// EDITOR ’ S QUESTION ?
AMMAR ENAYA , REGIONAL DIRECTOR – MIDDLE EAST , TURKEY & NORTH AFRICA ( METNA ) AT VECTRA
O rganisations are increasingly transforming into ‘ digital businesses ’, where almost all of their operations are conducted online – documents created , stored and edited in the cloud , communications via email , meetings held over Skype or Zoom . This has considerably expanded the attack surface for cybercriminals and , at the same time , the threat landscape is continuously changing , while data privacy regulations are getting tighter .
On the flip side , businesses , particularly small and medium enterprises ( SMEs ), have limited time , money , people and skills with which to secure their operations . The convergence of these factors creates a compelling argument for pulling in expert assistance to help define , and in some cases operate , elements of a security programme , for many organisations .
For example , small businesses are unlikely to have the security resources or expertise in-house to perform any security operations , or perhaps even define their requirements . So these organisations will look to outsource the operation defensive controls and rely on the security provider to alert and advise them in the case of incidents .
Medium-sized businesses have an increased security awareness and maturity and take a more active role in defining their security operations needs but look to outsource much , if not all , of their operations . Such help can be sourced from specialist value added resellers ,
Intelligent SME . tech
DO THE SECURITY BASICS
FIRST AND DO THEM WELL .
Managed Security Service Providers ( MSSPs ) or from security tool vendors as a service wrapper to augment in-house operations .
Do the security basics first and do them well . This includes perimeter security ( firewalls ), access controls ( MFA ) and endpoint controls ( AV / malware defences ). Don ’ t forget about users – they ’ re your biggest attack surface and first line of defence , so ensure you do regular security training with them and embed security into the business culture , rather than just seeing it as an IT or ‘ technology ’ issue .
Next , look to mature your security posture with detection and response , possibly threat intelligence and analytics . Using automation where possible can create new efficiencies and new ways to improve efficacy of cyber capabilities . For example , we ’ re seeing increased use of AI to automate threat detection and response , and in automating some or all of the steps needed for response and remediation , to significantly reduce security analyst workload and shrink the time it takes to remediate . This can be the difference between a contained incident or a full-blown breach . Automation doesn ’ t replace humans though , it augments them .
If I have to leave you with one takeaway , it is that you can outsource much of the heavy lifting of security operations but the organisational learning and contextual knowledge cannot be outsourced , which is why you must not outsource ultimate responsibility for cybersecurity when you outsource your security operations . With the trend of cybercriminals looking at third party suppliers of large enterprises as easier targets , SMEs cannot afford to underestimate their cybersecurity responsibilities . �
DON ’ T FORGET ABOUT USERS – THEY ’ RE YOUR BIGGEST ATTACK SURFACE AND FIRST LINE OF DEFENCE .