Cloud Security Alliance APAC
  • Home
  • About
    • About Us & Our Team
    • APAC Chapters
    • Newsletter
  • Press Release
  • Research
    • APAC Research Advisory Council (APRAC)
    • APAC Research Initiatives >
      • CCM-ABS Mapping WG
      • CCM – RBI Gopala Krishna Committee Report (GKCR) Mapping
      • Cloud Component Specifications
      • Cloud Incident Response
      • Cloud Security Services Management
      • High Performance Computing (HPC) Cloud Security
      • Hybrid Cloud Security Services
      • Industrial Control Systems (ICS) Security
      • Mobile Application Security Testing
      • SaaS Governance
      • Best Practices for Mitigating Risks in Virtualized Environments
    • Reports >
      • Cloud OS Security Specification v2.0 >
        • Hybrid Cloud and its Associated Risks
      • Survey Report on Security Practices in HPC & HPC Cloud
      • CCM Addendum (controls mapping with the ABS CCIG 2.0))
      • Cloud Incident Response Framework – A Quick Guide
      • Mobile Application Security Testing Landsacpe Overview
      • CSA CCM v3.0.1 Addendum - Cloud OS Security Specifications
      • CSA CCM v3.0.1 Addendum to the Reserve Bank of India (RBI)’s Gopala Krishna Committee (GKC) Report
      • CSA CCM v3.0.1 Addendum to the Guideline on Effectively Managing Security Service in the Cloud
      • Gap Analysis Report on Mapping CSA’s Cloud Controls Matrix to ‘Guideline on Effectively Managing Security Service in the Cloud’
      • Cloud OS Security Specification
      • Guideline on Effectively Managing Security Service in the Cloud
      • 2018 Cloud Adoption in the Malaysian FSI Sector: Survey Report
      • CSA CCM v3.0.1 Addendum to the Malaysia Personal Data Protection Standard 2015
      • 2017 State on Cloud Adoption and Security: APAC
      • 2016 Cloud Adoption and Security in India Survey Report
      • 2016 Cloud Adoption Practices and Priorities in the Chinese Financial Sector: Survey Report
    • C-STAR
  • Events
    • Upcoming Events
    • Past Events
    • CXO Roundtable Series
    • CCSK Training
  • CONTACT
    • Contact Us
    • Privacy Notice
  • Home
  • About
    • About Us & Our Team
    • APAC Chapters
    • Newsletter
  • Press Release
  • Research
    • APAC Research Advisory Council (APRAC)
    • APAC Research Initiatives >
      • CCM-ABS Mapping WG
      • CCM – RBI Gopala Krishna Committee Report (GKCR) Mapping
      • Cloud Component Specifications
      • Cloud Incident Response
      • Cloud Security Services Management
      • High Performance Computing (HPC) Cloud Security
      • Hybrid Cloud Security Services
      • Industrial Control Systems (ICS) Security
      • Mobile Application Security Testing
      • SaaS Governance
      • Best Practices for Mitigating Risks in Virtualized Environments
    • Reports >
      • Cloud OS Security Specification v2.0 >
        • Hybrid Cloud and its Associated Risks
      • Survey Report on Security Practices in HPC & HPC Cloud
      • CCM Addendum (controls mapping with the ABS CCIG 2.0))
      • Cloud Incident Response Framework – A Quick Guide
      • Mobile Application Security Testing Landsacpe Overview
      • CSA CCM v3.0.1 Addendum - Cloud OS Security Specifications
      • CSA CCM v3.0.1 Addendum to the Reserve Bank of India (RBI)’s Gopala Krishna Committee (GKC) Report
      • CSA CCM v3.0.1 Addendum to the Guideline on Effectively Managing Security Service in the Cloud
      • Gap Analysis Report on Mapping CSA’s Cloud Controls Matrix to ‘Guideline on Effectively Managing Security Service in the Cloud’
      • Cloud OS Security Specification
      • Guideline on Effectively Managing Security Service in the Cloud
      • 2018 Cloud Adoption in the Malaysian FSI Sector: Survey Report
      • CSA CCM v3.0.1 Addendum to the Malaysia Personal Data Protection Standard 2015
      • 2017 State on Cloud Adoption and Security: APAC
      • 2016 Cloud Adoption and Security in India Survey Report
      • 2016 Cloud Adoption Practices and Priorities in the Chinese Financial Sector: Survey Report
    • C-STAR
  • Events
    • Upcoming Events
    • Past Events
    • CXO Roundtable Series
    • CCSK Training
  • CONTACT
    • Contact Us
    • Privacy Notice

