Summary: When we think of cybercriminals, the instant association of a shadowy intangible figure gets created in our minds. This is reflective of the ambiguity and negativity around cyberattacks but the longer we hold on to this mental image, the more likely are we to be victims of these attacks. As per Gartner, while 95% of CIOs expect cybersecurity threats to increase and impact their organisations, a recent study conducted by Frost and Sullivan, revealed that 83% organisations in APAC do not factor in cybersecurity before adopting digital transformation projects. The findings reveal that 35% of organisations in APAC have on an average encountered one security breach in the last one year. With the rapid influx of data through the adoption of new age technologies like Internet of Things (IoT), Cloud, artificial intelligence (AI), it is time for enterprises to rethink their approach to cybersecurity and deal with the threats that are disrupting the day-to-day digital operations and causing costly downtime. CIOs and CEOs need to adopt a holistic approach to security as any form of information breach can be disastrous. With security exploits emerging at a rapid pace, there should be a clear call to action for enterprises to prioritise cybersecurity needs to ensure that they have the correct policies and resources to detect the attackers and protect their business. Some of these actions include conducting a security audit to ensure that the security measures that the company has implemented holds against any attacks; enterprises should also implement software product updates to ensure that all software is updated and secured, as well as audit firewalls and IPS configurations to block off all known malicious IP addresses. Having said that, it’s almost impossible for businesses today to navigate the ever-growing security minefield alone, making it essential to work with a trusted managed security services provider. Working with a security provider will help enterprises develop a solid preventive strategy. For example, a trusted vendor can work with the company to ensure that their security needs are aligned with their business objectives. They also help address one of the biggest challenges the industry faces around paucity of skillset and contextual threat intel, which converts raw information into intelligent insights that enable enterprises to make sound decisions about their security posture. The security providers are able to offer a predictive and proactive range of solutions that increase visibility of risks and prevent attacks and breaches within businesses. With a robust intrusion detection and prevention mechanism in place, threats and attacks can be monitored in real time and resources can then be redistributed to mitigate the threat. Organisations need to look at security more broadly as a complete solution which is embedded in their business strategy, instead of it being an afterthought. It’s not just about preventing threats but also looking beyond to leverage technologies such as AI for predictive analysis of high-risk threats, to identify and manage high priority incidents across the entire data spectrum. As organisations go about their security strategy and identifying the best security service providers, they also need to ensure there are no chinks in their armour. Employees are one of the weakest links in the security chain. There is a critical need to increase awareness amongst employees of the threat landscape and the company’s security policies to address that, by conducting regular employee trainings and keeping them abreast of new advancements. All in all, it is time to step up and be more vigilant of the impending security threats. With the right partner, skill sets, training and policies in place, cybersecurity could be the backbone of the organisation to mitigate risks, reduce threats and ultimately, become an enabler to business processes eradicating the lurker in the dark. Written by Gauri Bajaj – Director, Cybersecurity (APAC) at Tata Communications. Likes