Advertisement

  • News
  • Columns
  • Interviews
  • BW Communities
  • Events
  • BW TV
  • Subscribe to Print
BW Businessworld

Overcoming Security Challenges With An Integrated Approach

The problem does not arise because the security staff are not good at their jobs, but because the job itself has become immensely challenging. There are several factors at play here:

Photo Credit :

3481460462259Cyber-Security-shutterstock_122785957.jpg

Cyber Security - shutterstock_122785957

What do Chief information Security Officers (CISOs) have in common?  Staying ahead or even keeping pace with the increasingly sophisticated threats, overly complex defenses, and new regulations that are affecting the cyber security industry. 

Organisations face threats in many forms and sizes. And sometimes the attacks are so complex that the people working in the front lines of cyber security are not even aware that they have been breached, thus compromising their response strategy. 

If this is not enough, the rising mobility of the workforce, adoption of cloud and the proliferation of Internet of Things (IoT) is resulting in heterogeneity of enterprise environments. This means information today is more dispersed, and much more difficult to manage and secure. This is aggravated by the fact that the volume of digital information being generated is also exploding. 

Information explosion in enterprises today is particularly in the form of unstructured data; for example, spreadsheets, documents and emails that do not reside in traditional databases. IDC1 predicts 80 percent of worldwide data will be unstructured by 2025. For many large enterprises, they have breached that critical mass already. 

This deluge of unstructured data is much more difficult to manage and secure. Compounded by trends such as cloud computing and virtualization, enterprises today are struggling to manage the mounting volumes of information stored and accessed across multiple devices and locations while facing potential security risks from both outside and within. 

Does this mean that the security professionals are not doing their jobs well?

The problem does not arise because the security staff are not good at their jobs, but because the job itself has become immensely challenging. There are several factors at play here:

  • The threat of data protection fines worth crores
  • Matching wits with increasingly well-resourced “bad” guys
  • Plugging a widening skills gap
  • Being accountable for the security of an increasingly complex and extensive IT estate, while not having meaningful control of the same 
  • Having to fight to retain the already insufficient budget
  • Taking on responsibility for increasing regulatory requirements
  • Constant fear of being breached and sometimes not even knowing about it for a long time 

The fact is that current security infrastructure is becoming almost irrelevant and the age-old solutions are not cutting it.  The industry needs to provide a more holistic approach to cyber security, one that works across devices, networks, applications and clouds. CISOs don’t have the time or the resources to waste trying to jerry rig increasingly outdated systems. 

A Better Approach – Think Integrated

Just as security complexities are increasing, cybercriminals are getting smarter, more determined, better funded and are working together to build more powerful tools. We must, therefore, do things differently.

The current approach to security tooling and strategy is creating more problems than it can solve. The result is a patchwork of toolsets, telemetry and protection that increases overheads, bogs down technical talent, slows down digital transformation and fails to correlate information effectively. Each tool has its own corner of the universe to deal with, and there is not enough oversight of enterprise risk. Over the years, as new vulnerabilities and technologies emerged, so did new approaches of security and protection. This led to the seismic shift in cyber security. 

So, what does this mean?

Security professionals are demanding an integrated approach, with best of breed tools paired with centralised management, reporting and shared telemetry across every layer of defense. At the heart of that is a platform that provides comprehensive defense across all parts of the cyber security spectrum.

Due to the fast-moving nature of the cyber security landscape, and the practicalities of managing systems across large organisations, it must be an extremely flexible platform; able to rapidly deploy new modules, plug in legacy systems and integrate new point solutions from a variety of vendors.

A mature, well-integrated cyber security function has the power to enable a business to take advantage of the wide-spread transformation taking place in technology today. Companies must address the complexity within their own cyber defense structures if they are to adopt a more strategic approach and protect their resources.

Disclaimer: The views expressed in the article above are those of the authors' and do not necessarily represent or reflect the views of this publishing house. Unless otherwise noted, the author is writing in his/her personal capacity. They are not intended and should not be thought to represent official ideas, attitudes, or policies of any agency or institution.


Tags assigned to this article:
cybercrime

Gaurav Agarwal

The author is Managing Director, INDIA & SAARC, Symantec

More From The Author >>
sentifi.com

Top themes and market attention on: