Modular systems: The answer to Indian enterprises’ ever-evolving cybersecurity needs

Malicious cyberattacks have become more numerous and sophisticated as the ill-gotten gains grow. Cyberattacks on traditional security operations are becoming more frequent, damaging customer reputations, impacting their finances, and often causing operational shutdowns.
Saket Verma
  • Updated On Sep 4, 2023 at 05:32 PM IST
Read by: 100 Industry Professionals
Reader Image Read by 100 Industry Professionals
<p>Saket Verma, Cybersecurity Practice Leader, Kyndryl India</p>
Saket Verma, Cybersecurity Practice Leader, Kyndryl India
A recent survey conducted by global identity security company CyberArk revealed that 91 per cent of Indian organisations have experienced ransomware attacks in the past year. According to CERT-In, the Indian Computer Emergency Response Team, there has been a 53 per cent year-on-year increase in ransomware incidents in India.

Amidst such rising threats and attacks, nearly every organisation is in urgent need of modernisation and enhancement of its cybersecurity, data protection, and digital business resilience.

Building a resilient security infrastructure

Advt
In the post-Covid world, rapid digitisation has led to a significant evolution of the cybersecurity landscape in India. It has forced a shift in operating models from static i.e. single device and single location approaches to hybrid, dynamic models on multiple devices from multiple locations.

This has also led to an enhanced pervasiveness of ransomware attacks that require organisations to relook at their approach to resiliency and drive a renewed and greater urgency to improve preparedness.

However, organisations often struggle to cope. According to a Cisco study, only 24% of Indian organisations were found to be in the ‘mature stage’ of cybersecurity readiness and resilience.

To date, most Indian organisations have largely relied on a one-size fits all security operations centre that doesn’t suit today’s dynamic security requirements. As a result, these organisations struggle with tools that are not configured, monitored, or designed to detect real alerts from false positives.

Enterprises in India increasingly need to assess the status of current security operations environments. However, the continual talent crunch in security operations not only hinders efforts to assess the security infrastructure but also handicaps efforts to build an optimal future state. Choosing end-to-end security operations management could bridge the gap by collaborating with enterprises for a successful implementation and transition plan.

Advt
The modular, flexible solution

Indian organisations can benefit from dropping the current static and rigid security operations in favour of an end-to-end security service provider model that runs a hybrid, modular, and flexible security operations centre (SOC). Such a security operations platform would enable Indian organisations to tap into all the key strengths of the vendor without losing autonomy.

Firstly, such SOCs need to be modular which would allow complex organisations to run mix mode models outside of bridge for operational reasons and help them streamline and fortify their security and incident response capabilities. Modular platforms provide enterprises with much-needed flexibility by enabling them to retain their existing security technology and delivery investments and yet avail of new services delivered through external global centres that meet all compliance.

Secondly, the perennial issue of the talent crunch has also contributed to the rigidity in the security operations of enterprises. Finding, let alone onboarding talent that is adept at managed detection & response (MDR), endpoint detection & response (EDR), and vulnerability management, among other things in this rapidly changing security landscape is becoming near impossible.

However, working with an end-to-end service provider will provide Indian enterprises access to scarce skilled security manpower that has built capabilities and global experience of swiftly identifying and responding to security threats. Service providers such as Kyndryl bring in Cyber Resilience Experts who manage the infrastructure and monitor the environment for security events.

Finally, such collaborations will provide organisations with the necessary tools to predict and identify threats immediately without significant investments and yet enjoy autonomy over data. For instance, Kyndryl Security Operations Centres are not only staffed 24x7x365 by L1/L2 skilled teams but also offer the flexibility of ‘no vendor lock-in’, allowing organisations to keep their IP if they decide to move away.

The trusted partner

Working with an end-to-end security service provider will help limit organisational risk by ensuring ways to quickly identify and respond to security threats and incidents. This will not only help improve the efficiency of security-related teams but also mitigate data loss and the potential financial impact of data breaches, thereby reducing the incidence of unplanned downtime and saving millions.

While cyberattacks are inevitable, organisations must build the necessary preparedness and resilience to not just prevent and counter these attacks but also to minimise their impact. This requires a concerted effort with not just the right tools and approach but also the right team and strategy.

The author is Cybersecurity Practice Leader at Kyndryl India

Disclaimer: This article is a part of Brand Connect Initiative in collaboration with ETCISO Annual Conclave 2023.
  • Published On Sep 4, 2023 at 05:24 PM IST
Be the first one to comment.
Comment Now

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles
Scan to download App