Intelligent CIO Middle East Issue 36 | Page 35

+ EDITOR’S QUESTION NICOLAI SOLLING, CTO, HELP AG MIDDLE EAST ///////////////// F irst of all, it is important to understand that the major causes of data breaches still remain loss or theft of paperwork, data sent to the wrong recipients, loss or theft of unencrypted devices and data, and – only later down the list – actual elements of hacking. So, considering this, human error and proper data protection policies are still big focus areas. Unfortunately, even with the best technologies in place, the security chain is only as strong as its weakest link and security is very much a binary business – either you have been breached or not. From a technical standpoint, I don’t believe it is not easier for cybercriminals today, but unfortunately their motivation is higher than ever – meaning they have more resources, funds and capabilities than ever before. The big issue is that if you look at defence versus the offensive i.e. us against the attackers, it isn’t a level playing field. The cyberattack economy is estimated to be 10 times larger than that of defence which ultimately skews outcomes in the favour of attackers. Furthermore, when we think of defence, we tend to focus on cutting- edge technologies instead of focusing on the fundaments of data security which are classification and access-control. As an example, almost every enterprise has installed a next-generation firewall. But how many have invested into data protection and encryption of sensitive assets in structured and unstructured data? Social engineering and phishing are great examples of attacks that use non- technical elements, and that are therefore highly successful even in environments where we have invested into best-of-breed security solutions. The evolution of cloud attacks presents another example of the exploitation of www.intelligentcio.com human behaviour. Initial concerns regarding cloud adoption centred around the privacy and security of data stored in third-party data centres. However, it is now evident that these cloud providers take security very seriously as they made significant investments to secure their infrastructures – often achieving a level of protection that far surpasses that of their subscribers. As a result, cybercriminals have shifted their focus and while we will no doubt continue to see the occasional data breach of large service providers that expose login credentials and the information of multiple users, the volume of cloud related attacks has been shifted away from the service itself to the endpoint and the end-user as well as all of the identity services that governs our access to our application. The unfortunate reality is that with every new technology that is adopted by businesses, there is the potential for cybercriminals to exploit one more target – whether it is email that was introduced over four decades ago, the smart devices that every employee now carries, or the IoT devices that are finding their way into corporate environments. As we increase digitised business, we introduce new attack surface areas. All this said, there is a positive note for organisations – the emergence of Managed Security Services (MSS). MSS allows organisations to entrust critical cybersecurity functions such as 24x7 incident monitoring, incident response, log management and others to well-staffed teams of qualified experts. This leads to optimal utilisation of the organisation’s security solutions and the consequential enhancement of its security posture. Moreover, it significantly reduces the workload of the in-house IT team, freeing them up to focus effort on spreading cybersecurity awareness among the workforce. This combination of leveraging expertly delivered MSS and increasing employees’ security awareness makes it significantly harder for cybercriminals to successfully breach defences either through technical or socially-engineered exploits. INTELLIGENTCIO 35