The surge of ransomware attacks in the past few months has left businesses scrambling for data recovery with some losing millions due to a halt in operations.
However, Indian businesses, especially independent entrepreneurs, are often weary of investing in cyber security as many consider it as an added cost that can be avoided.
With Big Data taking centre stage and companies relying more and more on technology, the risk of such attacks has become imminent. Spending on cybersecurity is no longer an optional cost, but a mandatory one that enterprises need to wake up to.
“When a critical system fails because of a power outage, an accident or a cyber attack, the ramifications for business operations could be the same. Indian firms should manage cybersecurity risks the same way they manage other risks,” said Bryce Boland, Asia Pacific Chief Technology Officer at FireEye.
The digital landscape has also changed dramatically in India in the past few years with the government even recognizing the growth in technology-based businesses and introducing ambitious projects like Digital India. Boland opined the more reliant these companies are on technology, the more vulnerable they are to cyber attacks.
Where Should Entrepreneurs and Businesses Start?
First, have a plan, said Boland. It is a dire need to implement a cybersecurity strategy and use that strategy to guide the information collected and analyze how it is collected. It doesn’t necessarily mean spending a lot of money, as there are lot recent innovations that help firms protect their infrastructure economically. Security strategy of a company must be built in, not tacked on.
Secondly, the way today’s new-age enterprises do their businesses, wealth is increasingly tied to intellectual property, which can be stolen or destroyed in a cyber attack. This wealth needs to be guarded, as one would trust banks to guard their money.
“Today, too many breaches in India are swept under the rug. It is already too easy for attackers to steal confidential information from all kinds of businesses, but keeping these crimes under wraps just makes it easier for the groups to breach more victims. Often the credentials stolen in one attack are later used to perpetrate others — attacks that might have been prevented if those credentials had been changed by their owners once the breach was made public,” says Boland.
Mobile App Businesses at a Greater Risk
India is the second-largest smartphone market after China and is becoming the fastest mobile app-economy. Even though apps are helping transform many sectors of the Indian economy, most of them are riddled with security gaps. Companies dealing in this space need to spend the extra effort to benefit themselves in the long run.
Mandatory Practices to Follow
- Ensure someone is in charge of data security
- Develop a cybersecurity plan to manage data security in the business as part of your business operations
- Do not collect information that you don’t need to run your business because this increases the scope of potential data loss
- Make appropriate investments to protect your operations from relevant threats and don’t think them as a waste
- Get cyber insurance if available