The Shifting Sands of Cybersecurity

Uploaded on 2017-10-04 in NEWS-Cybersecurity News, FREE TO VIEW

The rise of new digital technologies in the workplace, driven by the need for businesses to become more agile and adaptable, has led to a surge in the number of endpoints and potential ways for cyber-criminals to gain access to enterprise networks. 

This has led to a major evolution of the  cyber battlefield. Today’s security teams are having to come up with new tactics to fend off the more advanced threats being levelled against their increasingly interconnected enterprise networks.

The battle against these cyber criminals was traditionally regarded as a concern for the IT department, but the widely documented breach at Sony in 2014 put cyber-crime at the top of the business agenda.

Organisations realised that a breach, compromise or attack could have a major impact on business performance, brand perception and, most importantly, the financial bottom line.

Security became an enterprise-wide issue that needed addressing, and managing risk, a business priority. However, even after the Sony attack, security hadn’t necessarily become the board-level concern that it is today.

More recent attacks such as the crippling WannaCry and more recent NotPetya ransomware outbreaks have highlighted that an attack doesn’t need to be against a specific organisation to create chaos and cost millions. In WannaCry’s case, this attack affected huge organisations, such as the NHS, Telefonica and other large multinational enterprises, to devastating effect.

If board members weren’t paying enough attention to the need for better cyber-security defenses before, they certainly are now.

Additionally, changes in regulation and compliance requirements, alongside a better understanding of the potential reputational risk of a breach, has highlighted why security must be top of the agenda, not just for the board, but for every employee and supplier.

With this in mind, there have been three key shifts have taken place in the wake of recent large scale cyber-attacks:

Security’s outreach has increased: No longer just the concern of the IT geek in the backroom, security now impacts everyone and has an expansive view. Its horizon is absolutely linked to business operations, whether local, regional or even global, and every department it touches.

It has the power to break down the silos that enterprises often operate within; increasing interaction across departments, so that assets that need protecting are identified, reducing the impact of a future attack. However, its reach stretches beyond the confines of the core of the business, out to the edge where data (held in the cloud, on mobile devices and generated by IoT) is in transit and potentially a moving cyber target.

Adaptive enterprises are leveraging digital transformation and that impacts how they also use security, linking it back to business objectives; enabling disruptive business models such as mobile banking, and strengthening their focus on cyber-threats.

Security is built into innovation: IT security is no longer a barrier to change, hindering the adoption of new processes and the adaption of innovative technologies.

In fact, security is front and center in the new digital world. It is accelerating ‘speed of service’; embedded in Software Defined Networks (SDN); enabling wider, seamless and secure access to data in the Internet of Things (IoT) and much more. Security is now a pre-requisite, built into new technologies and devices from the outset.

Security has to be responsive, agile, and intelligent: Speed and agility are not the only assets IT security needs to harness. It also needs to act smarter and be more effective, often in the face of reduced budgets.

Managing security in the digital world involves the gathering, synthesis and analysis of security data as standard. It’s no longer just about the data, but what the data can tell us.

Those providers that can leverage insight, intelligence services within a global network view will be at the forefront of the next generation of security services, improving cyber-threat visibility and mitigating risk.

This will separate the security intelligence provider market into those who just collect data, and those with the foresight and expertise to deliver intelligent insights.

We might not have a crystal ball, but we do know that innovation and digitisation will not stop. They will continue to grow at an exponential pace, and remain crucial for business success.

For businesses to stay relevant now and in the future means embracing new technologies, defining strategies that deliver (and exceed) on customer experience, and taking a proactive security approach.  

Verizon’s 2017 Data Breach report shows that the same threat tactics are still effective in infiltrating data, because many organisations are missing foundational security tools and processes.

Faced with the increasing threat of cybercrime, businesses can’t be reactive anymore. They must look towards improving their cybersecurity systems, as there is too much at stake, no one wants to become a victim of the next WannaCry or Petya.

Infosecurity:

You Might Also Read: 

Cyber Criminals Have Access To Weapons Grade Hacking Tools:

WannaCry Drives Cyber Insurance:

 

« What is Big Data?
A Global Issue: Cybercrime In Singapore »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Akin Gump Strauss Hauer & Feld

Akin Gump Strauss Hauer & Feld

Akin is a leading global law firm providing innovative legal services and business solutions to individuals and institutions. Practice areas include Cybersecurity, Privacy and Data Protection.

CFC Underwriting

CFC Underwriting

CFC is a specialist insurance provider and a pioneer in emerging risk, including cyber insurance.

PROMIA

PROMIA

PROMIA is in the business of providing solutions that are designed to support highly secure, reliable, scalable and interoperable business applications.

Cygilant

Cygilant

Cygilant is a SOC2 certified service provider that combines MSSP and Incident Detection and Response (IDR) capabilities managed by global SOCs staffed with trained security engineers.

Ericom Software

Ericom Software

Ericom is a global leader in securing and connecting the digital workspace, offering solutions that secure browsing, and optimize desktop and application delivery to any device, anywhere.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

ShorePoint

ShorePoint

ShorePoint is an elite cybersecurity firm dedicated to improving the cyber resilience of Federal agencies and their missions.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

PCS Security (PCSS)

PCS Security (PCSS)

PCS Security provides secure, reliable and state-of-the-art security solutions to help our customers address their security concerns.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

Central Intelligence Agency (CIA)

Central Intelligence Agency (CIA)

The CIA is an independent agency responsible for providing national security intelligence to senior US policymakers. This includes cyber security related activities.

LevelBlue

LevelBlue

LevelBlue simplify cybersecurity through award-winning managed security services, experienced strategic consulting, threat intelligence and renowned research.

CyberAI Group

CyberAI Group

CyberAI's mission is to pioneer the evolution of the cybersecurity landscape globally, by strategically acquiring and elevating IT consulting firms into leaders of cybersecurity innovation.

Atlas Systems

Atlas Systems

Atlas Systems helps companies large and small accelerate their digital transformation journeys – expanding their capabilities and delivering tailored solutions including cybersecurity.

Lithuanian Cyber Command (LTCYBERCOM)

Lithuanian Cyber Command (LTCYBERCOM)

The Lithuanian Cyber Command is responsible for planning and execution of operations in cyberspace and installation of strategic and operational communications and information systems.