Management at the Top Companies Least Prepared for a New Type of Risk

The only thing predictable in any business is unforeseen risk. Risks come in many types. Manufacturing companies stay exposed to supply chain risks, while financial institutions are vulnerable to regulatory changes and wide gyrations in markets. Besides, risks emanating from social and political upheavals, terror attacks, and natural disasters also keep managements on tenterhooks.

That’s why, one of the key roles of top management is to foresee risk and asses how it will impact their organization. The idea is to create a robust organization that can withstand external shocks.

Read More

Financial Implication of a Data Breach is Huge

We have been touring across the world since the beginning of the year, participating in several IT security events. While our main goal is to educate organizations–amid rising cybercrime– to reinforce their information systems by adapting to our risk-management solutions, we are also meeting with Chief Information officers (CIOs), Chief Information Security Officers (CISOs), and audit and compliance officers.

One-to-one meetings help us in understanding IT security needs. As an IT security provider, however, we must tell you that it is very heartening to find that organizations across all industries, have shown increased awareness towards cyber-security.

Read More

Are ROE, ROCE, ROA the Only Metrics for Investors?

Protecting Critical IT Assets Becomes More Important as Investors Look beyond Traditional Metrics

For any publicly traded company or a private organization, creating long-term shareholder value remains a top priority. When a company consistently creates value, it’s easier to attract investments both for the organic or inorganic growth.

Accordingly, the management always strive to improve key business metrics, which offer an exact picture of the fundamental strength of a company.

Read More

Recent Bank Heists: Why to Compromise Critical IT Assets?

A $101 million bank heist, earlier this year, brought the issue of cybersecurity to the forefront once again. In a sophisticated operation, cybercriminals robbed the Central Bank of Bangladesh by getting hold of SWIFT (society for Worldwide Interbank Financial Telecommunication code), the access code for global cross-border payment messaging system.

More important, it wasn’t an isolated case. Even as the dust over Bangladesh bank incident had not settled, the global banking system was again taken aback. This time it was an Ecuador bank, which was hit by a $12 million cyber-heist. The modus operandi was same.

Read More

Will businesses stand the ‘risk’ of times?

All the top businesses today – Manufacturing& Distribution, Banking & Financial Services, Consumer Products & Services, Technology, Media & Communications, Healthcare & Life Sciences and Energy & Utilities – are expected to grow at a fast pace in the coming decade.

However the evolution of these businesses comes at the cost of rising risks. Analyzing and mitigating the risk factors should take precedence when devising strategies.

Several global studies report the following 10 risks businesses face as of 2016 and beyond:

Read More

Mapping Privileged Identity Management to an exotic travel

When I had started out in this industry, I had absolutely no clue of what Privileged Identity Management meant. In fact, not for a moment I thought it had something to do with security let alone cyber-security. I was deceived by the term ‘Privileged’ so much so that I started considering it be an elitist term which is like a badge to be worn proudly by some. But what I got to know about this was a complete paradigm shift. Yes of course I was right in thinking that it is a sort of title so to speak conferred only upon a select few. But that they can be threats never crossed my mind. Over the years, I observed that not many could easily understand the real meaning behind the term Privileged Identity Management or Privileged Access Management or Privileged User Management or other terms that this concept is referred to by. I pondered and pondered of how this can be explained in simple language to a layman. So here’s my attempt at it.

Read More

10 steps to better manage Privileged Access

Andrew Dalglish, director of Circle Research, a UK based research firm recently said “The very people working in businesses can pose as the biggest threat to its security.” That’s a pretty huge statement to make come to think of it. Why would he say that when organizations across the world are taking the necessary precautions and spending billions on IT security? Well the answer to that is simple; most organizations are still focused on thoroughly securing their perimeter. Based on a survey by SpectorSoft, a pioneer in user activity monitoring and behavior analysis, a staggering 62% organizations saw a rise in insider attacks over 2014-2015. This means, although a majority of the organizations are aware of privileged access security and have security solutions in place, they have seen a rise in insider threats. Research firm Gartner has solved this mystery stating “Less than 5% of the organizations were tracking and reviewing privileged activity in 2015. The remaining are at best controlling access and logging when, where and by whom privileged access has taken place but not WHAT actually is done.”

Read More

Password Management Compliances across the World

In one of my previous roles as a test analyst, I was primarily responsible for constructing test cases for password management. At the time, I had devised a whole array of possible test cases for password management which included specifications on the length of the password, complexity of the password, frequency for changing password and so on. However a thought struck me. This tedious manual procedure of password management by the administrator or super-user was done to ensure security but where is the security after all? How many permutations and combinations can a human come up with to ensure these passwords are managed and maintained to comply with regulatory standards? But today working in this cyber security space, I can confidently say that you just have to go knocking on the right door to eliminate this monotonous process and get automated password management solutions that is regulatory compliant and at the same time safe, effective and productive.

Read More

Privileged Thinking of the Cloud

Just as I went to collect my iPad this morning from the study room, something that was an integral part of my childhood grabbed my attention. This precious treasure was lying in one corner dusted and covered by a cloth which had torn. The treasure that I speak about was my best friend and is nothing else but the desktop computer that I used in the 90’s and early 2000’s. There was a time when for any important work or internet use, only one device could be used – the computer. Today if I want information on the internet, the last thing I use will probably be that desktop computer. And this is the same for most of us today.

Read More

Cybersecurity: Tackling the insider threat

Summary:  In 2014, the world learned the hard way about data breaches due to insider threats. Learn why insider threats have become an increasing security risk and how to protect one’s self from it.

In a world where data breaches are quickly becoming commonplace, even the best security technology in the world can’t help your organization to protect itself from security breaches unless your employees understand their roles and responsibilities in safeguarding sensitive data and protecting company resources.

Read More