Infosys CISO Vishal Salvi prescribes strategy to deal with Ransomware attacks

by | Sep 14, 2017

When a certain Indian organisation was hit by Petya ransomware, it took a month to recover 60 – 70 percent of its data from backups.  The organisation was not entirely prepared to face an attack on its IT assets, and the startling fact was that, even the online backup of its data was impacted. What then should organisations do to prepare for such attacks? This story was told by Vishal Salvi, CISO Infosys, at Trend Micro’s CLOUDSEC 2017 event in Mumbai (Twitter: #Cloudsec.) Vishal also prescribed a strategy for organisations and said that they need to think a lot differently. Vishal is a respected individual in the world of Information Security and has served organisations like PwC and HDFC Bank in India.

“The issue was about recovery and getting apps back. When online backups also get corrupted then the recovery takes longer,” said Vishal. “Organisations should look at Business Continuity and think about different scenarios where data corruption can occur. Have you thought about a scenario where even your online backup can get corrupted? Your tech team will not be able to handle a situation of that magnitude, and your business will be down.”

Strategy

Vishal advises organisations to consider the following when devising a strategy to counter ransomware and other attacks in the digital age:

  • Zero tolerance for IT hygiene. When incidents or events occur, respond immediately. Change your SLAs in terms of how you do patch management, admin access, and AV signature updates.
  • How do you do network segmentation? Divide and rule. Backup on different OS platforms.
  • Don’t wait for the incident to happen.
  • Build advance threat protection.
  • Build cyber resilience.
  • Create a resilient backup strategy.
  • Build a threat intelligence platform. Understand what is happening around the world and identify what is immediately actionable, rather than trying to do everything at once. Strengthen threat hunting capability.

The writer was hosted by Trend Micro at CLOUDSEC 2017.

Share This Article!

Brian Pereira
Brian Pereira
Brian Pereira is an Indian journalist and editor based in Mumbai. He founded Digital Creed in 2015. A technology buff, former computer instructor, and software developer, Brian has 30 years of journalism experience (since 1994). Brian is also the former Editor of CHIP India, InformationWeek India and CISO Mag. He has written for India's leading newspapers such as The Times of India and The Indian Express. Presently, he serves the Information Security Media Group, as Sr. Executive Editor. You'll find his most current work on CIO Inc. Brian writes on a wide range of topics like aviation, drones, cybersecurity, tech startups, cloud, data center, AI/ML/Gen AI, IoT, Blockchain etc. He is also a certified security professional - EC-Council and ISC2. Follow Brian on Twitter (@creed_digital) and LinkedIn. Email Brian at: [email protected]
Recommended Posts
The Rise of AI Agents in Business

AI agents are revolutionizing how businesses operate, innovate, and engage with customers while reshaping workforce dynamics and decision-making processes.

Similar Articles

Return to Business as Unusual
Return to Business as Unusual

Remote working is no longer a benefit, luxury or convenience. It’s also more than a current make-do for organizations looking to conduct business as usual.