17,000 new credit cards issued by ICICI linked to wrong users

A recent report shows 59% Indians became victims of cybercrime during the pandemic

While organisations are leveraging on the digital ecosystem to counter challenges brought by the Covid-19 pandemic, cyber frauds too have unfortunately shot up. According to one of the latest reports by IBM, India was the second country targeted by cybercriminals after Japan in the Asia Pacific region in 2020. In 2020, IBM Security X-Force observed attackers pivoting their attacks to businesses for which global COVID-19 response efforts heavily relied, such as hospitals, medical and pharmaceutical manufacturers, as well as energy companies powering the COVID-19 supply chain.

“Though individuals have got more aware, and financial sectors are proactive in investing and improving security. However, with the proliferation of newer attack vectors, and along with the sophistication of threat actors, the security measures are inadequate considering the challenges with the traditional approach to IT security, versus boundary less nature of modern businesses,” said Sanjay Kaushik, MD, Netrika Consulting.

He said there is a need to finetune cyber approach, and include the following measures:

• Build an advanced authorization ecosystem and step-up authentication beyond the traditional password and username and adopt multi-factor authentication.
• Proactively detect threats to avoid and minimize breaches. Deploy continuous monitoring and strengthen the threat discovery and response process.
• Not only adopt an enterprise VPN but customize security features to suit new age boundaryless users with intelligent cloud edge solutions.
• Secure endpoints with real-time threat integrations, apart from policy-based access and protection from malware and other threats.
• Managing mobile and personal devices and confidential data with enterprise-grade management solutions.
• OS and Applications are protected and patched adequately.
• Restrict any unnecessary remote access and limit access on a per services basis, per task and per session basis.
• Use restrictive policy, whether for password management or remote access or unnecessary ports/services
• Roll out an aggressive organization-wide awareness and training campaign.