Cybersecurity Lessons From Air India's Data Breach Incident

In an exclusive article written by Sonit Jain, CEO of GajShield Infotech for SMEStreet a few important takeaways and lessons are listed which can be learned by the recent incident of Air India Customer Data breach.

author-image
SMEStreet Edit Desk
New Update
Sonit Jain, Gaj Shield

Article By Sonit Jain, CEO of GajShield Infotech 

The recent breach of about 45 lakh customer information of Air India flyers, had become headlines across Indian and around the world. Along with personal information, passport and credit card were compromised too. Though this leak is not a first of its kind in India, and would not be the last, what is different, is data was compromised from a third party ‘SITA’, a global information technology company. The cyber-attack on SITA was disclosed in February 2021, which impacted major airlines across the world, including Lufthansa, Singapore Airlines, Cathay Pacific and many more.

Though no airline systems were directly attacked, it raises concern on how cyber attackers are finding it easy to use third-party services and product providers, rather than spend effort and time penetrating the cyber defenses of an enterprise. There is a lesson in it for all of us and not just the airlines industry. Often, we leave our supply chain partners out of our security architecture leading to fatal consequences.

A holistic approach to data security is need of the hour, which not only includes the internal stake holders but also partners in the supply chain. While organization spend a lot of effort securing their enterprise network, risk assessment of partner networks is rarely done, leaving a big gap open to be compromised. As attackers start mapping supply chain providers of an organization, we will see an increase in the number of such attacks. Lack of visibility and control will leave a blind spot ready to be used against you. Cyber defenses now need to be extended beyond your network and cover their partner network, processes, and employees too.

Few steps that can be followed by enterprises to mitigate the risk involved in such attacks

  1. Limit the amount of data to be shared. While it may be a business necessity to share your customer data to a third-party, look at the risk involved in sharing such data. Can the shared data be limited? Relook at the information shared, specially, financial information like credit cards, or medical information.
  2. Do regular audit and assessment of third parties systems handling your data. You need to be diligent with third parties as you are with your own enterprise. Any weakness in this link, will only weaken your enterprise security.
  3. While outsourcing does provide value in reducing cost, you should not be locked into a single vendor. Plan your exit strategies and build redundancy in your operations. At times, heavy dependency, often leads to neglecting security as you may not want to disturb an existing running setup.
  4. It is your responsibility to ensure privacy of your customer data. Gain visibility in the threat surface of your data and how threat actors can exploit your outsourced partners to gain access to your systems or data. Enforce zero trust when allowing access to your critical systems.
  5. To maintain a good data security health work with your partner as a team. Partner employees need to follow the same policies as would your employees and made an equal stake holder in maintaining the overall data security of your organization.

As we collaborate more and more with one and other, security risk will only increase. Being aware of this risk and taking steps to ensure that everyone in the chain, who has access to your data, is equally involved in securing your data, is the only way forward. Leaving security to your supply chain will only lead to more disaster

cybersecurity Sonit Jain Air India Data Breach