Rest of Asia
Rest of Asia
Rest of Asia
Rest of Asia
How to Mitigate the Cybersecurity Risk Surrounding Your Technology Infrastructure
How to Mitigate the Cybersecurity Risk Surrounding Your Technology Infrastructure
How to Mitigate the Cybersecurity Risk Surrounding Your Technology Infrastructure

De-Risk Your Technology Infrastructure with These Cybersecurity Practices

Digitisation has unlocked a world of possibilities. But it is also a treacherous minefield of cybersecurity vulnerabilities. The interconnected digital economy makes every company, big or small, a potential target for cyber attackers. 

Today’s tech infrastructure and the connected ecosystems are extensive and shifting. Many users access the infrastructure daily and share information. Lurking cyber criminals get ample opportunities to do their damage. Attacks on the technology infrastructure may even create existential cybersecurity threats to businesses.

The statistics are mind-boggling.

There were 2.8 billion malware attacks in 2022. These attacks launched 270,228 new malware variants. Conventional cybersecurity deployments could not thwart such malware. 

On average, threat actors orchestrated 638 ransomware attempts per computer worldwide in the first half of 2022. 92% of affected enterprises lost critical data as they did not have effective data loss prevention measures.

There were  1,270,883 phishing attacks in 2022. In 2021, phishing emails led to companies worldwide losing over $44,213,707.

Microsoft mitigated an average of 1,955 DDoS attacks daily in 2022.

Companies have their reputation and revenues at risk. They have to take proactive steps to de-risk their technology infrastructure. These interventions help:

1. Conduct periodic vulnerability assessments

A vulnerability assessment is a time-honoured way to fortify the network against threats. A standard assessment exercise involves a comprehensive infrastructure review and audit. 

Some of the common vulnerabilities or loopholes unearthed by vulnerability scanning include:

  • Operating system vulnerabilities such as outdated software, missing patches, and weak passwords.
  • Application vulnerabilities such as SQL injection attacks and cross-site scripting.
  • Network vulnerabilities such as open ports, misconfigured firewalls, and unsecured wireless networks. With today’s spread-out network, such loose ends pose high-risk points. 
  • The presence of malware or viruses already residing in the system.
  • Weak encryption protocols or certificates that attackers can exploit.
  • Access control threats, such as excessive privileges or access to sensitive data for users.


A thorough vulnerability assessment also encompasses physical risks. For instance, it highlights unsecured doors, windows, or laxity in physical access control measures.

In today’s fast-paced environment, vulnerability assessment is no longer a one-off process. Vulnerability assessments become effective only when done periodically, and remediation occurs in real time. 

But conducting a vulnerability assessment is only the first part. Knowledge of the vulnerabilities is useless unless acted upon. 

  • Make an asset inventory and keep it up-to-date. The first step towards effective de-risking is understanding the value of the protected assets.
  • Prepare a worst-case scenario and create a methodological plan to reduce vulnerabilities. 
  • Create frameworks bound to policies and protocols. Industry frameworks developed by ISO/IEC 27001 and NIST offer good starting points. 
  • Prioritise risks. For instance, an outside vendor, such as a travel aggregator, is far riskier than a long-standing established supplier. Consider the internal context when prioritising risks. 
  • Establish a single point of authority, ideally the CIO. In many enterprises, multiple executives share the responsibility for closing risk gaps.

2. Enforce multi-factor authentication

Strong passwords are the basic front-line security measure. But passwords are always susceptible to cracking. Multi-factor authentication (MFA) offers additional layers of security. It preempts the risk of unauthorised access to the tech infrastructure.

Multi-factor authentication adds roadblocks that stop threat actors in their tracks. Even if the threat actors access any one mode of authentication, they can rarely comprise two or more access credentials of the same user. Also, biometrics such as retinal detection and fingerprints are difficult to crack. Compromising physical authentication devices such as keyfobs requires physical presence.

Multi-factor authentication may be mandatory and not a choice. Many regulatory frameworks, such as Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA) and EU General Data Protection Regulation (GDPR), recommend or mandate the use of MFA to protect sensitive data.

3. Deploy firewalls and antivirus software

Firewalls and antivirus software are basic, time-tested cybersecurity deployments that remain relevant. These layered deployments detect, block and remove potential threats. Traditional signature-based detection techniques cannot cope with the latest AI-based attacks. The newest suites co-opt Machine-Language and behaviour-based detection to identify advanced threats. On detecting malware, it isolates and removes the threat.

How to Mitigate the Risk Surrounding Your Technology Infrastructure

4. Implement encryption

Encryption has been a time-tested way to protect sensitive information. 

Data encryption, in transit and at rest, protects sensitive data from unauthorised use. 

The threat actors cannot read the data even if they can access it. Encryption ensures:

  • Confidentiality by encoding the content.
  • Authentication by verifying the origin.
  • Integrity by ensuring the content remains tamper-proof in transit. 
  • Nonrepudiation by preventing senders from denying the transmission. 


Encryption also meets compliance regulations. PCI DSS mandates merchants to encrypt customers’ payment card data at rest and in transmission. 

Depending on the sensitivity of the data, there are different grades or strengths of encryption to apply.

