By Yudi Wiradarma, Enterprise Sales Director, NetApp Indonesia
In the first installment of this 2 part mini-series on Cybersecurity, organizations will learn how to effectively mitigate risks as threats continue to evolve and get increasingly pervasive with the rise of more accessible data and tools. In line with the increasing implementation and usage of IT, internet and cloud-computing by various organizations, including government agencies, cybersecurity is as important as physical security to any establishment. Many organizations, including the Indonesian government, have realized the paramount importance of cybersecurity. As a result, President Joko Widodo recently announced the establishment of National Cyber Agency to counter the increase in cybersecurity threats.
According to The Global State of Information Security® Survey 2015 by PwC, there was a 48% increase in reported cyber-attack incidents from 2013 to 2014. In Indonesia alone, a report by Indonesia Security Incident Response Team on Internet Infrastructure (ID-SIRTII) revealed that there were 48 million cyber-attack incidents reported in last year- real figures are estimated to be far higher.
The rise in these cyber-attacks has created fear and paranoia in protecting intellectual assets, access, and communication network. Organizations and government agencies must be prepared with effective counter-measures in the face of attacks. As such, data security needs to be highly prioritized.
There is a fine balance between the need to allow access to data and the need to protect that data from hackers. With cybersecurity, you have to give data the respect it deserves. This includes giving data enough confidentiality to prevent unauthorized access, the integrity to ensure that where the data’s stored is trustworthy, and creating alternative environments that immediately reverts the data available to its last-known good state.
To uphold these tenets on data, IT decision makers should take the necessary steps to ensure the safety of their digital assets. The following are some my recommendations:
Create a secure access to your network and data. You’ll definitely need a broader range of security technologies to provide the most optimal protection against penetration and disruption at every security layer from network access to data storage.
Ensure that the network and security-monitoring infrastructure are able to keep up with the network itself.
Take advantage of analytic tools to gain a better understanding of the threats, attacks, and vulnerabilities. With these insights, you’ll be able to strengthen security policies to better safeguard systems and data from future attacks.
There is no full-proof protection. Every organization needs to have a backup and disaster recovery strategy should their network and data be compromised. A risk assessment and business impact analysis is a crucial first step before building the disaster recovery plan to help identify the IT services that support the organization’s critical business activities.
Among numerous security mechanisms, the most effective method to protect any confidential information is data encryption. If the organization’s first line of defense is penetrated, data encryption will make sure that confidential data can't be viewed.