+
EDITOR’S QUESTION
/////////////////
MAYLEEN BYWATER,
SENIOR PRODUCT
MANAGER
FOR SECURITY
SOLUTIONS, VOX
I
gnoring risk is not an option. Few business leaders are
oblivious to the proliferation of cybercrime, particularly in light of
high profile events such as Petya and WannaCry. But awareness
does not always result in action, particularly when budget and skills
constraints hamper large-scale revisions of security strategy.
A complete ‘rip and replace’ of security technologies and strategies
can be a prohibitively costly exercise. In addition, with (ISC)2
predicting a shortage of around 1.8 million information security
professionals globally by 2022, there are already widespread reports of
fierce competition to attract and retain information security expertise.
In the face of these constraints, many large enterprises might opt
to simply ‘put their heads in the sand’ and hope they will not be
targeted. Some large enterprises may also have a false sense of
security due to the fact that they have information security teams
and strategies in place that ‘have always worked in the past’. And for
multitudes of small and medium-sized businesses, there is a serious
lack of awareness of cyberrisks, and inadequate skills in place to
mitigate them.
Can you afford not to?
In an environment in which increasingly
sophisticated cybercrime is proliferating,
and where there is a viable business case
for ransomware, businesses can’t afford not
to improve their cyberdefences. Potentially
vulnerable new endpoints are being brought
into the enterprise daily, through new
mobile devices, connected cameras and
authentication devices, and IoT systems.
Information security policies can become
outdated in as little as six months. And
around the world, the number of victims and
the scale of losses is growing steadily, so it’s
only a matter of time before cybercriminals
‘come knocking at your door’.
The impact can be catastrophic, lasting far
beyond the fallout from the initial breach.
www.intelligentcio.com
The real costs of cybercrime can be significantly larger than the
initial financial losses, there is reputational damage, the potential
loss of customers and partners and the real possibility that a
business may have to start again from scratch in the event that all
its core data is lost.
The good news
Reinforced cyberdefences need not require substantial capex and
restructuring. Instead, cybersecurity can be enhanced in a phased
approach, starting with core systems and key priorities such as
compliance with international standards and legislation.
“
MANY LARGE
ENTERPRISES
MIGHT OPT TO
SIMPLY ‘PUT
THEIR HEADS
IN THE SAND’
AND HOPE THEY
WILL NOT BE
TARGETED.
The support of a trusted security partner
simplifies the process of identifying quick wins
and big impact projects and offers a viable
solution to the lack of skills and infrastructure.
A low-cost, but crucial, step in improved
cybersecurity is implementing sound security
rules and policies, including post-breach
protocols. Another low-cost measure is to
educate the so-called ‘human firewall’, a key
vulnerability in most organisations.
While no security solutions can guarantee
100% impenetrability, it is possible to
deter criminals, making your enterprise
an unattractive target. Implementing the
most advanced, multi-faceted solutions
and strategies mitigates risk, supports
compliance and fosters trust among your
stakeholders, ultimately helping to grow
your business. n
INTELLIGENTCIO
37