Category: Feature

By Colonel B. S. Nagial (Retd.) The nexus between transnational organised crime and terrorism epitomises a worldwide threat. The convergence of criminals and terrorists, tactics and resources empower them to gain more substantial capacities to threaten world peace, security and economic development. UNSC resolution 2482 (2019) is a vital resolution passed under the Chapter VI of the UN Charter and articulated in depth the nexus between terrorists and organised crimes.1 Expressing its concerns that terrorists could benefit from domestic or international organised crimes as a source of financing and logistic support. Elaborating further, it emphasised that there is a need to coordinate efforts at local, regional, national and international levels to respond adequately to these challenges in accordance with the law of the land. But overplaying the connexion between organised crime and terrorism might lead to actions that endorse the risk management tools of the domestic criminal justice system. Terrorists can benefit from organised crimes such as the trafficking of arms, drugs, artefacts, cultural property and trafficking in human beings, illicit trade etc. There is a general difference of opinion regarding understanding terms such as ‘terrorism’, ‘violent extremism’ or ‘organised crime.’ Different nations are dealing with these terms differently, thus leading to variance in protecting and promoting human rights. Numerous UN agencies and related world enforcement bodies are the programme of action to prevent, combat and eradicate the illicit trade in small arms and light weapons, the International Tracing Instrument, UNODC, the UN Commission on Crime Prevention and Criminal Justice, and the UN Commission on Narcotic Drugs, UNCTED. Other regulating agencies are the Financial Action Task Force (FATF) and its Global Network of FATF-style regional bodies and the Global Counterterrorism Forum (GCTF), INTERPOL etc. Organised crime could be designated as the actions of any group or a composite of groups operative as an organised grid, linking numerous players, organisations and activities at various echelons to bend, manipulate or violate the laws of the land, to create money and survive on fear and corruption. Organised crime systems can be as small as inside a locality indulging in extortion. They could become as large as involving transnational crime groups and carrying out numerous activities such as drug trafficking, arms smuggling, terrorism, money laundering etc. It employs illicit methods such as monopolisation, terror, violence, extortion and tax evasion to drive out or control lawful ownership and leadership and to extract illegal profits from the public. It also corrupts public officials to prevent the interference of the government and thus becomes all the time more erudite. In India, along with its original domains of actions like extortion, seeking protection money, contract killing, bootlegging, making a bet, prostitution and trafficking, now indulge in drug trafficking, illicit arms trading, money laundering, terror and acts of violence. The linkage between terrorism and organised crime Terrorism is a grave problem which India is facing. Theoretically, terrorism does not come in the category of organised crime, as the overriding motive for terrorism is political or ideological and not gaining of money-power. Nevertheless, the Indian experience exhibits a very minute variance between criminals and terrorists. There is an indication to show that, be the terrorists of J&K, insurgents of the North East States or, for that matter, the Left Wing Extremists, all of them indulge in the methods and tactics of organised crime to mobilise funds for their organisations. They have been indulging in activities like drug trafficking, gun running, extortion, kidnapping or, for that matter, even contract killing in some instances to raise money for their organisations and themselves. Further, in some instances, the existing criminal networks of organised crime are being utilised by the terrorist leaders to complete their operations, as was the case of the Dawood Ibrahim gang being used by the Jihadis to conduct a series of bomb blasts in Mumbai in 1993. Terrorist groups share relations with organised criminals at several levels, including conducting operations to raise money and seek assistance from organised crime networks. This is done to fulfil their requirements of money and ammunition and oblige the organised crime gangs to return to conduct their operations in the regions that these terrorists control. Various aspects in which both terrorists and criminals are related include The terrorists themselves indulge in drug trafficking to support their movement. Sympathisers of terrorists living abroad indulge in drug trafficking and send part of their illegal profits to fund the terrorist movements. Terrorists join with drug lords to gain access to those in power in other countries and sympathise to their cause. Terrorists give protection and support to drug traffickers with firearms, and the drug traffickers, being acquainted with the routes, assist the terrorists in border crossings to bring arms, counterfeit currency and drugs in the target country. Organised crime gangs and terrorists directly utilise the proceeds from these operations and the counterfeit currency to fund their operations and allied activities in the region. The areas primarily affected by terrorism in India are the border states which also happen to be transit routes for narcotics to their destinations elsewhere in the world. It is not a coincidence that the growth of the terrorist movement in Punjab synchronised with the emergence of the Golden Crescent as a central drug-producing area in the early 1980s. The emergence of drug mafias in the Golden Crescent countries and their linkages with smugglers in the border States of India have given impetus to gun running. There is also evidence that the money generated abroad by the smugglers was used to purchase weapons smuggled into the country for terrorist activities. To illustrate, Dawood Ibrahim utilised the existing smuggling network in landing consignments of arms and explosives on the west coast in early 1993, used for causing serial blasts in Bombay. Preventing the formation of the nexus between terrorism & crimes In India, like many parts of the world, discontentment, alienation, and perceived victimhood among the populace could be exploited by terrorists and criminals to achieve their clandestine aims and objectives. There is a large…

