business
‘‘
TALKING
////////////////////////////////////////////////////////////////////
Justin Coker, Vice President EMEA, Skybox
How do we segregate
security teams?
In addition to the IT network, the security
teams responsible for keeping the attack
surface protected must also be split. The
challenge of this is two-fold: First, with fewer
members on each new team there will
inevitably be the creation of a knowledge
gap in both organisations and, second, there
will be fewer people to deal with a similar
number of attacks on the networks.
To counteract these challenges,
organisations need to get all employees up
to speed with risks in both entities to ensure
attacks don’t slip through the cracks and it's
likely they need to hire additional staff to fill
the resource void.
Security solutions are also available which
can highlight the highest priority risks
using automated data correlation and
recommend the defences and controls that
should be put in place to mitigate the risks
of shared services and networks. This way,
security teams are able to prioritise where
to focus their efforts and make better use of
human resources.
Are we at risk of non-compliance?
A huge concern for the CFO of an
organisation on the brink of divestment
is the potential regulatory impact, so
44
INTELLIGENTCIO
this must be clearly understood. As a
new network perimeter is planned and
introduced, the security teams need
to establish whether this produces any
compliance gaps. With shared network
assets, it is important to ensure any
changes made are not resulting in a
breach of regulation and that changes
are implemented within the timescales
demanded by the regulators. Using
automated change assessment, security
teams can ensure network changes happen
quickly and that the organisation remains
regulation-compliant, so the divestment
process keeps to the schedule. Using this
type of tool also means that any changes
haven’t exposed any new vulnerabilities.
Although traditionally viewed as the
sole responsibility of the CISO, thanks to
“
digitalisation, cybersecurity has infiltrated
every aspect of business operations,
including divestments and other activities
that fall under the remit of the CFO. By using
the latest solutions in visualising network and
security infrastructures as well as their risks,
IT aspects of divestments can be concluded
more quickly – and the life of the CFO can be
made significantly easier.
This approach helps smooth divestment
operations for finance directors by ensuring
security and compliance risks are properly
identified, understood and dealt with
strategically. Doing so will mean that
any possible monetary and reputational
risks caused by a cyberattack – during
the divestment or at a later date – will be
avoided and will safeguard the future of
both companies. n
ALTHOUGH TRADITIONALLY
VIEWED AS THE SOLE RESPONSIBILITY
OF THE CISO, THANKS TO DIGITAL-
ISATION, CYBERSECURITY HAS
INFILTRATED EVERY ASPECT OF
BUSINESS OPERATIONS.
www.intelligentcio.com