in enterprises. Let us see how it can play spoilsport while strengthening enterprise IT security.
While organizations have started giving utmost importance to cyber security and have started allotting handsome budget for saving their digital assets, cyber crooks are getting smarter and giving birth to more sophisticated attack techniques. Today, suspicious insiders are giving more nightmare to the IT security officers rather than outsiders. According to the latest research, organizations cough up to $8 million annually as a price paid for the damages done by malicious insiders.
Defying the enemy within
As the wave of digitization sweeps across the nation, it is terribly crucial for the organizations, irrespective of large or small, to take adequate security measures for protecting their huge amount of data generated every day from various sources. The CISOs, CTOs and CSOs are ceaselessly on their toes to curb the chances of any hack or data breach incident that might push them towards big irrevocable losses. This scenario of insider threats is considered to be one of the most sinister reasons for digital disaster.
Identification of Insider Threats
The implications of insider threats largely go to the administrators and other privileged users, who are commonly
The only thing predictable in any business is unforeseen risk. Risks come in many types. Manufacturing companies stay exposed to supply chain risks, while financial institutions are vulnerable to regulatory changes and wide gyrations in markets. Besides, risks emanating from social and political upheavals, terror attacks, and natural disasters also keep managements on tenterhooks.
That’s why, one of the key roles of top management is to foresee risk and asses how it will impact their organization. The idea is to create a robust organization that can withstand external shocks.
We have been touring across the world since the beginning of the year, participating in several IT security events. While our main goal is to educate organizations–amid rising cybercrime– to reinforce their information systems by adapting to our risk-management solutions, we are also meeting with Chief Information officers (CIOs), Chief Information Security Officers (CISOs), and audit and compliance officers.
One-to-one meetings help us in understanding IT security needs. As an IT security provider, however, we must tell you that it is very heartening to find that organizations across all industries, have shown increased awareness towards cyber-security.
When I had started out in this industry, I had absolutely no clue of what Privileged Identity Management meant. In fact, not for a moment I thought it had something to do with security let alone cyber-security. I was deceived by the term ‘Privileged’ so much so that I started considering it be an elitist term which is like a badge to be worn proudly by some. But what I got to know about this was a complete paradigm shift. Yes of course I was right in thinking that it is a sort of title so to speak conferred only upon a select few. But that they can be threats never crossed my mind. Over the years, I observed that not many could easily understand the real meaning behind the term Privileged Identity Management or Privileged Access Management or Privileged User Management or other terms that this concept is referred to by. I pondered and pondered of how this can be explained in simple language to a layman. So here’s my attempt at it.