“With a huge array of online and in-store shopping options available, stores need to deliver great customer experiences to stay ahead. To do that, they need to take advantage of key technologies – such as smart video – which provides a real-time view of customer needs in store and supports faster, more responsive service” Andrew Martin, Retail & Logistics Lead at Hikvision UK and Ireland Massive growth in online retail has led to the commoditization of all kinds of products, from furniture and phones to groceries and printer paper. In many cases, the last bastion for differentiation is customer service – whether customers buy online or in store. But although great customer experiences are absolutely central to success in today’s markets, delivering them remains a major challenge for retailers for a number of reasons. First, many supermarkets are moving towards semi-unattended or totally unattended environments, which makes it harder than ever to provide the personal, face-to-face service experiences many customers still want. Additionally, fewer staff in all kinds of retail stores means it’s increasingly difficult to balance customer care and day-to-day tasks such as admin, inventory, and shelf filling. In this environment of stiff competition, increasing online and hybrid shopping options, and changing retail staffing models, technology solutions can greatly enhance a store’s ability to deliver great customer service. In particular, the latest generation of AI-enabled smart video solutions provide new ways to enhance customer experiences, without the high costs and complexity of manual processes. Five ways smart video gives you the edge on customer service Smart video is able to boost customer experiences and deliver new competitive advantage for retailers in five important ways: Understand and meet customers’ needs in store, in real time Smart video makes this possible by providing ‘real-time awareness’ of customers’ journeys through the store. For example, smart cameras can be used to count customers entering and leaving the store, ensuring that enough staff are available to serve them. Staff can also be diverted to the checkout when queues get too long and return to routine shelf-filling and other tasks during non-peak times when fewer customers are in the store. Ensure that the right products are available – when and where customers want them For customers, having access to the right product in the right place at the right time is the cornerstone of a great experience. Smart video can help by registering the availability (or otherwise) of goods on shelves, and by triggering alarms to ensure products are restocked and always available. Additionally, video data analytics provide new insights into which products are the most popular, helping stores to place them in ‘hotspots’ where customers can find them quickly and easily. This ensures that the shopping experience is as quick, efficient, and satisfying as possible. Deliver great service in unattended retail environments As an increasing number of retailers roll out unattended stores (or stores with very few staff), smart video is taking a leading role. It’s possible, for example, to identify customers who are struggling at the self-service checkout, and to send a member of staff to assist them. Additionally, smart video offers multiple, high-value security applications for unattended environments, from traditional video security to AI algorithms that detect shoplifting. These capabilities ensure that customers feel safe, while also helping to minimize shrinkage from the inventory. Provide pleasant, multi-channel shopping experiences Smart video can help retailers provide far better multi-channel shopping experiences in store based on an in-depth understanding of customer journeys. For example, analysis of video data can ensure that kiosks for online ordering and product pickups are located in the right areas of the store to minimize congestion and speed up service. Likewise, smart video solutions at the distribution center can ensure that customer orders are picked and packed correctly, as well as ensuring that customer queries and disputes are answered faster. Keep stores safe and clean for customers With smart video, store managers and maintenance teams can get alerts in real time to ensure the store is always safe and clean. In particular, AI-powered cameras can detect liquid spills or obstacles in the aisles automatically, allowing staff to react more quickly to ensure that these issues never compromise the customer experience. Why partner with Hikvision on instore customer experience Many leading brand retailers are partnering with Hikvision to enhance their in-store experiences with help from our smart video solutions and our ecosystem of retail technology partners. Our solutions not only give managers a real-time view of how many customers are in the store, and the ideal staffing levels to look after them. Hikvision smart video can also ensure that products are always available when and where customers want them – and that multi-channel customer journeys are optimized.  

Nikhil Taneja, VP & MD, Radware – India, the Middle East & South Asia October is observed as cybersecurity month. Taking a look back at the first half of 2022, there was a significant increase in the threat landscape, especially with hacktivists targeting government agencies, enterprises and prominent individuals. DDoS attacks saw a hike of 203% across the globe. Radware’s threat analysis report observed an increase in malicious transactions targeting online applications, dominated by predictable resource location and injection attacks. The attacks that rose significantly during the Russia-Ukraine war have spilled over to other countries too. On October 10th, 2022, pro-Russian hackers – Killnet took down the US airport websites, where the group invited hackers to participate in the DDoS attack. What one would need to understand is that such attacks will not cease and so, organizations need to use preventive measures to counter such attacks and reduce the vulnerable targets. The biggest downside of DDoS attacks is the negative implication on Business ISACA is an advocate for professionals involved in information security, assurance, risk management and governance. The recent results from its inaugural consumer cybersecurity research have found that 41% of consumers in India alone have had their personal information stolen by cybercriminals and 40% report having severed ties with a company that experienced a breach. As companies are increasingly adopting technology, the immense data generated, applications and changing work environment have only increased the threat landscape. Such incidents only put a dent in the credibility and RoI of the organization. So, how to prevent and keep safe from such attacks? Robust and resilient network architecture is key to prevent DDoS type attacks. Evaluate the capabilities of the vendor providing security services against cyber threats. Constant monitoring and understanding of the network traffic of the organization. Outsource the DDoS protection if the in-house team is not equipped to handle it. Sensitize employees about cyber hygiene, how to recognize DDoS and other cyber attacks. The focus should also be on key assets, applications, servers and other end/ entry points. Expand DDoS protection to cloud, hybrid and multi-layer environment. Include software and hardware tools that help provide the 1st layer of protection against hackers. The expanding threat landscape can only be countered and contained, but not stopped The pandemic acted as a catalyst in pushing digitalization impacting how businesses functioned. But this also increased the surface for DDoS attacks and hence increased the number of attacks on a YoY basis. Initiatives like cybersecurity awareness months help us remember why there is a need to fight threat actors; how one can use the tried and tested preventive mechanisms to keep our cyberspace safe and healthy; and understand why we cannot escape from looming threats but instead can only fight them through state-of-the-art products and solutions.  

