Only 4% Organisations Confident Of Information Security Implications Of Their Current Strategy: ASSOCHAM-EY Joint Study
A meagre four per cent of organizations are confident that they have fully considered the information security implications of their current strategy, and that their risk landscape incorporates and monitors relevant cyber threats, vulnerabilities and risks, noted a recent ASSOCHAM-EY joint study.
“With a view to achieve actual benefits of the fourth industrial revolution, the government will need to take measures so that the cybersecurity market in India grows hand in hand with Industry 4.0,” said the study titled, ‘Cybersecurity for Industry 4.0,’ conducted by The Associated Chambers of Commerce and Industry of India (ASSOCHAM) along with global professional services firm Ernst & Young (EY).
The report added, sector-specific security baselines and an integrated data protection framework will help India derive sustainable benefits from current technological revolution.
It also said that cybersecurity should no longer be viewed as a function of information technology (IT) or information security alone, it needs to form an integral part of the culture and strategy of the organization and should be reflected in each and every facet of the organization, right from the strategy to the behaviour of an individual employee.
“Such an integrated cybersecurity vision aligns business functions of the organizations with needs of the stakeholders and becomes a more acceptable strategy,” said the ASSOCHAM-EY study.
It noted that government and organizations face a challenge to be cyber resilient in order to adapt to evolving and disrupting technologies. “Traditional information security practices might provide necessary approach but might not be enough to completely protect the organizations.”
Organizations need to focus and commit to a framework that:
♦ Provides an integrated approach to cybersecurity – a holistic approach to threat landscape rather than employing security technologies in silos.
♦ Develops capabilities for threat detection to respond appropriately and proactively.
♦ Employs the use of artificial intelligence to recognize patterns for smart monitoring of IT infrastructure.
♦ Develops strong relationships between organizations across different sectors and government bodies for sharing information, intelligence, capacity building and research.
The study further said that in Industry 4.0 and its emerging technologies, gender diversity, cultural diversity and divyangjan, or differently abled bodies inclusion form a core of human resource management and merit-based recruitment. “Empowering and disinhibiting these is a fundamental aspect of innovation in governmental departments and organisations.”
It also suggested that capacity building in human resources for Industry 4.0 must involve a multi-pronged strategy internally in departments, with a ground-up focus on mindset development.
“It is important for the government to develop programs for skill upgradation of existing man-force and ensure that the curriculum of school and universities is suitably modified to include these as core subjects in future,” said the ASSOCHAM-EY study.