December 6, 2020 6:53 am

Top six security and risk management trends that business should not ignore: What are they?

Business leaders are becoming increasingly conscious of the impact cybersecurity can have on business outcomes.

Must Read

How AI monitoring can make your business smarter and better

Artificial Intelligence (AI) makes it feasible for machines to learn from experience, adapt to new inputs, and perform human-like tasks.

Why cybersecurity threats have increased during Covid-19 pandemic

Cybersecurity industry has never had more significant task to carry out than guarding strategic associations and businesses from digital assaults during the coronavirus pandemic

How to choose an effective DDoS mitigation plan

There are several flavours from which to choose when selecting an effective DDoS mitigation strategy. Most enterprises opt for one of the cloud protection flavours (always-on or on-demand)

Business leaders are becoming increasingly conscious of the impact cybersecurity can have on business outcomes. said that security leaders should harness this increased support and take advantage of six emerging trends, to improve their organization’s resilience while elevating their own standing.

Trend No. 1

IT security is a board-level topic and an essential part of any solid digital business strategy. Business leaders have not always been receptive to this message, but a recent string of high-profile incidents have changed sentiment.

Prominent examples include an Equifax data breach that cost the CEO, CIO, and CSO their jobs; a WannaCry attack that caused worldwide damage estimated at between $1.5 to $4.0 billion, and Verizon’s recent $350 million discounts on its purchase of Yahoo! as a result of the latter’s data breach.

“Business leaders and senior stakeholders, at last, appreciate security as much more than just tactical, technical stuff done by overly serious, unsmiling types in the company basement,” said Peter Firstbrook, research vice president at . “Security organizations must capitalize on this trend by working closely with business leaders and clearly linking security issues with business initiatives that could be affected.”

Trend No. 2

Customer data is the lifeblood of ever-expanding digital business services. Incidents such as the recent Cambridge Analytica scandal or the Equifax breach illustrate the extreme business risks inherent to handling this data. Moreover, the regulatory and legal environment is getting ever more complex, with Europe’s GDPR the latest example. At the same time, the potential penalties for failing to protect data properly have increased exponentially.

In the U.S., the number of organizations that suffered data breaches due to hacking increased from under 100 in 2008 to over 600 in 2016.

“It’s no surprise that, as the value of data has increased, the number of breaches has risen too,” said Firstbrook. “In this new reality, full data management programs — not just compliance — are essential, as is fully understanding the potential liabilities involved in handling data.”

Trend No. 3

New detections technologies, activities and authentication models require vast amounts of data that can quickly overwhelm current on-premises security solutions. This is driving a rapid shift toward -delivered security products. These are more capable of using the data in near real-time to provide more-agile and adaptive solutions.

“Avoid making outdated investment decisions,” advised Firstbrook. “Seek out providers that propose cloud-first services, that have solid data management and machine learning (ML) competency, and that can protect your data at least as well as you can.”

Trend No. 4

The shift to the cloud creates opportunities to exploit ML to solve multiple security issues, such as adaptive authentication, insider threats, and advanced attackers. Gartner predicts that by 2025, ML will be a normal part of security solutions and will offset ever-increasing skills and staffing shortages. But not all ML is of equal value.

“Look at how ML can address narrow and well-defined problem sets, such as classifying executable files and be careful not to be suckered by hype,” said Firstbrook. “Unless a vendor can explain in clear terms how its ML implementation enables its product to outperform competitors or previous approaches, it’s very difficult to unpack marketing from good ML.”

Trend No. 5

Increased levels of cyber warfare, cyber political interference, and government demands for backdoor access to software and services have resulted in new geopolitical risks in software and infrastructure buying decisions. Recent government bans against Russian and Chinese firms are obvious examples of this trend.

“It’s vital to account for the geopolitical considerations of partners, suppliers and jurisdictions that are important to your organisation,” said Firstbrook. “Include supply chain source questions in RFIs, RFPs and contracts.”

Trend No. 6

The internet is driving a wave of centralization, one obvious example of which is cloud computing. While there are many benefits (some outlined above), a good security team should be accounting for the risks too.

“Evaluate the security implications of centralization on the availability, confidentiality and resiliency of digital business plans,” said Firstbrook. “Then, if the risks of centralization could seriously threaten organizational goals, explore an alternative, decentralized architecture.”

Subscribe to receive the day's headlines from Tech Observer straight in your inbox

Share your views

*The moderation of comments is automated and not cleared manually by techobserver.in. Embedding of any link and use of abusive or unparliamentary language are prohibited.
- Advertisement -

Latest in TECH

Indian aviation may lose Rs 21,000 crore in FY21: ICRA

The Indian aviation industry might see a net loss of Rs 21,000 crore in FY2021, against a net loss of Rs 12,700 crore in FY2020 due to lesser revenues and high fixed costs, credit rating agency ICRA has projected.

Related Articles