By Ambarish Kumar Singh, Chief Information Security Officer (CISO) at Godrej & Boyce
Zero Day terminology is very popular in the Cybersecurity world and most of us are really scared about what will happen when Zero Day vulnerability gets exploited. There are security technologies that claim to address near zero day or kind of zero-day vulnerabilities based on the pattern/changes being made in the memory/ registry/processes/tasks etc.
Many of us have invested a lot in such technologies, many are planning and those who cannot afford these costly so-called next-generation technologies are always blaming management for not giving enough funds for the same.
What I Feel About Zero Day
In my opinion, we need not make a very special preparation to handle Zero Day. My thought is based on a simple assumption about what and how much we can prepare for something unknown and where the likelihood of success is near zero. So, why should we allocate time and resources to them first? What we must do is to keep the fundamentals strong including Cyber defence.
Some Examples to Support My Thoughts
1) COVID-19 is a perfect example of zero-day vulnerability getting exploited. Today no doubt, we as a world have made huge progress in the medical field and most of the countries have those facilities.
The condition of medical facilities and the healthcare ecosystem is comparatively better in developed countries. But the facts regarding death and infection cases due to COVID-19 in developed countries and developing countries are in front of us.
This tells us that no matter how much you have invested in technology/research, zero-day vulnerability will get exploited and it will have an impact. The degree of impact can be reduced by taking certain measures which are very basic in nature.
To counter COVID-19, we are all aware of basic measures such as cleaning of hands frequently, using sanitisers, covering your mouth while sneezing, etc. which are very basic but at the same time very effective.
2) No matter how much exercise we do, the healthy food we eat, and maintain a healthy lifestyle, no one can guarantee that we will not get any disease. We have seen a lot of very famous personalities all over the world dying at an early age due to life-threatening diseases and many are suffering currently too.
They had/have all the money and resources and are still suffering from such diseases.
What Can We Do?
In my opinion, what we can do to be ready to handle any life-threatening disease that might exploit our Zero Day vulnerabilities, we can take care of our health by doing regular exercises, eating healthy, getting regular medical check-ups done, maintaining work-life balance, getting medical insurance and keep a positive attitude towards life. In the same way, from a Cybersecurity standpoint, we must focus on basic security controls as mentioned below and mature the same over a period of time:
- Identity and Access Management (People + Technology)
- Risk Management (Process)
- Vulnerability Management (Technology)
- Endpoint security (Technology)
- Perimeter Security (Technology)
- Regular assessments (Process + People)
- Red teaming (Technology + People)
- Proactive monitoring (SOC) (Technology + People+ Processes)
- Third-party Management (Process)
- Secure SDLC (Technology + Processes + People)
- Security evangelization (People)
- Incident Response (People)
- Data Protection (People + Technology + Processes)
- Bug Bounty etc. and many more ………
We must ensure that People, Processes, and Technologies complement each other and make sure that every single day, adequate measures are being taken to move the security maturity needle. In this way, we will be able to limit the impact of zero-day attacks. We need to make balanced security investments in all the well-known pillars of the NIST Cybersecurity Framework i.e. Identify, Protect, Detect, Respond, and Recover.
Please remember that cybersecurity is a collective responsibility and all users in the organizations must own this and act responsibly – to Pause, Think, and act.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.