By Colonel B. S. Nagial (Retd.) Contemporary terrorism varies from unlawful activity because it is motivated by specific political goals. Terrorists generally indulge in illicit activities such as murder, sabotage, blackmail, arson etc., which are indistinguishable from those criminals commit. But terrorists simply carry out these activities to achieve broader objectives such as ideological, social, political, religious etc. In order to achieve their ultimate aim, the terrorist organisations try to instil an incapacitating sense of fear within each individual in the targeted community. All actions of terrorism are aimed at subverting the sense of security, causing disruption in the dayto-day life of the ordinary person and rendering the targeted community helpless. The main aim is to drive public opinion in favour of terrorists and put pressure on the government machinery to give in to the will of the terrorist organisations. This way, the targeted community becomes the tool in the hands of these inimical elements. Public support is very essential for terrorism to survive and thrive. According to the former Prime Minister of Israel, “Terrorism can have a highly demoralising effect. It takes away people’s self-confidence; it causes a feeling of defeatism. This negative thing should be fought against.” The intent of terrorist organisations is not to kill people in thousands in their every act of terrorism. The only purpose of terrorism is to cause fear among the targeted populace. The best example of this is the targeted killing of Kashmiri pandits in Kashmir valley in 1989. Terrorists can achieve their aim even without carrying out an act of terrorism by publicising the threats and statements in print and electronic media. These days social media is the best platform to engage in psychological warfare. Because the media serve as an influential vector of risk transmission, we need to recalibrate the threat levels around us frequently. In this ‘risky’ world, we also must come to terms with the constantly emphasised threat of terrorism. It is pertinent to mention that in concentrating on killings of civilians as targets by terrorist organisations, they violate the international norms of the rule of conflict/ war. Violent acts by non-state terrorist organisations against the targetted population for political drives are objectionable crimes that, when widespread or systematic, can be equal to crimes against humanity. The government’s responsibility is to protect its citizens from terrorist attacks. At the same time, government machinery must ensure that all counterterrorism measures respect human rights. Terrorism creates several dilemmas. Firstly, we need security without compromising civil liberties. Secondly, we need forewarning without inducing unnecessary alarm. Thirdly, we need to invest in preparation for possible terror attacks without jeopardising our commitment to other significant responsibilities. Fourthly, we must be vigilant and cautious without paralysis and paranoia. Studies have shown that terrorist attacks affect the mental and physical health of persons exposed to terrorism. When terror strikes at the workplace, where people spend much time and should feel safe, the health consequences for those affected might be severe. When every routine activity requires calculating the risk of getting killed or injured in advance, this causes anxiety for both the combatants and civilians. Regrettably, research on terrorism is intermittent, but some lessons have been learned, often painfully, from ongoing terrorism in India and worldwide, and we cannot afford to ignore them. Furthermore, the so-called ‘war on terrorism will fail if pursued only in terms of military power and increased physical security. ‘Without attention to the psychological side of terrorism, we risk losing the war because, in the final analysis, the psychological aspects of terrorism represent not merely one such battle within the war, they represent the war itself.’ (G S Everly, Psychological counterterrorism. Int J Emerg Ment Health 2003;5: 57-9). As far as India is concerned, terrorism has been stimulated by political, social, ideological and ethnic factors that demolish the society’s fundamental fabric. India has been the victim of terrorism for the last seven decades, primarily cross-border terrorism. India has faced many terrorist attacks such as the Bombay attack in 1993, the Parliament attack in 2001, the Delhi blasts in 2005, the Mumbai Train attack in 2006, the Jaipur blasts in 2008, the 26/11 Mumbai attack, the Uri attack in 2016, the Pulwama attack in 2019 etc. The terrorists aimed to instil intimidation among the people of India. Presently, three major parts of India badly affected by terrorism are Jammu and Kashmir, Central India and the Northeast region. According to David A Alexander and Susan Klein, the psychological impacts of terrorist attacks have not been well documented. However, there is wide-ranging literature on how affected persons and communities typically react to significant trauma. Most reactions at the early phase post-trauma are normal; few individuals display florid psychopathology. The psychological impacts could be summarised as under: Emotional Shock, numbness, denial. Fear, anxiety. Helplessness, hopelessness. Cognitive Disorientation, confusion. Intrusive thoughts, images, memories. Increased sense of risk. Impaired concentration and memory. Social Withdrawal. Irritability. Loss of trust and faith. Avoidant behaviour. Physical Autonomic hyperarousal. Insomnia. Loss of energy.   How best can we cope with the psychological impacts of terrorism? Every so often, it looks like the world is turning into a life-threatening place due to terrorism. Daily we come across the news about bombings in public places, shootings, and other incidents of volatility and irrational violence against people worldwide. It has made us conscious of our susceptibility. Our fears are reinforced with each incident of a violent attack in society. Due to this, many of us have increased anxiety and fear as we go about our daily lives. If this sense of fear is ongoing, it can make it difficult to concentrate at work. It can result in stress-related illnesses and affect our quality of life. Undermentioned are some coping strategies to defeat the psychological impacts due to terrorism. Government must aim at conveying professional information to the public on the issue of terrorism in a logically consistent manner. This would not arouse undue anxiety in people. Initially, such information could create hype, but with…

