Fraud Management & Cybercrime , Governance & Risk Management , Next-Generation Technologies & Secure Development
WannaCry Shows India Needs Better Incident ReportingDeloitte's Parthasarathy Shares Insights on Immediate Threat, Mitigation Strategies
Determining the exact impact in India of the WannaCry worldwide ransomware epidemic is challenging because so few organizations routinely report security incidents, says Shree Parthasarathy of Deloitte India, who hopes the incident serves as a catalyst for an enhanced cybersecurity posture (see: WannaCry Ransomware Outbreak Spreads Worldwide).
"People are cagey and don't really want to come out, and we as an industry need to possibly do more to address this, because people are worried - and they are worried the most because they don't know what's going on," he says in an interview with Information Security Media Group. Unless security incident reporting improves, organizations in India will not learn from their mistakes, he warns.
But The WannaCry ransomware's rate of spread could shock Indian organizations into taking action, he says. He hopes that the massive ransomware infection serves as a wake-up call for Indian organizations to rethink their approach to cybersecurity, taking such steps as applying patches far more promptly (see: 5 Emergency Mitigation Strategies Combat WannaCry Outbreak).
"It's a good strong warning to organizations as to what can happen, and what can ripple through the worldwide economy," he says. "It's no longer a question of if you will be the victim, but when."
In this interview (see audio player link below image), Parthasarathy:
- Sizes up the extent of the outbreak in India;
- Offers insights on prevention, detection and remediation strategies;
- Describes why more ransomware attacks will hit India unless more organizations take the necessary security steps.
Parthasarathy is partner and national leader for cyber risk at Deloitte. He has more than 20 years of experience in developing, managing and advising global enterprise clients on technology, security, risk management and compliance matters. He has consulted and provided solutions in the areas of enterprise business/technology strategy; business process optimization/re-engineering; enterprise infrastructure design and optimization; establishing and managing global business and technology operations; and change management.