+
EDITOR’S QUESTION
NICOLAI SOLLING, CTO,
HELP AG MIDDLE EAST
/////////////////
F
irst of all, it is important to understand
that the major causes of data
breaches still remain loss or theft of
paperwork, data sent to the wrong recipients,
loss or theft of unencrypted devices and
data, and – only later down the list – actual
elements of hacking.
So, considering this, human error and proper
data protection policies are still big focus
areas. Unfortunately, even with the best
technologies in place, the security chain is
only as strong as its weakest link and security
is very much a binary business – either you
have been breached or not. From a technical
standpoint, I don’t believe it is not easier for
cybercriminals today, but unfortunately their
motivation is higher than ever – meaning
they have more resources, funds and
capabilities than ever before.
The big issue is that if you look at defence
versus the offensive i.e. us against the
attackers, it isn’t a level playing field. The
cyberattack economy is estimated to be
10 times larger than that of defence which
ultimately skews outcomes in the favour
of attackers. Furthermore, when we think
of defence, we tend to focus on cutting-
edge technologies instead of focusing on
the fundaments of data security which
are classification and access-control. As
an example, almost every enterprise has
installed a next-generation firewall. But how
many have invested into data protection and
encryption of sensitive assets in structured
and unstructured data?
Social engineering and phishing are
great examples of attacks that use non-
technical elements, and that are therefore
highly successful even in environments
where we have invested into best-of-breed
security solutions.
The evolution of cloud attacks presents
another example of the exploitation of
www.intelligentcio.com
human behaviour. Initial concerns regarding
cloud adoption centred around the privacy
and security of data stored in third-party
data centres. However, it is now evident
that these cloud providers take security
very seriously as they made significant
investments to secure their infrastructures –
often achieving a level of protection that far
surpasses that of their subscribers.
As a result, cybercriminals have shifted
their focus and while we will no doubt
continue to see the occasional data breach
of large service providers that expose login
credentials and the information of multiple
users, the volume of cloud related attacks
has been shifted away from the service itself
to the endpoint and the end-user as well as
all of the identity services that governs our
access to our application.
The unfortunate reality is that with
every new technology that is adopted
by businesses, there is the potential for
cybercriminals to exploit one more target
– whether it is email that was introduced
over four decades ago, the smart devices
that every employee now carries, or the
IoT devices that are finding their way into
corporate environments. As we increase
digitised business, we introduce new attack
surface areas.
All this said, there is a positive note
for organisations – the emergence of
Managed Security Services (MSS). MSS
allows organisations to entrust critical
cybersecurity functions such as 24x7
incident monitoring, incident response, log
management and others to well-staffed
teams of qualified experts.
This leads to optimal utilisation of the
organisation’s security solutions and the
consequential enhancement of its security
posture. Moreover, it significantly reduces
the workload of the in-house IT team,
freeing them up to focus effort on spreading
cybersecurity awareness among the workforce.
This combination of leveraging expertly
delivered MSS and increasing employees’
security awareness makes it significantly
harder for cybercriminals to successfully
breach defences either through technical or
socially-engineered exploits.
INTELLIGENTCIO
35