Enterprises today operate in a digitally connected world, where technology and connectivity are core to their digital transformation strategies and operations. However, with hyperconnectivity, organisations must also contend with hyper exposure to cyber risk. In this article, Srinivasan CR, Executive Vice President for Cloud and Cybersecurity Services and Chief Digital Officer at Tata Communications, explores how organisations can protect themselves amid ever increasing cyber threats.
Amongst the most prevalent threats today, ransomware is one of the most disruptive and destructive risk that enterprises face In the last 12 months, Cyber Security Breaches survey highlighted 39% of UK businesses identified a cyber-attack, remaining consistent with previous years. With modern enterprises relying extensively on data to run their operations, cybercriminals can effectively shut down an entire organisation by taking their data hostage.
Moreover, ransomware attacks are becoming increasingly sophisticated and multi-layered. For instance, by encrypting and exfiltrating their victims’ data, cyber perpetrators can extort more money by threatening to expose the information to data leak sites or underground forums.
In fact, ransomware has become such a significant risk that NordLocker’s analysis looked at the global distribution of ransomware attacks between January 2020 and July 2022, finding that regardless of geographic location, small businesses are at the highest risk, accounting for nearly two-thirds (62%) of all attacks take place in the UK. Likewise, international law firm RPC found that the number of UK ransomware attacks highest targeted sectors were finance, insurance, credit, education, and healthcare.
So, what can organisations do to protect their business? Here are five important considerations:
1. Reinforce Cyber Hygiene
From a technology perspective, good cyber hygiene practices comprise of disciplined vulnerability assessment and management where all operating systems, software, firmware, and network devices are constantly updated. Additional attention is needed for end of life and end of support applications and devices. Organisations should also enforce robust password regimes and leverage measures, such as MFA (Multi-Factor Authentication), to minimise the chances of unauthorised access.
People form another critical aspect of cyber hygiene.
“Organisations should conduct regular cyber awareness training to raise employees’ security knowledge and awareness.”
They should also conduct exercises, such as phishing attack simulations, to elevate employees’ cyber vigilance. These steps are vital in preventing ransomware delivery through social engineering.
2. Adopt a Zero-Trust Approach
Organisations should look at transforming their security infrastructure based on zero trust principles. In simple terms, zero-trust essentially means that an organisation does not automatically trust anything inside or outside of its perimeter. Every access request needs to be fully validated to ensure its legitimacy.
The impetus to adopt a zero-trust framework is the dramatic growth of endpoints within organisations and the need for more devices to communicate directly with applications. Zero-trust allows enterprises to verify access requests based on identity and user context and limit access to specific applications to authorised users, creating a more secure digital environment.
3. Vault your Data
Effective preparation is the key to minimising the impact and disruption that ransomware attacks can bring. Frequent data backups, regular testing of backup restoration and storing data in vaults are critical to avoiding a data hostage situation.
“Organisations need to recognise that paying the ransom is never recommended path.”
Instead, they should focus on preparations that allow them to get back on their feet swiftly. The optimal approach to addressing a ransomware incident is to execute data recovery from the offline data storage to resume operations.
4. Upgrade your Defences with a Security Operations Centre
Enterprises can adopt a more proactive cybersecurity stance by creating their own security operations centre (SOC) with the right analytical tools and skills or subscribing to the services of one. Through an advanced SOC, organisations can move beyond security information and event management (SIEM) tools with curated Cyber Threat Intelligence Feeds which are credible and actionable.
Additionally, integrating Security Orchestration And Automation (SOAR) can give enterprises the ability to automate containment actions swiftly which are key in current cyber threat context. Also, enterprises should leverage user and entity behaviour analytics (UEBA) and detection tools to more holistic extended detection and response (XDR). Tapping on XDR can give enterprises the ability to secure all data across their digital estate.
“Besides having the right technological tools and framework, another critical component of a fully functional SOC is talent.”
The SOC needs to be manned by a team of highly skilled cyber defenders with deep knowledge of the enterprise estate. As the cybersecurity industry faces a manpower crunch, organisations can look to managed security service providers to fill the gap.
The SOC team can also help enterprises develop a ransomware response checklist and incident response plan. This includes understanding applicable state data breach laws, mapping communication procedures, and ensuring the contacts matrix is up to date. In addition, organisations can further evaluate their readiness by conducting periodic incident response drills.
5. Secure your Digital Ecosystem
Lastly, in a digitally connected world enterprises today have many dependencies as look to deliver value across their ecosystem of partners, suppliers, governments, institutions. They must evaluate the security posture of their third-party partners and ensure all connections between third-party vendors and outside software or hardware are monitored and reviewed for suspicious activity.
Cybersecurity assurance should also be critical evaluation criteria when selecting partners and vendors. Organizations need to be able to trust their partners’ capabilities to secure the data they share with them.
“With the industrialisation of cybercrime and the rise of ransomware-as-a-service, ransomware attacks have become advanced, destructive, and challenging to defend.”
To keep their digital assets safe and prevent their data from being taken hostage, enterprises need to continue to evolve their cyber defences.
By seeking a trusted cybersecurity partner to help evaluate their security posture, improve their defences and elevate their cybersecurity strategy to the next level, organisations can better protect their continuity while ensuring they stay one step ahead of cyber adversaries – especially in the face of increasingly potent ransomware attacks.
To learn more about how to upgrade your defences for the cybersecurity threats of tomorrow, click here.
