Page 18 - Dataquest
P. 18

INTEllIGENT COMPUTING | SECURITY



































           Because of the havoc that can be caused, OT networks   on cloud transitions and also need to be ready for GDPR,
          have  become  an  attractive  target  for  APTs  as  well  as   both initiatives require similar prep work. It all starts with
          cybercriminals. In 2017, we’ve seen an increasing trend   visibility. Both from a security and compliance standpoint,
          in the application of IT threats to OT networks, such as   organizations  need  to  know  what  data  resides  where,
          ransomware.  NotPetya  disrupted  radiation  monitoring   the  paths  around  it,  the  controls  in  place  to  protect  it
          systems at the Chernobyl nuclear site, and cost Maersk   and its risks. With this type of foundational knowledge,
          alone  $300  million.  WannaCry  forced  hospitals  to  turn   organizations can implement policies with better accuracy
          away patients and brought production lines to a halt.  and efficiency and stay abreast of their overall security
           These attacks were just a glimpse of the risks present   and compliance status.
          in the networks we rely on in our everyday lives. In 2018,
          we’ll  see  attackers  further  testing  the  security  of  OT,   MaSSIvE GrOWTh COMES WITh NEW SECUrITy
          whether for their own financial gain, mayhem or nation–  ChallENGES
          state attacks. Organizations need to wake up to the fact   For India, there are a good number of large infrastructure
          that they need to get a hold of the interaction between   projects in the pipeline, such as: large scale government
          these converged networks, their risks, the threats against   sponsored digitization endeavors; the fostering of smart
          them and the tools available to secure them.    cities;the  “Make  in  India”  initiative;  new  transportation
                                                          projects (airports and metro railways);thedevelopment of
          COMPlIaNCE–fOCUSEd h1                           electronic  cities;  andthe  formation  of  new  banking  and
          By  May  2018,  the  General  Data  Protection  Regulation   finance  organizations.  These  large-scale  projects  are
          (GDPR) will take full effect, impacting any business with E.U.   driving  massivegrowth  in  India,which  in  turn  will  drive
          operations as well as any that process E.U. citizen data. This   growth  in  managed  security  services.Growth  in  these
          latter component is still taking some non–E.U. companies   areas will also increase IT and OT (operational technology)
          by surprise. Organisations late to the preparation game will   network size complexity and lure moretargeted attacks.
          make for some panic in the first half of the year.  Consequently,Indian organizations (including businesses
           There  is  a  bit  of  good  news,  though,  in  the  race  to   in  the  private  sector,government  and  PSUs)willheavily
          GDPR readiness. First there have been some assurances   invest in multi-layer security solutions that provide a holistic
          that if organizations can demonstrate good faith efforts to   approach to cybersecurity and can address the complexity
          comply with the new regulation, they will likely see some   of managing risk and protecting against advanced threats
          leniency. If they ignore it, however, they risk fines much   on very large, heterogeneous networks.
          larger than the current regulation — up to €20 million or 4
          percent of turnover.                                     (The author is CTO and Vice President, R&D,
           The other good news is that if companies are working                           Skybox Security)

          18  | January, 2018            www.dqindia.com                 A CyberMedia Publication  |
   13   14   15   16   17   18   19   20   21   22   23