editor’s question
easily happen right on
our own door step.
And to any industry,
no matter the size or
focus.
In fact, attacks of
this nature can easily
leave an organisation
financially vulnerable
and at major risk from
an operational side –
and therefore a perfect
indication of why the
CISO’s role will become more
important in 2019.
RIAAN
BADENHORST,
GM AT
KASPERSKY
LAB AFRICA
W
ith South Africa
having recently
adopted the
Cybercrimes and
Cybersecurity
Bill, CISOs
have a lot more
work to do than they might have
originally anticipated. The bill – which
is aimed at bringing South Africa in
line with other countries’ cyberlaws [to
tackle] the threat of cybercrime – has
also introduced new laws regarding
‘malicious’ electronic communication.
The timing of this is impeccable.
If we take, for example, the recent
cyberattacks against industrial
organisations, where a wave of financial
spear-phishing emails disguised as
legitimate procurement and accounting
letters hit at least 400 industrial
companies (ranging from oil and gas to
energy and construction), all of which
started back in 2017, then the lesson
should be that this type of attack can
30
Additionally, with IT departments feeling
the pressure to migrate 100% to the
cloud due to its adoption growth, it’s
clear that change is happening – and
fast. It is not without risk. After surveying
more than 250 IT security leaders,
uncontrolled cloud expansion is the
top security concern for more than
half (58%) of CISOs. By using multiple
cloud platforms within a hybrid cloud
infrastructure, businesses can deliver
CISOs need a
single solution that
not only provides
them with a high
level of security
but also ensures
the business’
cybersecurity layer
is visible and can
be managed across
the whole cloud
infrastructure.
their products and services faster,
optimise their performance and improve
the reliability of their services.
However, despite its advantages, cloud
computing, especially when the cloud
infrastructure is hosted by a third-party,
may also bring additional cybersecurity
challenges. An average data breach from
an incident in the public cloud costs an
enterprise US$1.64 million.
So, while an organisation’s overall IT
infrastructure becomes heterogeneous
with cloud, CISOs are facing more
headaches to keep their data secure and
protect company finances as a result.
Managing complex IT environments is
also becoming even more difficult due
to a lack of talent – another challenge
for corporate cybersecurity. Hybrid
cloud adoption requires specialists
with the necessary skills to configure
and manage security for all parts of
the IT infrastructure. For CISOs, this
results in staffing problems. More than a
third (38%) claim it is difficult to recruit
specialists to cope with this ‘cloud zoo’.
Against this backdrop, CISOs need a
single solution that not only provides
them with a high level of security
but also ensures the business’
cybersecurity layer is visible and can
be managed across the whole cloud
infrastructure, even by a limited cloud
security team.
The role of the CISO becomes
increasingly complicated, especially
given that technology connects
everything, and everyone, at a click of
a button, so it is therefore important
to scope the business environment
correctly and evaluate all challenges
experienced in the previous year.
If solutions are not being developed
that actually fit the business and its
requirements – especially with regards
to security and technology trends – then
business owners must evaluate the role
of their CISO and the value they bring to
the business. u
Issue 09
|
www.intelligentciso.com