News Coverage on CSA Bangalore Summit 2019  View from India: Cyber security requires resilience

9/11/2019

 
Published Wednesday, September 11, 2019
India is among the world’s top three countries when it comes to phishing attacks and malware.


Cloud is the platform for security as a service; which is why leading companies adopt new agile security providers. They invest in foundational cloud security and architecture. They blend commercial security solutions with their own repositories of cloud security tools.

The growing investment in cloud can also be attributed to the fact that many verticals have leapfrogged from 2G to 4G. And now, the country is awaiting 5G, the next transformative wave of growth. The cloud security ecosystem needs to be scaled up. More so as many citizen-related services are being uploaded on to the cloud for smooth operations.
Ekta Mishra, the Cloud Security Alliance (CSA) country manager for India, puts some numbers to the trend. “As per the January 2019 IDC Report, the cyber infrastructure revenue has expanded. India’s IT spending is $2.9 billion. The potential of cloud is being leveraged by technologies like artificial intelligence (AI), blockchain and machine learning (ML),” she said, speaking at the CSA Bangalore Summit 2019.

When we look at responsibility for cyber security in an organisation, the chief information security officer (CISO) forms its vortex. The CISO ensures information assets and technologies are adequately protected. CISO is a relatively new role created in a company. It’s required because CISO’s role is expansive. It goes beyond information security to safeguard the entire spectrum. This includes infrastructure protection, which extends to routing, authentication and coding practices. It’s a role which calls for forethought to lock down systems in a strategic manner. Holistic functional security is required to protect the reputation of the company. 

Then, tech gaps need to be filled in the cyber security space by educating users. In practical terms, it’s about refraining from clicking or downloading malicious links. 

Malicious email attacks are increasingly penetrating into organisations. These are in the form of documents, voicemails, e-faxes or PDFs and spring into action when the individual opens his or her email box. “Email data in healthcare and other verticals are subject to attacks. Hence every organisation requires a cyber security resilience strategy. This equips the organisation to face adverse events and bring continuity to the business,” added Anoop Das, Mimecast enterprise manager, Middle East and India.

Often, data breaches and hacking begin with some sort of email threat. An email threat may seem something small. We all know it as spam, spoofing and phishing attacks, which actually have a snowball effect. The ultimate is that email data is compromised; and customers lose faith in a company, leading to huge losses.

This is where cloud-based security solutions fit in, with their customised security offerings. These include detection engines that help detect any form of security threat.

The organisation needs to be secured before any attack and not vice versa. By doing so, there will be continuity in the business. “Cyber security is required from the quality perspective. Bangalore is a hub of start-ups and that includes cyber-security start-ups. They are disrupting the cyber-security landscape through cost-cutting solutions and by reducing surface attacks,” reasoned Ravikishor Mundada, CEO of the Government of Karnataka’s Centre of Excellence in Cyber Security.

Cyber-security collaboration requires the right direction to give structure and shape to the industry. “Global spending on spreading awareness on cyber security has been around $1.5 billion. Awareness happens through videos showcasing use cases. This needs to be plugged into the institution’s module,” explained Das.  

Apex bodies and institutions need to offer training courses in cyber security. On its part, CSA has launched the Certificate of Cloud Security Knowledge (CCSK), which is a cloud security user certification, along with the Cloud Controls Matrix (CCM), the meta-framework of cloud-specific security controls mapped to leading standards, best practices and regulations. CSA works with providers, government and industry, and has over 30 chapters in the Asia Pacific (APAC) region.

Credit - E&T
© COPYRIGHT 2020. Cloud Security Alliance. All Right Reserved