SBOMs can provide visibility into a more secure future, ultimately paving the way for previously untapped business priorities and more seamless operations Organizations operate in varying lines of business and fields. However, there is one common denominator for almost every modern business: Software use. It’s reasonably safe to say that every company uses software from many different vendors. Operating systems like Windows, MacOS, Linux, iOS, and Android likely run on every one of your business computers. Applications like office suites, mobile apps, and web browsers are installed on those operating systems. Even the cloud servers we connect to are all driven by software. Much of this software is made up of other software. Developers tend to use well-tested and trusted software modules to build applications. So when you buy a software application, it likely has code in it that was not written by your software developer. While it is beneficial to the consumer to have well tested software, it also can introduce bugs and vulnerabilities. Including a Software Bill of Materials (SBoM) by software vendors allows software consumers to have a deeper and more uniform understanding of their software assets. We outlined in our recent white paper how SBoMs can help business leaders achieve their desired organizational security – keeping their data safe – and in turn, realize key business priorities such as increased security overall, through SBoMs. Apart from vulnerability management, the increased levels of transparency that come inherently with successful SBoM integration offer a world of possibilities into other ways your business can be transformed, while prioritizing a more secure future. Across all functions, the additional insight SBoMs provide help improve decision making around the external businesses with which your organization engages – and increased accountability makes for a more secure supply chain with more evenly distributed risk. The added accountability and visibility also creates a more reliable service for clients that could help to mitigate financial losses from outages. From an organizational outlook, mitigated financial losses make the business, as a whole, more efficient because of the reduction of unplanned and unscheduled work. Through increased visibility – provided by SBoMs – organizations will be able to better protect themselves from cyber threats and vulnerabilities and will have increased lineof-sight into software utilized across the entirety of the business. This is even true for businesses that are traditionally more siloed, as leaders are now able to be more proactive and unearth untapped competitive advantages.  

By Colonel B. S. Nagial (Retd.) On 11 September 2001, terrorism crossed all the boundaries and became faceless yet a lethal weapon after it struck the US. The magnitude of the attack, the targets chosen, planning and infrastructure involved were beyond the imagination of scholars, security analysts and the policy makers. Since then, it has stimulated new national and international endeavours to track the ways and means of terrorist funding to clog them effectively. Nevertheless, evidence on terrorist sustenance edifices is challenging to stumble upon and even if it comes out, it is vague and mostly unreliable. Maybe only the intelligence and security agencies have a specific inkling of the roots and extent of financing terrorism. For example, investigators in the US believe that terrorists had spent about US$5,00,000 to carry out their 9/11 attacks. However, it will likely cost the US at least $100 billion to repair the damage. Terrorist organisations require funds to survive, thrive and carry out terror and violent actions. The financing of terrorism involves the resources of revenue and methods undertaken by terrorist organisations to fund their nefarious activities. The required funds could be generated through permissible sources such as profits from businesses and charitable organisations. But generally, terrorist organisations get the money from illegal resources such as the smuggling of arms, ammunition, logistic stores, drugs, etc. or kidnapping for payoff. Combating the financing of terrorism is an extremely intricate venture which involves multifaceted activities and players. It requires both legislation and ground-level operations involving different agencies. Taking a stride in the direction of combating terrorist financing, the United Nations Office of Drugs and Crime (UNoDC) issued the guidelines through the International Convention for the Suppression of the Financing of Terrorism in 1999. By implementing these conventions, the member nations could develop capacities of criminal justice and law enforcement agencies to investigate, prosecute and adjudicate terror financing. To track the financing of terrorism in India, a Terror Funding and Fake Currency (TFFC) cell has been set up under the supervision of the National Investigation Agency (NIA). It focuses on terror funding as well as fake currency notes. India has also strengthened the provisions enumerated in the Unlawful Activities (Prevention) Act 1967 to combat terror funding. It is the responsibility of all States and Union Territories to prevent the financing terrorist networks. The main aim of persons or entities involved in terror funding is to conceal the sources of money and funding activities. Money laundering is the process of concealment and camouflage of illegal origins and proceeds of criminal activities dealing with money. In both cases, the illicit use of the financial sector is involved. The most disturbing fact is that money laundering equips corruption and organised crime. The techniques used in money laundering and financing terrorism are similar, identical, and somewhat overlapping. Therefore, anti-money-laundering/ countering terror financing must address both these risks. Today, the world is technology driven. Swift developments in financial information, technology, and communication permit money to travel worldwide easily and quickly. This makes the job of anti-money laundering/ combating terror financing more dynamic and challenging. Terrorists frequently change their methods and means of raising and moving funds & other assets to hide their activities from the agencies involved in countering them. Thus, it is imperative to identify correctly, assess and understand the mechanism of funding terrorism. This is very crucial for the disruption and dismantling of terror funding networks. Modus Operandi of terror funding Terrorists need funds to function as an organisation. With the money, they buy arms, ammunition, and other warlike stores. Their sources of funding could be both legal and illegal. Funding generally takes place in small