cyber trends
threats detected are now identified
by supervised Machine Learning and
threat intelligence.
Organisations need to ensure they’re
fully equipped to be able to address the
multitude of challenges that lie ahead.
COVID-19 demonstrates just how fast
things can change, so much so that it
has brought about fundamental changes
to the entire functionality of businesses.
Being able to support employees is a
pre-requisite for organisations in this
potentially chaotic environment while
not forgetting the need to meet the
appropriate regulatory obligations as well
as maintaining customer security from
both a physical and data perspective.
Clearly communicating any changes
to business and security requirements,
policies and procedures are essential,
as is providing employees with a
means to flag anything that might
obstruct their route to effective
collaboration and workflow.
Using proactive intelligence capabilities
to identify and quickly make decisions
to manage risk will support business
agility. Having full visibility across
the information and communication
technology environment should also be
a priority so that you can manage risk
and mitigate threats and ultimately, make
fast decisions on how you can deal with
those threats.
Penetration testing activities, including
application testing and social
engineering, should be regularly
undertaken and being able to leverage
intelligence services also adds a realistic
approach from an attacker’s perspective.
Governance, risk and compliance
should be reviewed frequently, along
with technical and non-technical
assessments, to identify any potential
areas of weakness.
Secure at every level
The current crisis has demonstrated
the willingness of cybercriminals to
take advantage of any situation,
further emphasising the need for
organisations to focus on security that
enables their business and ensures that
it’s cyber-resilient and built on secureby-design
initiatives.
Taking a secure-by-design approach
will help to better protect organisations
from innovative attacks. In short, it’s
about focusing on what’s critical in
the organisation and putting the right
protection in place right from the
beginning – across business process,
technology, services and people.
Secure-by-design means being
cybersecurity conscious at every level of
the business, right up to board strategy
level. This involves security being core to
the overall business strategy. Adopting a
secure-by-design approach means that
the security strategy is aligned to what
the business wants to achieve, as well
as the business’ risk tolerance, while an
intelligence-driven cybersecurity posture
enables businesses to be agile in the
face of a changing threat landscape and
technology ecosystem.
In practice, rather than bolting on
security, it should be built in at the
beginning, whether that’s infrastructure
(network, data centre, clouds), in the
workplace (employees, buildings,
customer experiences) or business
transformation and innovation initiatives
(such as the Internet of Things (IoT)
or Operational Technology (OT),
Blockchain and DevSecOps).
As organisations continue their Digital
Transformation, inherently secure
solutions provide businesses with the
Being able to quickly
identify, protect and
respond to potential
threats will reduce
the time it takes to
thwart, restrict and
manage attacks and
their effects.
services or capabilities required
to cover the latest cyberthreat
protection which is of
significant value to them.
The increasing scale
of connectivity and
borderless Information
Technology means
organisations have no choice
but to evolve to address a nonstandard,
disorganised world. The
proliferation of devices, applications
and interconnection of these worlds
requires automation and faster analysis
to ensure quick and appropriate action.
As such, these procedures, controls or
policies need to be built into technology
solutions from the start to enable an
agile digital business.
Digital Transformation, cloud computing,
mobile devices, robotics, Machine
Learning (ML) and Deep Learning are
outpacing the security protections many
companies have in place and making for
a worsening threat environment.
And this is why being able to quickly
identify, protect and respond to potential
threats will reduce the time it takes to
thwart, restrict and manage attacks and
their effects. In order to achieve cyberresilience,
organisations must embrace
innovation to cope with the evolution of
the attackers and unexpected risks to
their business. u
www.intelligentciso.com | Issue 28
21