The recent surge of data breaches in different Indian companies has left security stakeholders worried. It is a clear indicator that enterprises will have to do much more to ensure they keep sensitive customer data safe.
Perhaps, the most newsworthy among these has been the data breach at BigBasket, one of India’s top online grocery stores. Reports suggested that sensitive details (full name, email IDs, password hashes, etc.) of over 20 million BigBasket users were put up for sale on the dark web for USD 40,000. BigBasket acknowledged the data breach and assured its customers that financial details had not been leaked as the company only stored data like phone numbers and addresses.
Government concerns about a large number of cyberattacks
This year, in particular, has seen a range of cyberattacks targeting sensitive data of various organizations with the attackers aiming to take advantage of the chaos and confusion created due to the ongoing COVID-19 pandemic. From reports of data leaked from the personal website of India’s PM Narendra Modi to security breaches at Dunzo and White Hat Jr to cyberattacks on pharma companies like Dr. Reddy’s and Lupin, even the Government of India has become concerned.
According to a report in the New Indian Express, a senior government official spoke of the government’s concern of these many data breaches and suggested that there would be regulatory follow-up actions to ensure that customer data was kept safely.
Data protection is one of the key highlights of India’s proposed Data Protection Bill which is currently being evaluated by a Joint Parliamentary Committee. However, enterprises cannot wait for a formal law to be passed – the protection of sensitive customer data is a critical parameter that can decide success or failure. Apart from just the financial pitfalls of customer data being leaked, these data breaches can lead to a storm of negative media coverage which can inordinately damage a company’s reputation.
Data protection has to be a key priority!
With many enterprises still operating with Work From Home (WFH) staff, the risks become even more apparent. At Seqrite, we had previously done an explainer on the many ways in which organizations are vulnerable to data breaches due to WFH employees. You can read the entire article here, but the summary is:
- Deployment risks continue to be a major challenge and it is quite realistic to assume that there wasn’t a foolproof migration from a work environment to a home setup. It is also important to keep in mind that a consequent migration from home to work could also lead to gaps in an enterprise’s cybersecurity framework.
- The Bring Your Own Devices (BYOD) policy is a major challenge as it means employees use company data on personal devices. The risk of data exfiltration is high.
- Carelessness on the part of employees when it comes to cybersecurity is a big risk. In many cases, employees simply don’t care about cybersecurity and don’t follow precautions.
Keeping sensitive customer data safe has to be a top priority for enterprises. Seqrite Endpoint Security (EPS) offers a host of powerful features including Ransomware Protection, Data Loss Prevention and Phishing Protections, to ensure enterprises have the best protection when it comes to securing their data.