|Changed threat perceptions for the ‘borderless’ enterpriseThe modern business enterprise runs advanced IT infrastructure and applications to connect employees, business partners and customers, very often in real time. This enables stakeholders to connect seamlessly and collaborate on a range of processes from product design and engineering, marketing and distribution to order processing, delivery, installation, user training et al.However, with this new ‘connectedness’ comes the challenge of increased security threats from cyber attacks in the shape of:
and many more…
This rapidly evolving enterprise technology environment makes it more important than ever for CIOs to get a handle on what the real risks are within ones IT ecosystem. The problem is made more complex by the sheer volume — and value — of data, both structured and unstructured, that is produced by one’s organization’s business processes and relied upon for much of the company’s decision-making practices.
Malware and hacking attacks that steal e-mail contacts, passwords and other personal information are passe. A new, more insidious type of attack, one that preys on the entire corporate network, either to bring it down completely or work slowly to pilfer valuable business data, contacts or customer information is becoming widely prevalent.
So the challenge for many organizations remains one of dispelling the idea that IT security is just another technology support function but is something that has to be designed to protect the whole enterprise. This involves being able to communicate to the business that the cyber-threat is a real and present danger to the organization. It is also important because many organizations are moving to outsourced IT or the Cloud and this brings additional IT security challenges.
The increasing trend towards BYOD and the proliferation of tablets and other end user devices that can be connected to the corporate network has increased the risks of data loss.
Traditionally within information security, internal threats have always been touted as the greatest threat an organization should focus on. However, increased attention around external threats and high profile breaches combined with both the customer and business units increased expectations around information protection have shifted the focus towards the external threat.
With this increased focus around the external threat, it has been observed that focus is shifting towards risk management. Moving forward, organizations are expected to spend more on reduction of potential future risk, and less on mitigation of current threats. Given the dynamic nature of the challenge, measuring the state of security within an organization and knowing where one is, is increasingly important.
In such a scenario how should a CIO / CISO plan out his / her security strategy? For starters, he /she would be well advised to have a holistic, enterprisewide view of IT security management rather than low level, end-point threat protection alone. The rationale behind this approach is that threats to organizations are both targeted and persistent. If the threat is blocked in one way the attacker will continue to look for other approaches that bypass the block. Therefore, a behavioural analysis of events to glean what is happening around and inside the organization’s network and systems is a better indicator of an imminent attack, rather than monitoring an attack in progress. The former, proactive approach often provides the much needed security intelligence to counter threats and minimize risk over a sustained time horizon.
In summary the risk of cyber-threats to enterprises is on the rise, and it is clear that IT security professionals need to do a better job of explaining these risks in clear business terms.
Four Key Questions for the Enterprise CIO / CISO
According to CMR, in this scenario, few key questions that every CIO (Chief Information Officer) / CISO (Chief Information Security Officer) needs to continuously evaluate and answer are:
Need of the Hour! Solutions to combat current security threats, anticipate and mitigate overall enterprise risk
According to CMR (CyberMedia Research) organizations need to implement solutions, processes and risk management techniques that are environment-aware, require less human intervention and are able to anticipate potential threats likely to emerge in future. IT and business leaders of progressive organizations recognize that the right mix of policies, processes, people and technology, together play a vital role in proactively protecting information infrastructure, sensitive assets and data which is the lifeline of any business today.
IRM, SIEM, anti phishing and anti malware as a service, cyber intelligence, host based, network and cloud security and forensics etc. are new ways to mitigate and deal with cyber attacks and threats.
Therefore, it is clear that enterprises need to build a security architecture that can respond to today’s as well as envisaged future threats specific to their organization and business domain.