“One thing that everybody who deals with cyber security should keep in mind— we have to get to a place where security is not a bolted-on feature but it is something that is designed in from the beginning. It is something that we call configuration management.”

Many of the security vulnerabilities that have been seen in the industry previously have all been traced back to misconfigurations and simple errors that can be easily controlled. Configuration errors are very critical that must be set right. As specified by Dr. Prasanna Mulgaonkar, Global CEO, Cloud Raxak, “The beauty of configuration errors is that they are the easiest to get right if you set your mind to it. Always keep your eyes open, be watchful and observant of what is happening elsewhere. There are always going to be attacks, bugs on the code and vulnerabilities but once you know that it has happened, make sure that you are vigilant and don’t become a victim of the same again.”

Dr. Mulgaonkar is dedicated to make enterprise cloud assets secure with Cloud Raxak. The company deals with automating and simplifying security compliance across traditional IT, private and public clouds. According to Dr. Mulgaonkar, the company was founded five years ago with a very simple realization that what most people in this industry get wrong or overlook in security are the simplest of things that can be done consistently and make security posture very secure than it is was earlier.

The Four C’s To Security

He says that the challenges of security configuration management are only about maintenance. “One needs to maintain Consistent, Comprehensive, Continuous and Collaborative security by learning from the industry and following practices. Do not, however, try to reinvent and take shortcuts. If these four factors are not worked upon then businesses are vulnerable and it gives a false sense of security so make sure of keeping a tab on these. If these four steps are practiced correctly and proactively in an automated manner while keeping the human element out of it as much as possible then they can raise the security bar substantially.”

It is true that the connected world is a scary place especially in terms of security so businesses should refrain from skipping the basics. “People tend to think of security as a cost and worry about other elements involved such as regulators’ probe. But in fact, you can make security a positive element of your business as it reduces your cyber risks. The business impact of doing this correctly is immensely positive since less capital is required in reserve because lesser things will go wrong then and the insurance cost is also lowered down as cyber insurance improves. Similarly if the cost is lowed by automation and doing things proactively and continuously then the manual energy can be focused core competence as opposed to security.” he added.

There are multiple business reasons for doing security correctly. If businesses think about security as something that should be done proactively in automated fashion then they cannot just play a defensive game of insurance but actually make their operations more efficient. Cybersecurity is a huge field wherein technology keeps changing and the number of attacks keep going up. Clearly at the end of the day there are going to be vulnerabilities that the IT team of an enterprise would not know about so that’s where Dr. Mulgaonkar’s four C’s deem like a lifeline.