amounts. Terror financing is a worldwide phenomenon threatening the world community’s peace and security and weakening economic development and market stability. Therefore, it is essential to curb the flow of funds to terrorist organisations. Though terrorist organisations and their tactics have evolved, yet the primary requirement of the terrorists to raise, move and utilise funds has not changed over a period. The funds are mobilised in numerous ways, such as exploiting legitimate commercial ventures and natural resources, abuse of non-profit organizations, non-governmental organisations, and crowdfunding sites. Terrorist organisations might also be directly or indirectly associated with organised inimical groups/ people. They might involve them in felonious actions, such as drugs, arms trafficking, human trafficking, blackmailing, and kidnapping for money. Nations are always worried about terrorists’ ill use of the Internet and other emerging technologies to garner and move funds, including through virtual currencies. Tracing measures and scrutiny of financial intelligence provide critical information on terrorist networks and their links with individual terrorists and Foreign Terrorist Fighters. Terrorism in India Terrorism in India could be divided into four major categories as Terrorism in Jammu and Kashmir, Terrorism in the hinterland, Left-Wing Extremism (LWE) and Insurgency in Northeast states of India. Their activities include terrorism, secession, smuggling, production and circulation of Fake Indian Currency Notes, terror funding, etc. According to the accessible intelligence reports, terrorists who are in action in India are frequently reinforced and financed by their parent organisations located outside, predominantly in Pakistan, in the forms of shelter, training, weapons and finance. Countering terror funding and anti-money laundering in India There are four components of the financial market in India – banking companies, financial institutions, the securities sector, and insurance companies. A fully functional Financial Intelligence Unit (FIU) was established in the country in 2006 as a chief national agency in charge of receiving, processing, analysing and disseminating information relating to suspect financial transactions to enforcement agencies and foreign FIUs. It reports directly to the Economic Intelligence Council (EIC) under the Finance Minister of India. The other members of the EIC are heads of all the intelligence agencies, the Governor RBI, and the Chairman of SEBI. Agencies involved in the AML/ CFT system The Ministry of Finance is accountable for fiscal policies in India, including revenue and tax collection, budgeting, and expenditure of the Govt of India. Department of Revenue oversees monitoring…

Amarjeet Singh Manchanda Vice President – Data Centre & Cloud Business, iValue InfoSolutions Majority of the organisations are expanding their network and accelerating their adoption of the cloud. Organisations continue to build new cloud-based applications or migrate current ones. This is because Cloud allows for pervasive, convenient, and on-demand network access to a shared pool of programmable computer resources. According to new Confluera research, the majority of enterprises are speeding up their cloud adoption, with 97 percent of IT leaders admitting that their plan includes expanding cloud installations. In today’s cloud world, the report looks at how IT leaders discover, evaluate, and respond to cybersecurity threats. Although there are numerous advantages of using Cloud, there are also some major concerns. Security is one of the biggest impediments to the adoption of the cloud, followed by concerns about compliance, privacy, and legal challenges. Understanding the Cloud Vulnerabilities Organisations should be aware that the security vulnerabilities associated with cloud migration are constantly evolving. Adopting cloud technology or choosing cloud service providers (CSP)s and applications without understanding the risks involved exposes an organisation to a slew of financial, technical, legal, and compliance risks. Apart from these, it is important that enterprises consider other challenges and risks associated with cloud adoption specific to their processes, systems, data and the ones listed above are far from exhaustive. A company’s cloud journey will be fraught with dangers; all it takes is for them to recognise the risks. The security hazards of cloud computing differ slightly depending on the delivery model, even though most of the hazards apply to all cloud solutions. By taking the time to identify and assess these risks, businesses can ensure that they have the right processes and tools in place to minimise them. Here are five notable threats, risks, and vulnerabilities in cloud environments: Data Breaches & Loss Data breaches are one of the most significant security dangers of cloud computing, with costly ramifications for businesses of all sizes and industries. A data breach may occur when a security breach allows unauthorised access to sensitive information. The other most likely possibility is critical cloud resources would be irreparably corrupted. If you don’t back up your most crucial data, it’s always a possibility that it will be lost. Many significant, high-profile data breaches are caused by preventable cloud security vulnerabilities. A potential Insider Threat Insiders do not have to be malicious to be a security threat. Insiders do not need to break through firewalls, virtual private networks (VPNs), and other security defences as they are on a trusted level, due to which, they can access networks, computer systems, and sensitive data directly. If organisations don’t think carefully about their cloud governance model, their own employees can inadvertently put them at risk. Misconfiguration & Poor Access Management When computing assets are set up incorrectly, they become vulnerable to malevolent activity, which is referred to as misconfiguration. Unsecured data storage elements, excessive permissions, unchanged default credentials and configuration settings, standard security controls left disabled, unencrypted systems, and unrestricted access to ports and services are all examples of misconfiguration. Organisations today are adopting the cloud without a comprehensive plan that integrates their identity access management (IAM) programme with their cloud environment. A Lack of secure cloud architecture and strategy It’s a fallacy to assume that organisations can simply ‘lift and transfer’ their existing internal IT stack and security measures to the cloud. Moving, implementing, and operating in the cloud safely requires the right