Transformational Hybrid SolutionsOur cloud-enablement services offer the best performance on your traffic-heavy websites or mission-critical applications.
Core NetworksTata Communications™ global IT infrastructure and fibre network delivers the resources you need, when and where you need them.
Network Resources  
Unified Communications As A ServiceBreak the barriers of borders efficiently and increase productivity with Tata Communications’ UC&C solutions.
Global SIP ConnectEmpower your business with our SIP network and witness it grow exponentially.
InstaCC™ - Contact Centre As A ServiceCloud contact centre solutions for digital customers experience and agent productivity.
DIGO – Communications Platform as a ServiceDIGO is an in-network cloud communications platform, enabling you to power up converged contextual human-to-everything conversations globally.
Unified Communication Resources Case studies, industry papers and other interesting content to help you explore our unified communications solution better.
IoT SolutionsThe Internet of Things is transforming the way we experience the world around us for good. Find out more about our Internet Of Things related solutions here.
Mobility SolutionsTata Communications’ mobility services enable your enterprise to maintain seamless communication across borders, with complete visibility of cost and usage.
Multi-Cloud SolutionsWith enterprises transitioning to a hybrid multi-cloud infrastructure, getting the right deployment model that yields ROI can be a daunting task.
Cloud ComplianceCompliant with data privacy standards across different countries and is also designed to protect customers’ privacy at all levels.
IZO™ Cloud Platform & ServicesIZO™ is a flexible, one-stop cloud enablement platform designed to help you navigate complexity for more agile business performance.
Managed Infrastructure ServicesIntegrated with our integrated Tier-1 network to help your business grow efficiently across borders.
Cloud PartnersWe support a global ecosystem for seamless, secure connectivity to multiple solutions through a single provider.
Governance, Risk, and ComplianceRisk and Threat management services to reduce security thefts across your business and improve overall efficiencies and costs.
Cloud SecurityBest-in-class security by our global secure web gateway helps provide visibility and control of users inside and outside the office.
Threat Management - SOCIndustry-leading threat-management service to minimise risk, with an efficient global solution against emerging security breaches and attacks.
Advanced Network SecurityManaged security services for a predictive and proactive range of solutions, driving visibility and context to prevent attacks.
Cyber Security ResourcesCase studies, industry papers and other interesting content to help you explore our securtiy solution better.
Hosted & Managed ServicesTata Communications provide new models for efficient wholesale carrier voice service management. With our managed hosting services make your voice business more efficient and better protected
Wholesale Voice Transport & Termination ServicesYour long-distance international voice traffic is in good hands. End-to-end, voice access & carrier services which includes voice transport and termination with a trusted, global partner.
Voice Access ServicesTata Communication’s provide solutions which take care of your carrier & voice services, from conferencing to call centre or business support applications.
CDN Acceleration ServicesOur CDN Web Site Acceleration (WSA) solution helps deliver static and dynamic content, guaranteeing higher performance for your website.
CDN SecuritySafeguard your website data and customers’ information by securing your website from hacks and other mala fide cyber activities.
Video CDNDeliver high-quality video content to your customers across platforms – website, app and OTT delivery.
Elevate CXIncrease customer satisfaction while empowering your service team to deliver world-class customer experience and engagement.
Live Event ServicesTata Communications’ live event services help battle the share if eyeballs as on-demand video drives an explosion of diverse content available on tap for a global audience.
Media Cloud Infrastructure ServicesTata Communications’ media cloud infrastructure offers flexible storage & compute services to build custom media applications.
Global Media NetworkTata Communications’ global media network combines our expertise as a global tier-1 connectivity provider with our end-to-end media ecosystem.
Use CasesUse cases of Tata Communications’ Media Entertainment Services
Remote Production SolutionsMedia contribution, preparation and distribution are highly capital-intensive for producers of live TV and video content, and their workflows are complex.
Media Cloud Ecosystem SolutionsThe Tata Communications media cloud infrastructure services offer the basic building blocks for a cloud infrastructure-as-a-service.
Global Contribution & Distribution SolutionsTata Communications’ global contribution and distribution solution is built to reduce capital outlay and grow global footprint.
Satellite Alternative SolutionsAs more and more consumers choose to cut the cord & switch to internet-based entertainment options, broadcasters are faced with capital allocation decisions.
LeadershipA look into the pillars of Tata communications who carry the torch and are living embodiment of Tata’s values and ethos.
Culture & DiversityHere at Tata Communications we are committed to creating a culture of openness, curiosity and learning. We also believe in driving an extra mile to recognize new talent and cultivate skills.
OfficesA list of Tata Communications office locations worldwide.
SustainabilityTata Communications adopts a holistic approach and harnesses the power of new-age technologies like 5G, IoT and AI to build a sustainable digital world.
FAQCheck out our FAQs section for more information.
BoardHave a look at our board of members.
ResultsFind out more about our quarterly results.
Investor PresentationsFollow our repository of investor presentations.
FilingsGet all information regarding filings of Tata communications in one place.
Investor EventsAll investor related event schedule and information at one place.
GovernanceAt Tata, we believe in following our corporate social responsibility which is why we have set up a team for corporate governance.
SharesGet a better understanding of our shares, dividends etc.
SupportGet all investor related contact information here.
Oracle
Amazon Web Services
Microsoft
Google Cloud
IBM Cloud
Salesforce
Alibaba Cloud
Digital Futures
Smart Cities
Corporate Venturing and Innovation
