Intelligent CISO Issue 9 - Page 30

editor’s question easily happen right on our own door step. And to any industry, no matter the size or focus. In fact, attacks of this nature can easily leave an organisation financially vulnerable and at major risk from an operational side – and therefore a perfect indication of why the CISO’s role will become more important in 2019. RIAAN BADENHORST, GM AT KASPERSKY LAB AFRICA W ith South Africa having recently adopted the Cybercrimes and Cybersecurity Bill, CISOs have a lot more work to do than they might have originally anticipated. The bill – which is aimed at bringing South Africa in line with other countries’ cyberlaws [to tackle] the threat of cybercrime – has also introduced new laws regarding ‘malicious’ electronic communication. The timing of this is impeccable. If we take, for example, the recent cyberattacks against industrial organisations, where a wave of financial spear-phishing emails disguised as legitimate procurement and accounting letters hit at least 400 industrial companies (ranging from oil and gas to energy and construction), all of which started back in 2017, then the lesson should be that this type of attack can 30 Additionally, with IT departments feeling the pressure to migrate 100% to the cloud due to its adoption growth, it’s clear that change is happening – and fast. It is not without risk. After surveying more than 250 IT security leaders, uncontrolled cloud expansion is the top security concern for more than half (58%) of CISOs. By using multiple cloud platforms within a hybrid cloud infrastructure, businesses can deliver CISOs need a single solution that not only provides them with a high level of security but also ensures the business’ cybersecurity layer is visible and can be managed across the whole cloud infrastructure. their products and services faster, optimise their performance and improve the reliability of their services. However, despite its advantages, cloud computing, especially when the cloud infrastructure is hosted by a third-party, may also bring additional cybersecurity challenges. An average data breach from an incident in the public cloud costs an enterprise US$1.64 million. So, while an organisation’s overall IT infrastructure becomes heterogeneous with cloud, CISOs are facing more headaches to keep their data secure and protect company finances as a result. Managing complex IT environments is also becoming even more difficult due to a lack of talent – another challenge for corporate cybersecurity. Hybrid cloud adoption requires specialists with the necessary skills to configure and manage security for all parts of the IT infrastructure. For CISOs, this results in staffing problems. More than a third (38%) claim it is difficult to recruit specialists to cope with this ‘cloud zoo’. Against this backdrop, CISOs need a single solution that not only provides them with a high level of security but also ensures the business’ cybersecurity layer is visible and can be managed across the whole cloud infrastructure, even by a limited cloud security team. The role of the CISO becomes increasingly complicated, especially given that technology connects everything, and everyone, at a click of a button, so it is therefore important to scope the business environment correctly and evaluate all challenges experienced in the previous year. If solutions are not being developed that actually fit the business and its requirements – especially with regards to security and technology trends – then business owners must evaluate the role of their CISO and the value they bring to the business. u Issue 09 | www.intelligentciso.com