Insights on Enterprise Security

Navdeep Singh Ahluwalia, Head Network & Information Security, DalmiaCement Bharat Ltd

The evolvement of technology in last ten years has helped security to move from a silo to an enterprise lev­el thus supporting business and securing information.

This movement in the enterprise level has enabled nexus between business and technology thus mak­ing roadmaps in a secure way by ana­lyzing the risks involved. It has also helped in defining a secure architec­tural framework around organiza­tion’s roles and entities and enabled procedures and policies providing detailed information related to ex­ecution of business.

A complete and comprehensive analysis of current and future secu­rity requirements at the enterprise level helps in designing a system that meets business demands and will be flexible, scalable, adaptable and man­ageable to handle security challenges.

It is a rigorous method of de­scribing current and future security processes, systems in alignment with the business/organizations strategy and goals. This also helps in ensuring that business strategy and IT security are aligned.

Enterprise security helps the or­ganization know the risks involved along with adding value to the busi­ness it also offers flexibility and support in business growth and in­teraction with external vendors and government bodies in a secure way.

Defining of enterprise security process helps in streamlining of tech­nology related to hardware, soft­ware, and services provided by dif­ferent vendors as well as streamlining inventory of hardware, software and applications, classification of data and accordingly deployment of DLP so­lutions, handshaking and integration of different applications supporting SSO, adoption of best practices for example ITIL, ISO standards helps in closing gaps between it and busi­ness provides in depth knowledge on analysis of capacity issues and regula­tory compliances and requirements.

Cyber-attacks have become more sophisticated and are continuing to evolve and require precision to miti­gate and stop cyber-attacks, malware, ransom ware and unknown threats.

With this, our IOT environment needs to be secured as well.

With the evolution – enterprise security is playing a major role in digitalization of the country, secu­rity designing to identify threats, vulnerabilities and also protect and neutralize thus be proactive. Digital footprint of enterprises has expanded which has increased the target area and anything can be a weapon. Mal­wares, Trojans, ransomwares are in­telligent enough to operate autono­mously and difficult to detect thus creating serious challenges for coun­tries adopting digital technologies.

Digitization of developing na­tions in the recent past is creating vulnerabilities and increasing cyber-attacks on big enterprises and finan­cial organizations.

Attackers have innovated new ways to attack enterprises 24x7 and as result organizations need new style of security intelligence for pro­tection against vulnerabilities and threat identification and provide nec­essary remedies proactively.

CISOs along with vendors need to protect business critical appli­cations, maintain visibility as per business and also pursue new initia­tives and stay protected from cyber-attacks. Implementing security at the enterprise level helps in integrating network, cloud and endpoints un­der a single umbrella which helps in detecting and preventing attacks, also helps in safeguarding applica­tions and validating users. Security solutions being deployed should be flexible enough to protect the busi­ness and agility should not be at risk. For protecting applications from cyber-attacks, a complete insight and visibility is required and it is recom­mended to have a solution designed which gives an intuitive dashboard for analyzing the threats. Enterpris­es have to be educated on effects of hacking and cyber-crimes – the numbers are increasing exponentially since 2011.