+
EDITOR’S QUESTION
/////////////////
ADAM PHILPOTT,
EMEA PRESIDENT,
MCAFEE
C
ybercrime is relentless. It’s relatively
easy, can be very lucrative and
the chances of being caught are
perceived as being very low. Combined
with the fact that many technology users
fail to take basic protective measures and
technology products often lack adequate
defences, it’s no surprise that cybercrime
shows no signs of slowing down. This situation is often further exacerbated
by the severe cybersecurity skills shortage.
However, while we do need people with
the right skills in the industry, businesses
can quickly protect data online more
effectively by looking at existing inefficient
practices which take up individuals’ time
unnecessarily and incorporating the right
security solutions.
The sheer variety of easy-to-use tools and
cybercrime services available online means
that cyberattackers no longer need deep
technical knowledge. Yet our recent Quarterly
Threats Report also revealed rapid adoption
of newer tools and schemes – from fileless
malware to bitcoin mining – as criminals
move away from tried and tested attack
techniques to capture new revenue streams. In short, security solutions can – and
are beginning to – play a major role
in alleviating these pressures while
safeguarding online information more
efficiently. However, rather than investing
in stop gaps and add-ons, organisations
must find the right combination of people,
processes and technology solutions to
effectively protect data, detect threats and
when targeted, rapidly correct systems.
In addition to an increasingly complicated
threat landscape, businesses now face a
constant onslaught of attack attempts. We
catalogued 478 new cyberthreats every
minute in Q4 2017, with an 18% increase
in the number of reported security incidents
across Europe. Globally, that translates to
recording eight new cyberthreats per second.
The challenge of protecting data online in
this environment means many IT teams are
facing unprecedented pressure. Typically,
CIOs and CISOs are trying to defend against
a huge number of online threats while
also dealing with an increasingly complex
set of networks and services. They also
simultaneously need to manage both new
connected devices and existing legacy IT
while getting their head around compliance
issues, such as preparing for the incoming EU
GDPR, all within a certain budget.
www.intelligentcio.com
The promise of new tools can be very
tempting; they’re new and exciting and
often come with the promise of a panacea.
Yet when added into a system, they are
isolated, do not integrate well with existing
systems or processes and end up adding
more complexity than any value they bring.
This complexity manifests through yet more
tools to license, management consoles to
investigate, skills to develop and systems to
maintain, burdening an already stretched
operations team.
We consistently see the impact of these
siloed cybersecurity frameworks. Many
data breaches reveal companies dealing
with an incident after cybercriminals have
already been and gone with their data.
In fact, our survey with Aberdeen Group
concluded that in more than 1,300 data
breaches investigated between 2014 and
2016, half of detections took up to 38
days, with some incidents taking as long as
four years to detect!
The truth is that organisations can invest
in multiple security solutions and end up
shooting themselves in the foot with too
many tools operating in silo, failing to
communicate with each other. It is not
unusual for businesses to have over 10 tools
which require constant monitoring, leading
to some breaches going unreported for long
stretches of time.
Security solutions are being implemented
to protect data online and alleviate the
pressure on stretched IT teams, but the
businesses doing this successfully are
those which share threat intelligence and
consolidate security solutions. Building a
proactive, platform-based and partner-
powered integrated cybersecurity system will
allow the organisation to move from purely
reactive incident response to proactively
hunting threats. n
INTELLIGENTCIO
39