5. Backup data

Regular data backups enable the enterprise to recover from cyber attacks that result in data loss or corruption. Backups reduce the risk of downtime and permanent data loss and make the enterprise resilient to cyber-attacks.

Effective approaches include:

  • Duplicating data on on-premises and data centres for businesses adopting a multi-cloud model. 
  • Disaster recovery plans that store data in multiple clouds.
  • Backups and disaster recovery plans have risen in importance due to increased ransomware cases. A ransomware attack will not cripple the company’s operations with backups in place. 

6. Consolidate and automate

Consolidation and automation are not strictly cyber security practices. But these interventions contribute to de-risking the tech infrastructure in a big way. Consolidating security tools and services into a single platform reduces complexity. Network and incident monitoring becomes easier. 

Automation increases process accuracy, leaving little room for errors. Reducing the number of human touches in the IT infrastructure de-risks the process. Automation tools and approaches improve visibility into log files, network traffic, and user behaviour. It identifies potential threats in real time and applies consistent cybersecurity policies.

Consider the common practice of companies sharing IP with their ecosystem partners or suppliers. For instance, the aviation industry has aggregator portals, connectivity networks, banks, and customers. Each of these partners brings potential risks. But enterprises, hard-pressed for time, do not enforce controls to reduce the risks. Applying automated policies and protocols helps these companies re-risk such dangerous situations.

7. Offer cybersecurity awareness training

Employees are often the weak link in cyber security. Cybersecurity awareness training helps employees identify potential threats and mitigate such risks.

Cybersecurity awareness training reduces the risk of human error. Employees trained in cyber security best practices:

  • Have more awareness of phishing attacks 
  • Promote a culture of working safely and improving security. 
  • Offers another line of defence to detect and report suspicious activities.
  • Follows established incident response protocols to minimise the impact of breaches.


De-risking the technology infrastructure requires a holistic approach. Many enterprises often take significant risks by doing nothing or doing the wrong things. The fallout of cyber attacks goes far beyond data loss, downtime, or financial loss. It can result in losing trust, which will become hard to regain. 

Tags:
Email
Twitter
LinkedIn
Skype
XING
Picture of Supriyo Sircar

Supriyo Sircar

Supriyo has over 30+ years of industry experience and is currently a hands-on entrepreneur running DigiLeap Technologies, a specialist in RPA and in RPA Applications, providing RPA technology project outsourcing as well as staffing services on several RPA products and Diligent line of Banking Compliance products for Enterprise KYC and Identification and Verification. Earlier, Supriyo served as the CEO of Asia Pacific in Polaris, a BFS Technology specialist company based in Singapore and had also headed BFS Strategy and Large Deals based in London, for Virtusa, post Polaris’ acquisition by Virtusa. Prior to this, he was at Scandent Singapore (acquired by XchangeInc – now DXC) and BMC Software in Singapore, Asia and Houston, USA, as well as in Remco Americas, Houston and Unify Corporation across various roles in Sales, Presales, Consulting and Technology Mgmt. Supriyo enjoys independent consulting and is always happy to provide technical advice at SupriyoS@digileap.net.
Picture of Supriyo Sircar

Supriyo Sircar

Supriyo has over 30+ years of industry experience and is currently a hands-on entrepreneur running DigiLeap Technologies, a specialist in RPA and in RPA Applications, providing RPA technology project outsourcing as well as staffing services on several RPA products and Diligent line of Banking Compliance products for Enterprise KYC and Identification and Verification. Earlier, Supriyo served as the CEO of Asia Pacific in Polaris, a BFS Technology specialist company based in Singapore and had also headed BFS Strategy and Large Deals based in London, for Virtusa, post Polaris’ acquisition by Virtusa. Prior to this, he was at Scandent Singapore (acquired by XchangeInc – now DXC) and BMC Software in Singapore, Asia and Houston, USA, as well as in Remco Americas, Houston and Unify Corporation across various roles in Sales, Presales, Consulting and Technology Mgmt. Supriyo enjoys independent consulting and is always happy to provide technical advice at SupriyoS@digileap.net.
Blog or Generic
Ask Chloe
Proofpoint
Tricentis
Proofpoint
Tricentis

Recommended For You

View More
IT Knowledge Zone is the leading source for transformative tech blogs, events, and use cases in the APAC region that provide deep contexts to help business leaders make smart decisions and stay on top of innovative tech solutions.
  • Follow Us On
ITKZ Follow Us On LinkedIn
  • Office Address

9, North Buona Vista Drive, # 02-01
The Metropolis Tower One
Singapore 138588

IT Knowledge Zone is the leading source for transformative tech blogs, events, and use cases in the APAC region that provide deep contexts to help business leaders make smart decisions and stay on top of innovative tech solutions.
  • Office Address

9, North Buona Vista Drive, # 02-01
The Metropolis Tower One
Singapore 138588

  • Follow Us On
ITKZ Follow Us On LinkedIn
2024 © IT Knowledge Zone. | Supported by Pulley Ascent (Asia) Pte. Ltd.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.
Ask Chloe

Submit your request here, my team and I will be in touch with you shortly.

Share contact info for us to reach you.