sb-au logo
Story image

How digitisation is changing the security landscape

16 Jan 2018

Article by Verizon Enterprise Solutions' managing principal of Investigative Response for APJ, Ashish Thapar.

Over the last few years we have seen a drastic change in how businesses are using technology to achieve their objectives. Workflow digitisation and the transformation of IT systems have placed major demands on IT infrastructure and significantly impacted business models.

The meteoric growth of mobile devices, migration to cloud, emergence of Internet of Things (IoT) and Software Defined Networks (SDN) have created better customer experiences and greater access to information throughout the business ecosystem. This in turn is promising for the Australian economy, with IoT Alliance Australia predicting a $116 billion boost by 2025.  

However, this increased access presents more targets for attackers and has created unprecedented security challenges, leaving organisations more vulnerable than ever before. Security concerns now touch every part of a business – including the boardroom – and with Australia’s complex mandatory data breach notification laws coming into effect in February, the growing security pressures of the digital age are evident.

In recent years, large-scale hacks have put cybercrime at the top of the business agenda. From mid-May through July 2017, Equifax was victim to a breach that exposed sensitive personal information of 145.5 million American consumers. A 2014 hack on Sony Pictures was widely reported, as was the recently documented Uber hack.

Organisations have realised that a breach, compromise or attack could have a major impact on business performance, brand perception and ultimately the financial bottom line. Security has become a company-wide issue that needs to be addressed and managing risk has become a business priority.

IT security has evolved dramatically, with three key shifts taking place:

Security’s outreach has increased.  No longer just the concern of the IT guys in the back room, security now impacts everyone. It is profoundly linked to all departments and a business’s operations as a whole, holding the power to increase interaction across teams and break down the traditional barriers in which an enterprise often operates. This in turn helps identify assets that need protecting and can reduce the risk of a future attack.

Security’s reach also extends to the edge of a business, where data held in the cloud, on mobile devices and generated by IoT is in transit and potentially a moving cyber target.

More and more businesses are leveraging digital transformation, which in turn impacts how they use security – linking it back to their business objectives; enabling disruptive business models and strengthening their focus on cyber threats.

Security is built into innovation. IT security was once considered a barrier to change that hindered the adoption of new processes and the adoption of innovative technologies. But now, security is front and center in the new digital world.

It is accelerating ‘speed of service’ – embedded in SDN – enabling wider, consistent and secure access to data in the IoT and much more. Security is a now a pre-requisite, being built into new technologies and devices from the get go.

Security has to be responsive, agile, and intelligent.  Security needs to be more than just fast and agile. It also needs to act smarter and be more effective, particularly in the face of reduced budgets.

Managing security in the digital world involves the gathering, synthesis and analysis of security data as standard – and is no longer just about the data, but what the data can tell us.

The providers who propel their way to the forefront of the next generation of security services will be those who best leverage insight and intelligence services. This will split the security intelligence provider market into those who just collect data, and those with the proactivity and readiness to deliver intelligent insights.

So, what next?

Innovation and digitisation aren’t going anywhere. They will continue to grow exponentially and remain crucial for business success. In order to stay relevant, businesses must embrace new technologies, define strategies that deliver and exceed customer expectations and take a proactive security approach.

Verizon’s 2017 Data Breach Investigations Report shows that the same old threat tactics are still effective at infiltrating data. This year’s DBIR found that around 1 in 14 users were still falling for phishing, tricked into following a link or opening an attachment — and a quarter of those went on to be duped more than once.

The report also found that 80% of hacking-related breaches leveraged either stolen passwords and/or weak or guessable passwords. Faced with daily cyber security threats, businesses can no longer simply be reactive – there is too much at stake.

Having a security partner that can demonstrate the ability to detect, respond, mitigate and prevent threats is crucial. Attackers are persistent and continuously improve their skills – so security providers must remain on the front foot to identify threats before they come knocking.

It is important to remember that no organisation, no matter its sector or size, is immune to cybercrime.

Story image
How security awareness training can safeguard companies from cyber-attacks
Training goes a long way in embedding a culture of cybersecurity compliance within the company.More
Story image
Ripple20 threat has potential for 'vast exploitation', ExtraHop researchers find
One in three IT environments are vulnerable to a cyber threat known as Ripple20. This is according to a new report from ExtraHop, a cloud-native network detection and response solutions provider. More
Story image
Research: 61% of companies have suffered an insider attack in last 12 months
It comes as rapid migration to cloud and remote working and BYOD scenarios leave organisations increasingly vulnerable to insider attacks as a result of the upheaval caused by the COVID-19 pandemic.More
Story image
Acronis announces new security endpoint solution
The solution is an integration of data protection and cybersecurity which provides customers with effective endpoint protection in a landscape where the pointlessness of perimeter security is becoming more pronounced.More
Story image
The SASE triangle: How a CASB protects managed apps
Enterprises that fail to adapt to the modern business world when it comes to security are likely to fall prey to data breaches and experience a host of other problems, writes Bitglass product marketing manager Will Houcheime.More
Story image
Proofpoint launches new SMB focused security awareness training
Proofpoint has launched security awareness training for small to medium businesses (SMBs) with the aim of reducing successful phishing attacks and malware infections to almost zero. More