Are you secure enough in this age of cloud?

Security is a necessary and natural feeling which provides people and organization the chance to grow and prosper. Imagine if we were to live in constant fear of harm. It would make us utterly paranoid and paralyzes our growth.

In today’s world, technology plays a major part in making us feel safe and secure in every sense. Look at the way it has tried to create structures and keep us way ahead of the bad guys.

What we see today in the world of computers and digital communication in the name of security is just another form of the game played out from the time humans felt the need to secure their interests. The simple door bolt came about when we felt the need to keep the world out of our houses. Next came simple locks on the inside. But what about the outside. Then came the mechanical lock and so on.

With time, our lives have moved away from the most physical aspect of things. Technology and digitization have brought the world into an unthinkable realm. Most things aren’t physical anymore like money, transactions, most services and of course communication. We have tried our best to secure these as well by creating net protection and anti-virus packages every now and then which among others include firewalls and advanced security systems. As before, it propagates an illusion of security and safety.

What remains untouched and as potent as before is the very danger they try to cover. Theft, robbery, and loss, besides the very threat of harm, are its usual form.

The very recent heist at a much-known and admired Co-operative bank and that too ironically on India’s Independence Day brought out the fact that our advancement in science to make life easy and secure always has an underlying element of its own Achilles’ heel. In this particular case, despite the bank’s reputation of being a leading light among Co-operative Banks which spent a sizable sum on cyber-security, it was subjected to a humiliating cyber break-in where a sizable sum of money was siphoned off from its system with brazen impunity. What was relieving was that it did not affect individual account holders much but was designed to pilfer directly from the bank’s systems. What it did was shake people’s confidence in the bank’s systems to keep itself and its account holder’s interests secure. Worse, to shore up its defenses and secure itself from further attacks, the bank simple shut down its ATM and online payment gateways! For no fault of their, the account holders, mostly individuals, were put to severe inconvenience.

What this incident was clearly shown to the world is that the issue of high-end online frauds which plagues the entire field of a cyber transaction is a very live and real threat, and affects everyone be it a super-cautious individual or a wayward corporate. And it is not only about the banking and finance industry. It can affect ANYONE, ANYWHERE AND AT ANY TIME. Even the best of security systems seem to have loopholes which these cyber thieves, bullies, and robbers put to good use. The fact remains that with ever-increasing security systems and patches, there are some not-so-obvious overlaps and gaps which give enough room for the bad-guys to wriggle into the system. Human errors and sometimes abject stupidities just add to it.

For individuals, the way forward is to keep their eyes wide open when transacting online and strictly adhering to a set of guidelines including the use of good cyber-security packages on their machines and gadgets.

But corporate? Where are they to go? With practically everyone in this domain having moved their entire operations to the digital domain and further to the cloud, the threat of a complete wipe-out is very, very real, extremely fast and extremely unforgiving. For them, there is a super-urgent need to go for the best and most seamless of systems backed by AI & real-time, always-on Analytics which monitors transactions and looks for patterns and incidences which could indicate the presence of a malicious intent.

On this subject, one thing worth mentioning is that while corporate spend so much on advertising, branding, and sales, is it not justified to increase the spend on digital transaction security? Agreed that sales efforts do bring the bread and butter, but if it is all lost due to lousy systems, where lies the justification to spend?

For such eventualities, the corporate world and more so those dealing with finance and financial products, there is a real need to treat cybersecurity expenses at par with those for products and service offerings.

Practically every corporate entity appoints CPA/CA, Lawyer and an assortment of such officials under some statute or the other to fulfill statutory compliance whose non-compliance could cost the entity lacs if not crores.

Cyber-security may seem less threatening as statutes do not concern them. And herein lies the paradox. Just because the law won’t be after you if you take things lightly, you could well be opening yourself to a far bigger threat from cyber robbers and thieves who could use your lax systems to do irreparable damages.

Forget the attack, even the whiff of it is enough for all your clients moving their business somewhere else. You lose money to the robbers and worse your brand identity and clientele goes to your biggest competitors!

No one advocates making a comparison between statute-related losses versus cyberworld-related losses. What we advocate is to take each according to their own merits. In the case of the latter, what is called for is the appointment of IT experts and agencies with cyber-specialization who can help scan the digital domain for every possible threat and take necessary steps to ward off the danger.

All this call for some serious introspection and super-quick action. Delay could just mean the end of an organization as we know it.

Leave a Reply