A recent Ponemon Institute survey on Post Quantum Cryptography revealed that while the majority of most IT leaders are concerned about the impact risk of “harvest now, decrypt later” cyberattacks, business executives are still not aware of the present implications of quantum computing. It also revealed that the majority of organizations lack clarity in ownership, budget, and strategy for PQC preparation. We also expect a rise in sophisticated software supply chain attacks in India.
In order to build resilience into the business value chain, the software supply chain will need to become more robust, with inspections at various points of delivery. The composition of embedded software will add transparency with the increasing adoption of software bills of materials.
As cyber threats evolve, organizations would need to blend in innovation and operational hygiene into their Security hygiene. For example, the basics will always be important. Best practices like Encryption, Software Updates, Patch Management, network segmentation, continuous monitoring of security logs are table stakes.
What can Indian businesses do to stay ahead?
In 2024, the field of cybersecurity will undergo significant changes as a result of artificial intelligence’s influence on the speed and adaptability of cyberattacks, as well as on matters concerning identity and origin.
To stay ahead of the threats, a Zero trust architecture in enterprise security is crucial. A “Never trust, always verify” architecture should be adopted across information technology, product security, and consumer ecosystems, replacing networks and VPNs that formerly provided implicit trust to their users. In line with this, we expect the use of certificate-mediated authentication to deliver identity, integrity and encryption to application and data interactions will continue to grow.
Some of the recommendations for Indian businesses are :
Make Digital Trust a Strategic Initiative: PKI and Cryptography, are fundamentally the glue that binds the digital world. With all the changes happening around us, in the realm of cloud computing, IoT, Gen AI, Transversal Technologies and more, it is time to exploit the humble PKI as a strategic lever, not an IT only function. Since businesses run on the above technologies, this is the easiest way to move Digital Trust from an IT to a Business function.
Establish a Digital Trust Office, run by a Digital /Chief Trust Officer: This is a trend that has been emerging globally recently. As organizations digitize, there is a need to holistically manage security, compliance, privacy and digital operations. Not surprisingly, the rise of the Chief Trust Officer is intertwined not only with customer engagement but also adding to ( or subtracting from ) the bottom line.
Invest in a Digital Trust Audit: This is a good starting point to assess where an enterprise is in its Digital Trust journey. Such an audit would encompass discovery across security, compliance, operations, certificate lifecycle management. Simply put, this is the first step towards building a Digital Trust architecture.
How can Indian businesses refine their strategy?
In 2024, encryption and digital certificates are expected to assume heightened significance in safeguarding digital environments, given the rising sophistication of cyber threats. Indian businesses also need to choose reputable cloud service providers with a strong track record in security. This should be in tandem with the implementation of access controls, encryption, and activity monitoring within the cloud environment. Regular audit permissions and configurations ensure compliance with security policies.
What remains crucial is to develop a comprehensive incident response plan that outlines the steps to take in case of a security breach. Indian businesses need to regularly conduct security audits and vulnerability assessments to identify and address potential weaknesses in the infrastructure.
DigiCert as a trusted partner
At DigiCert, we are dedicated to enhancing data protection for Indian enterprises. Our strategic approach involves introducing cutting-edge encryption solutions designed specifically to address the distinctive challenges encountered by businesses in India. Our advanced digital trust solutions, including encryption options, SSL certificates, and strong authentication services, empower both businesses and individuals in India to protect their sensitive data, transactions, and online communications effectively. Moreover, we will persist in refining our digital certificate options, equipping Indian organizations with strong authentication and encryption tools to uphold a secure online atmosphere.