Mr. Keyur Desai, CIO, Essar Ports & Shipping, Head InfoSec – Essar, was one of the speakers at the Virtual Cybersecurity Summit India & SAARC: Zero Trust. The panel discussed the topic – “The rise in Ransomware Attacks: A ‘Zero Trust’ Response Strategy”. The Summit was organised with the aim to discuss latest industry trends and security solutions for the future.
Mr Desai was accompanied by reputed fellow panelists Mr. Chandan Pani, CISO, Mindtree & Mr. Shiju Rawther, Head Information Technology, SBI Mutual Funds.
The session witnessed a thought-provoking discussion with fellow panelists focusing on how enterprises across India & SAARC are seeing a spike in ransomware attacks and practitioners are seriously considering deploying the ‘zero trust’ framework as a response strategy. The objective behind deploying this framework is to ensure that customers’ IT assets are completely hidden away from the customer. Access will be provided to the internal and external users only on a limited and need basis.
Mr. Desai shared his thoughts on how a ‘zero trust’ strategy could be a compelling concept in responding to these ransomware attacks. A Zero Trust Strategy is a framework approach that uses the existing architecture of the best info-security practices. Citing the example of Essar, he explained how the company has been following the least user privilege and user access model over the years, with a thorough IT landscape hardening, NAC controls and AAA controlled admin privileges.
He emphasised on how a good cyber security architecture always plays a vital role in safeguarding the organisation’s data. However, keeping the basics right matters the most. In addition to this, he also specified about Essar’s belief in keeping basic hygiene right. Data backup, vulnerability management, security patch management are some of the basics that are of high significance.
Mr. Desai also specified that organisations should start looking for vendors with SWG (Secure Web Gateways), CASB (Cloud Access Security Broker), ZTNA (Zero Trust Network Access), FWaaS (Firewall as a Service), and SD-WAN capabilities with consistent policy enforcement and simplified administration. He also added that replacing remote access VPN gateway with the solution that supports robust authentication and authorisation with micro-segmentation can be a good strategy to start the journey and leverage a zero trust approach.