security architecture and strategy. However, if the cloud-based infrastructure interfaces are not properly secured, this can lead to problems. Insecure Interfaces/ APIs Organisations and clients are frequently provided with a variety of application programming interfaces (APIs) and interfaces by CSPs. These APIs are well-documented in general to make them as easy to use as feasible for CSP clients. If the API is configured incorrectly, it can expose the organisational data to vulnerabilities that will provide anonymous access without authentication which will eventually lead to potential cyberattacks. Factors to consider when choosing Cloud Services Organisations should investigate cloud access and entitlement management systems that enable visibility across all cloud resources as well as uniform enforcement and management of access controls to protect against the security threats of cloud computing. Furthermore, organisations need to consider implementing a cloud governance framework. It is a set of rules and policies that run services in the cloud. The purpose of cloud governance is to improve data security, control risk, and ensure that cloud systems run smoothly. Cloud governance incorporates cloud access and entitlement management into their overall identity management model. Organisations may use their existing identity procedures, workflows, sign-offs, and reporting for their cloud environments by implementing this identity-centric approach to cloud governance, simplifying administration, strengthening security, and facilitating compliance. Some more integration to manage cloud security: Firewalls Firewalls guard the perimeter of a company’s network security as well as its users. Firewalls help keep traffic between cloud-based apps safe. They act as initial shields against potential attacks. Identity and access management (IAM) Enterprises can deploy policy-driven enforcement processes for all users attempting to access both on-premises and cloud-based services using IAM tools and services. Its primary function is to create digital identities for all users so that they may be actively monitored and limited as needed during all data transactions. Data loss prevention (DLP) DLP services provide a range of tools and services that are designed to keep regulated cloud data secure. DLP systems secure all stored data, whether at rest or in motion, using a combination of remediation alerts, data encryption, and other preventative measures. Intrusion Management The advent of virtualisation and enormous multi-tenancy is creating new targets for intrusions, posing many problems about how to implement the same protection in cloud environments. Intrusion management is the process of monitoring and responding to statistically unpredictable events using pattern recognition. This could include real-time reconfiguration of system components to stop or prevent an intrusion. Security Information and Event Management system A SIEM gathers and analyzes data…

Manish Chasta, Co-Founder and CTO at Eventus The journey towards digitalization and cloud solutions that enhance productivity gains, increase agility, and reduce operational costs has rapidly and continuously expanded security vulnerabilities for most businesses. Businesses must supervise their entire IT infrastructure to comply with security requirements in the current digital environment, and Security Operations Center-as-a-Service (SOCaaS) is the most efficient way to do so. Why is SOCaaS Essential As workplaces become more mobile and remote, cybercriminals are ramping up their attempts to access applications, systems, services, and data both on-premise and in the cloud from outside the company network. Today, most businesses have made significant investments in on-premise and cloud security monitoring systems to secure sensitive data, comply with an increasing surface of data protection regulations, and defend intellectual property and other confidential data. However, this has catapulted in an overwhelming volume of security alerts. It is exceedingly difficult for the majority of these companies, particularly the small and medium-sized ones, to probe and evaluate every alert. SOCaaS enables security analysts to make a coherent effort to cover all cyber security risks and centralized threat surveillance abilities. Another significant driver has been the scarcity of cyber security skills, affecting companies of all sizes. SOCaaS enables you to take advantage of SOC resources without having to worry about employing qualified personnel. SOCaaS also allows for rapid capacity expansion at a much-reduced cost than establishing additional capacity in-house. Why Outsource SOC The Security Operations Center is a team consisting of cybersecurity experts and trained engineers, who are dedicated to performing advanced IT security operations. SOC services are aimed at preventing any threats to cybersecurity by early detection and response to any incident of hacking or data breach. It is a subset of cyber security that keeps a detailed real-time awareness of an organization’s assets in order to avoid threats and attacks. Organizations at times may not have the necessary workforce to be dedicatedly working on thwarting cyber attacks, or their current resources may not be enough or may have other areas to take care of, like IT support. To address this issue, Managed Security Services Providers (MSSP) can be employed to uphold your company’s security. Outsourcing SOC can help an organization enable: Reduced Expenditure: Outsourcing your cyber security monitoring to expert professionals means reducing the cost. To begin with, acquiring an employee with the necessary cyber security skill sets is not simple and at times not feasible. Additionally, having an in-house security team would certainly require you to purchase all necessary security solutions, which may be at times, difficult to choose from, and increasing complications. A dedicated SOC partner will be equipped with all the necessary solutions and resources, and will be entirely responsible for the designated tasks, which is the security of your organization. Ceaseless Support: Outsourcing a SOC implies uninterrupted support. An SOC partner will constantly monitor the company network systems round-the-clock, with real-time support, alerts and reporting, a viable way to ensure continuous support and service. They will also run checks for detecting anomalies in the network, mostly looking for preying malwares or breach attempts. Facilitates Greater Efficiency due to Global Visibility: Outsourcing SOC has the greater edge of broadening the scope of security protocols. While an in-house team is