Security risks have increased for enterprises as any place and every place is being turned into an office with the pandemic forcing people to Work From Home (WFH).
With the continued focus on WFH and digital transformation kind of work being done at homes, companies need to adopt a perimeter-less security approach to gear up for the ‘new normal’, warns PwC.
“Applications, data, users and devices are moving outside the organisation’s perimeter. As a result, attackers on the outside can penetrate an organisation’s network through various means,” said Siddharth Vishwanath, Partner and Cyber Advisory Leader at PwC India.
Moreover, under the ‘bring your own device’ (BYOD) policy, employees are increasingly using their own mobile and other semi-trusted and untrusted devices to access critical information, as per a PwC report, Securing the Future of Business.
“Organisations should move towards the ‘future of business’, they will no longer be able to address the changing threat landscape using conventional approaches,” Mr. Vishwanath added.
The report says, in the past, securing an organisation was about establishing walls around the data centre that housed the core data and applications.
“But with the growing use of emerging technology coupled with mobile platforms, cyber attackers are resorting to attacks such as credentials hacking, targeted phishing and data mining malware in order to obtain credentials and gain access to an organisation’s network,” he added.
PwC report suggests organisations to adopt zero trust architecture (ZTA) to fortify their network architecture. ZTA principles are based on the concept of ‘always verify and never trust’ anyone. This approach requires every user, account or device attempting to gain access to the organisation’s infrastructure to undergo verification prior to obtaining access.
ZTA aims to enforce granular perimeters on data, user and location. This lowers the potential for data breaches, as per the report.
“It is important for organisations to foster a culture that is risk aware. Thus, there is a need for a comprehensive security awareness programme that encompasses virtual training sessions and phishing, vishing, and smishing campaigns for development, continuous adaptation and sensitisation around security practices,” Mr. Vishwanath who authored the report further said.
You have reached your limit for free articles this month.
To get full access, please subscribe.
Already have an account ? Sign in
Show Less Plan
Subscription Benefits Include
Find mobile-friendly version of articles from the day’s newspaper in one easy-to-read list.
Move smoothly between articles as our pages load instantly.
Enjoy reading as many articles as you wish without any limitations.
A one-stop-shop for seeing the latest updates, and managing your preferences.
A select list of articles that match your interests and tastes.
We brief you on the latest and most important developments, three times a day.
*Our Digital Subscription plans do not currently include the e-paper ,crossword, iPhone, iPad mobile applications and print. Our plans enhance your reading experience.