Cybersecurity training for employees is crucial in remote work – MRC

Welcome to Leaders Unbound, a podcast where we get the inside scoop from industry leaders! Today, we're in conversation with Mohan Ram. C, (MRC) Managing Director & Chief Mission Integrator at Forensics Intelligence Surveillance and Security Technologies (FISST).

MRC is an M.Tech graduate from Roorkee who has worked around the world before returning to India to begin his entrepreneurial journey. He has created a voice biometric platform and contact centre platforms that are currently used around the world.

What is your view on the need for cybersecurity, and how did you get on this journey?

Early on in my entrepreneurial journey, I got a call from someone inviting me to talk to the a leading investigative agency. I remember thinking it was a joke and asked them to stop calling. It was only later when I received a letter from an Embassy requesting a meeting, that I realised it was a legitimate call. When I arrived at the Embassy, I was connected to someone from the leading investigative agency who informed me that they wanted to learn more about my voice recognition software and offered me a fully funded trip to their country.

On this trip, I learnt a lot about how countries were using tools for cybersecurity. But I didn't believe developed nations needed it as much as we do. We are surrounded by threats all around – from far or neighbouring countries and others. Also, internally from various groups.

During this event, an officer was interacting with everyone, and I told him that his country didn't need this technology as much we do, and he agreed. This was where my journey began.

When I started selling, I found that people were not even aware that they were being compromised. My vision was to create awareness. We trained over 3,000 people in cybersecurity – both individuals and corporates. We have certification courses in IIT Madras called Certified Cyber Warrior and Career back to women, and hope to train 500,000 people by 2022.

How has the acceleration in Remote Working affected the Cyber Security market?

I think everyone was caught unaware by the move to remote working. Many offices weren't shut down properly, and this caused a lot of concern.

We found that most companies were highly dependent on apps like Zoom and Google meet during the lockdown, which presented cybercrime opportunities. One of the leading videos meeting apps was found to be compromised, where aside from meeting invitees, 2-3 people would be present on conference calls, something that went on from March to November.

We also found that a leading free browser had a file stealing vulnerability through an unprotected back door entry, allowing files to be stolen off android devices, with similar compromises with another browser brand.

My colleague, Dr Harish, and I conducted an audit of a public sector undertaking during the lockdown, which claimed Rs.1200 cr was missing from a PSU company, which had an Rs. 1,00,000 cr annual turnover. We conducted a forensic investigation of this case and found that the company hadn't even realised the money was missing.

Some companies have taken steps to prevent this by giving enterprise-grade, dedicated access networks to employees, preventing hacking. Others, which don't typically report crimes, have taken active measures for its prevention now.

What do organisations need to do?

The most important thing is to have cybersecurity training for your employees. While having a Chief Risk Officer, or a CISO or an information security team can contain threats, the assumption among leadership that this is sufficient is wrong. A single employee clicking the wrong link can put the entire company in danger.

One such breach occurred at high-profile public-sector office, where someone plugged in a USB that dropped 20GB of malware onto the system, taking down the entire network. Luckily this was restricted to this location and did not cause issues at other sites.

Four key steps organisations can take to help prevent such occurrences are:

1. Keep all systems up to date. Male use of patch management systems to ensure there are no possible threats
2. Don't opt for default configuration on all programs. Larger organisations should use custom settings based on their needs
3. Close remote access after usage and remove old software no longer in use as they present opportunities to hack into your system.
4. Be wary of what people on the internet have to offer. Any offer that sounds too good to be true probably is.

How prevalent are insider threats to organisations?

At a fort, you'd have layered defence. It would start with a moat filled with crocodiles, followed by a draw bridge where you let select people in. There would be high compound walls built with narrow stairs allowing offensive and defensive people to monitor the outside. You would need to cross 7 layers of defence to get to the King and Queen. This is the same model we use in cybersecurity. The simplest way to get around this is like what we see in the movies, where the traitor is already inside.

Insider threats are the easiest. You can very easily compromise a maintenance person, pay him to plug in a USB for 1-2 minutes, and you have someone who can give you access. There's only 1 admin login shared among multiple people for most organisations, and what someone does once they log on can't be tracked. There is new technology being created to track this – Private Access Management (PAM).

Final tips to keep in mind that can help prevent people from becoming victims of cybercrime - be it at Coworking spaces or Offices or WFA.

• Never click a short link. It can be a minefield. Always check the URL on google first and ensure it is HTTPS secure
• Never use public or free Wi-Fi
• Don't use USB drives that aren't your own. Programs such as USB killers can wipe a device and destroy it in 1-2 minutes
• Never panic – Panic allows you to do things you usually would not. Don't share OTP and other private info out of panic.
• Avoid using common passwords – create a pattern to your passwords that you can remember.
• While working from home, make your connection private by suppressing SSD. This reduces the chances of getting hacked.

To watch the interview - Click here