constantly monitoring attacks launched against the parent organization, SOCaaS has direct exposure to a wealth of information from numerous customers around the globe. MSSPs gather and supervise threat intelligence from a wide range of sources, providing them with constant insight into major cyber-attacks and evolving cyber-crime methodologies. This data enables cyber security service providers to work more efficiently against cybercrime. Enhances Business Productivity: Security is critical for every organization, requiring time and attention. When there is a security breach, management must divert their attention to the operations of the SOC. This disrupts the business environment in general and distracts employees’ attention away from their primary duties. With an SOC partner taking care of the affairs, both organizations and employees are completely focused on the core business processes without being distracted by security challenges. Bottom-line Going in-house with security measures may not be an ideal tactic in today’s times, when bad actors are miles ahead in terms of technology and resources required to ambush any business today. Keeping that in view, the most appropriate strategy to rising cybersecurity concerns is to outsource an SOC. Go for a partner who is well updated with all security trends, threat detection and incident response tactics, and collaborated with all leading solution providers best available to ensure your cyber network is with the safest hands.  

Alexey Parfentiev, Senior Business Analyst, SearchInform The biggest part of data leaks, which have ever been reported in various mass media sources, happened because of affected organizations employees’ fault. Some of them simply made a mistake, some of them acted deliberately. Let’s find out, what is an insider related risk, what factors cause internal data leaks and how to protect company against them. Who are insiders and how they may affect an organization? When it comes to data leaks, financial organizations are among most vulnerable ones. Despite they are usually protected way better than other companies, still, they always remain the focus of both general public and intruders’ attention. News on the leaks, containing thousands and millions of strings, are published regularly. For instance, Spanish branch’s databases of Zurich insurance company were exposed. They contained 4 million strings of data, retrieved from clients’ insurance policies. Such kinds of data leaks usually occur, because employees forget, that a cybercriminal isn’t necessary a mysterious hacker. Instead, any staff member may turn out to be an intruder. An insider is an employee of any organization, who has an access to confidential data. Confidential data include trade secrets, clients’ and employees’ personal data, payment details, intellectual property. Leaks of such data may result into reputational and financial loses, legal claims. According to SearchInform research, most commonly the following groups of specialists turn out to be culprits of data leaks: client managers (41%), supply managers (20%), accountants and financial officers (22%). Most vulnerable links of an organization are the departments, which employees deal with finance and critical data. Due to the peculiarities of the sphere, in financial industry just about every kind of information is critical and practically each employee is a potential insider. Unintended violations Not all data leaks happen because of malicious actions. Vice versa, usually they occur due to employee’s negligence or lack of knowledge in the sphere of information security. What’s more, they often happen accidentally. For instance, because of one insurance company’s employees’ negligence, copies of valid passports, drivers licenses, handwritten statements and some other documents were thrown away at the dump. All the documents weren’t disposed appropriately. Thus, unscrupulous employees threw away copies of valid documents, and didn’t even bother to burn or to shred them. In case this data had been obtained by intruders, document owners would have become victims of social engineering attacks. Also, there was a chance, that intruders could apply for a microloan using victims’ credentials. The most common mistake, which causes unintended data leaks is data access misconfiguration. For example, due to such misconfiguration, excel tables, containing lists of clients and information about their vehicles, were accessible on the website of one insurance company. It was possible to get access to the tables by inputting any client’s surname on the web site. Another attack vector is phishing or BEC-attack, which may also result into accidental leak of critical data. Phishing is a type of fraud, which main aim is to steal confidential info or to force victim to commit some undesirable actions. To achieve the goals, intruders treat victim in order to gain his or her trust. Usually, this type of attack requires usage of the following instruments: email, fake web sources, phone calls and SMS. BEC-attack Corporate e-correspondence compromising, in particular, with the help of phishing. Occasionally, such attack is divided into a few stages. With the help of phishing cybercriminals manage to obtain account data of a staff member, in order to reach out his or her boss later. Most frequently, attackers are driven by financial interest. However, sometimes they search for confidential data, such as client database or know-how documents. Deliberate leaks Such actions may be caused by plenty of different motives. For instance, insiders steal data in order to gain financial benefit, in such case they sell data to competitors or publish it on the darknet. Employees may be offended because of dismissal or deprivation of the bonus. In revenge, they leak data, revealing some information about the organization. What’s more, an insider can make a copy of data (for instance, copy it on a flash drive or upload to a cloud storage and use later, when he or she will change the company). This risk poses a threat not only to big corporations. Small and middle size companies are equally endangered. Case study An employee of our client, which is a reseller company, decided to resign after her request for promotion was denied. But before she quitted, the woman had uploaded a 900 megabytes archive to a cloud. This archive contained all company’s research data on the local market. The estimated price of the research was US$1,670,000. InfoSec officers prevented the data leak just in time and by the way revealed a fact of falsification of accounting documents. How to protect data against a leak In fact, it’s possible to prevent