What is Security Audit?

A security audit is a systematic evaluation of the security of a company's

information system by measuring how well it conforms to an established set
of criteria.

l A thorough audit typically assesses the security of the system's physical

configuration and environment, software, information handling processes
and user practices.

l Security audits are often used to determine compliance with regulations

such as the Health Insurance Portability and Accountability Act,
the Sarbanes-Oxley Act and the California Security Breach Information
Act that specify how organizations must deal with information.

Security Audit
 Why to perform Security Audit?

There are several reasons to do a security audit.

l Identify security problems and gaps, as well as system
weaknesses.
l Establish a security baseline that future audits can be
compared with.
l Comply with internal organization security policies.
l Comply with external regulatory requirements.
l Determine if security training is adequate.
l Identify unnecessary resources.
Security Audit
 Security Challenges

Rising Volume & Sophistication of Cyber Attacks

Increasingly Complex Business & Security Environments

Analyst Overwhelm

Harsher Regulations and Fines

The Widening Skills Gap

Security Challenges
 Security Challenges
Rising Volume & Sophistication of Cyber Attacks

l Industry experts have been writing about the unprecedented

volume of cyber attacks for years.
l Why? Because the volume of attacks just keeps going up.
l To help you understand the extent of the problem:
l Ransomware attacks are rising at more than 350% year-on-

year.
l Phishing volume grew by 40.9% in 2018 alone.

l Malware development and propagation methods continue to

evolve.
l Cybersecurity Ventures predict the global cost of cyber crime will
reach $9 trillion by 2023, meaning it will have doubled since 2015.

Security Challenges
 Security Challenges
Increasingly Complex Business and Security Environments

l As if that weren’t enough, security teams are also forced to contend with
business environments that are constantly shifting and evolving.

l New technologies like IoT, OT, cloud, and blockchain have tremendous
business applications, but they also create a huge amount of work for
security teams to properly secure and monitor them.

l As an example, in 2019 alone attacks on IoT infrastructure rose by 700%.

That’s a huge additional pressure on already-strained security teams and
resources.

Security Challenges
 Security Challenges
Analyst Overwhelm

l What will happens when workload volume and complexity consistently rise?
People become overwhelmed.
l This is called Alert fatigue.
l Analysts are forced to handle so many alerts (many of which are false positives)
that they simply cannot cope and are forced to leave many unchecked.
l According to research by Imperva, the average security team receives more than
10,000 alerts per day. An incredible 27% of enterprise security teams receive
more than 1 million alerts per day.

l As a result, 79% of security teams feel overwhelmed by the volume of threat alerts
they receive.

Security Challenges
 Security Challenges
Harsher Regulations and Fines

l The consequences of missing an important security alert are getting

worse by the year.
l New industry regulations like the GDPR (General Data Protection
Regulation) and 2018 California Consumer Privacy Act are forcing
security teams to work even harder by tightening requirements and
drastically increasing the penalties for non-compliance.
l Under the GDPR, organizations can be fined €20 million (~ $22.4 million)
or 4% of annual revenues (whichever is higher) if they fail to adhere to
their regulatory requirements.
l Uber were first to feel the “bite” of harsher legislation — albeit they had
made life harder for themselves by attempting to cover the breach up —
when they were fined $148 million for their 2016 data breach.

Security Challenges
 Security Challenges
The Widening Skills Gap

l (ISC)² estimate that during 2023 the cyber security skills gap
reached an incredible 4 million posts.

l Globally there are 3 million cyber security posts that can’t be filled
because there simply aren’t enough security professionals to fill
them.

l Even worse, this gap is still growing. (ISC)² themselves has

previously predicted a shortfall of 1.8 million by 2022.

Security Challenges
 Common Cyber Attacks

l Ransomware attacks
l IoT attacks
l Cloud attacks
l Phishing attacks
l Blockchain and cryptocurrency attacks
l Software vulnerabilities
l Machine learning and AI attacks
l BYOD policies
l Insider attacks
l Outdated hardware

Security Challenges
 Common Cyber Attacks
Ransomware Attacks

l Ransomware attacks involve hacking into a user’s data and preventing

them from accessing it until a ransom amount is paid.

l Ransomware attacks have become popular in the last few years and pose
one of India’s most prominent Cyber Security challenges in 2020.

l According to the Cyber Security firm Sophos, about 82% of Indian

organizations were hit by ransomware in the last six months.

l With most ransomware attacks, the attackers don’t release the data even
after the payment is made and instead try to extort more money.