insiders’ violations, but it’s crucial to understand and follow security regulations. First of all, this task refers to InfoSec and IT-department staff. Other department employees should understand that security requirements, set in an organization, are reasonable. Thus, staff mustn’t neglect the rules. That’s why it’s important to implement organizational measures, aimed at increasing the level of employees’ computer literacy. Full list of measures depends on the specific business-process. However, there are some basic rules. Provide your employees with an educational course on the information security rules The most effective way to prevent accidental leaks is to be critical when dealing with data. So, clarify this idea to your employees. Tell your employees, which kinds of links they mustn’t open and in when it’s better to stop messaging with the email sender immediately. Explicate, what is phishing Tell your staff members, how do intruders use data about the recipient, pretending to be a counterparty in order to gain trust. Set the policy of reliable passwords in your organization. Explain employees, why is it crucial to lock the PC, when they leave their workplace. It’s a good idea to…

“As technology advances, artificial intelligence (AI) is used in increasingly disparate ways to help achieve automated security measures. It’s now also being used in business scenarios, making it possible for business owners to resolve complex issues or tedious jobs with minimal effort. AI-powered applications, such as automated event alerts, false alarm reduction, ANPR (Automatic Number Plate Recognition), and people counting, have already become popular in a variety of scenarios” For security professionals, being able to provide innovative solutions with AI features is already becoming a vital component to make them more competitive. To help them meet common and unique challenges, Hikvision offers a range of products and solutions with AI-powered AcuSense technology, as well as DeepinView and DeepinMind series of products that can streamline and maximize automation of security protection and business operations. Smarter perimeter security with AcuSense technology Conventional perimeter protection solutions provide certain detection features enabled by video content analysis, such as motion detection, line-crossing detection, and intrusion detection, however, all these easily trigger false alarms when an animal, a shadow, or other natural movements are detected. As a result, security personnel need to spend time investigating each one, potentially delaying response to a valid alarm and generally affecting efficiency. Smarter perimeter security solutions with ‘effective false alarm reduction’ and ‘quick target search’ capabilities can be helpful here, which can identify and react to perimeter breaches in real time, and automate footage searches to locate true events quickly. AcuSense technology from Hikvision meets these needs with advanced AI features that support faster, more effective responses to security incidents. With the ability to differentiate between humans and vehicles and other moving objects, AcuSense reduces costly false positives for customers. This means they can verify real security threats immediately, and benefit from automated video searches to save hours on manual video reviews. Hikvision delivers a range of front- and back-end products with AcuSense technology, covering cameras, NVRs, and DVRs, which are also simple to install and configure. This means that security professionals can deliver the AI benefits of smarter perimeter protection for their customers quickly and easily, without additional training requirements. Improved operational efficiency with DeepinView and DeepinMind series With the advancement of algorithms and computing performance, AI technology has shown promising potential in creating intelligence and automation for different business processes. Besides perimeter protection, security cameras with AI features are also being used more by businesses to help improve their daily operations. This means great opportunities for security professionals to go beyond its traditional area to a wider business scope. Hikvision offers DeepinView cameras and DeepinMind NVRs with embedded Deep Learning algorithms, such as ANPR, people counting, and queue detection, to achieve a suite of intelligent functions for businesses. In retail, as an example, people counting provides valuable insights for shopping center operators. It provides tracking patterns in customer footfall to predict when to expect a rush of visitors, allowing them to keep crowd density under control. At the same time, queue detection can calculate how much time people are waiting in line, notifying cashiers before a customer’s patience runs out. On the other hand, parking management can be a headache for apartment buildings, office towers, and business parks alike. Powered by Deep Learning, cameras with ANPR capture vehicle license plates, with sharp rendering of the letters and numbers to deliver clarity. When installed at parking entries and exits, these cameras trigger automated responses to open or close the gate as well as notify personnel when needed, greatly improving parking efficiency. What’s more, parts of Hikvision’s DeepinView series cameras can now incorporate several AI-powered Deep Learning algorithms in one unit. Algorithms can be switched, essentially putting five or six unique cameras in one housing. Users can simply enable an algorithm manually for dedicated use, then later switch to another algorithm as needed. Unified management with HikCentral Professional In addition, Hikvision provides a unified software, HikCentral Professional, for security professionals and customers to easily manage multiple products and systems in single platform. HikCentral Professional, can flexibly unite applications, so users can build a tailored system to match their security and business needs. The unified approach not only creates greater situational awareness of a security environment, it also reduces real day-to-day management resources previously required by disparate systems. Secure more with more assurance Hikvision strives to help professionals from many walks of life stay confident and assured with future-shaping technologies, just as our advanced cameras address security challenges in protecting large sites and open areas. Apply for a smart trial today for a hands-on experience with Hikvision’s high-performance products! Also visit our website to learn more. Or you can explore the Hikvision digital showroom for complete product lines, core technologies, scenario-based solution packages and more.