Security Challenges
 Common Cyber Attacks
IOT Attacks
l IoT devices are computing, digital, and mechanical devices that can
autonomously transmit data over a network.

l Examples of IoT devices include desktops, laptops, mobile phones, smart

security devices, etc.

l As the adoption of IoT devices is increasing at an unprecedented rate, so

are the challenges of Cyber Security.

l Attacking IoT devices can result in the compromise of sensitive user data.

l According to IoT Analytics, there will be about 12 billion IoT devices by

2023.

Security Challenges
 Common Cyber Attacks
Cloud Attacks

l Most of us today use cloud services for personal and professional needs.

l Hacking cloud-platforms to steal user data is one of the challenges in

Cyber Security for businesses.

l The infamous iCloud hack, which exposed private photos of celebrities.

l If such an attack is carried out on enterprise data, it could pose a massive

threat to the organization and maybe even lead to its collapse.

Security Challenges
 Common Cyber Attacks
Phishing Attacks

l Phishing is a type of social engineering attack often used to steal user

data, including login credentials and credit card numbers.

l Unlike ransomware attacks, the hacker, upon gaining access to

confidential user data, doesn’t block it.

l Instead, they use it for their own advantages, such as online shopping
and illegal money transfer.

l Phishing attacks are prevalent among hackers as they can exploit the
user’s data until the user finds out about it.

Security Challenges
 Common Cyber Attacks
Blockchain & Cryptocurrency Attacks

l While blockchain and cryptocurrency might not mean much

to the average internet user. But these technologies are a
huge deal for businesses.

l North Korea hackers stole $400m of cryptocurrency in 2021

(BBC)

l Attacks on these frameworks pose considerable challenges

in Cyber Security for businesses as it can compromise the
customer data and business operations.

Security Challenges
 Common Cyber Attacks
Software Vulnerabilities
l Even the most advanced software has some vulnerability that might pose
significant challenges to Cyber Security in 2020.

l Individuals and enterprises don’t usually update the software on these

devices as they find it unnecessary.

l Updating your device’s software with the latest version should be a top
priority.

l An older software version might contain patches for security vulnerabilities

that are fixed by the developers in the newer version.

l These attacks are usually carried out on a large number of individuals, like
the Windows zero-day attacks.
Security Challenges
 Common Cyber Attacks
Machine Learning & AI Attacks
l While Machine Learning and Artificial Intelligence technologies have proven
highly beneficial for massive development in various sectors, it has its
vulnerabilities as well.

l These technologies can be exploited by unlawful individuals to carry out

cyberattacks and pose threats to businesses.

l These technologies can be used to identify high-value targets among a

large dataset. Machine Learning and AI attacks are another big concern in
India.

l A sophisticated attack might prove to be too difficult to handle due to the

lack of Cyber Security expertise in our country.
Security Challenges
 Common Cyber Attacks
BOYD Policies

l Most organizations have a Bring-Your-Own-Device policy for their employees.

l If the device is running an outdated or pirated version of the software, it is already

an excellent medium for hackers to access.

l Since the method is being used for personal and professional reasons, hackers can
easily access confidential business data.

l These devices make it easier to access your private network if their security is
compromised.

l Thus, organizations should let go of BYOD policies and provide secure devices to
the employees, as such systems possess enormous challenges of Computer
Security and network compromise.

Security Challenges
 Common Cyber Attacks
Insider Attacks
l While most challenges of Cyber Security are external for businesses, there
can be instances of an inside job.

l Employees with malicious intent can leak or export confidential data to

competitors or other individuals.

l This can lead to huge financial and reputational losses for the business.

l These challenges of Computer Security can be negated by monitoring the

data and the inbound and outbound network traffic.

l Installing firewall devices for routing data through a centralized server or

limiting access to files based on job roles can help minimize the risk of
insider attacks.
Security Challenges
 Common Cyber Attacks
Outdated Hardware

l Not all challenges of Cyber Security come in the form of software attacks.

l With software developers realizing the risk of software vulnerabilities, they

offer a periodic update.

l However, these new updates might not be compatible with the hardware
of the device.

l This is what leads to outdated hardware, wherein the hardware isn’t

advanced enough to run the latest software versions.

l This leaves such devices on an older version of the software, making

them highly susceptible to cyberattacks.

Security Challenges