FEATURE : DIGITAL TRANSFORMATION a business to run , and today these systems are driving that . It ’ s a hard truth – you need to continue to support your business while modernising to take advantages of the new innovations Digital Transformation can bring .”
Maher Jadallah , Senior Director , Middle East and North Africa , Tenable
Schuck pointed out thatthe other challenge CIOs face today is that these transformations were implemented in record time . “ Accurate planning of details and outcomes may not have been done effectively due to the rapid change in market conditions . These plans need to be re-evaluated and perfected to improve efficiencies and value back to the business ,” he said .
Maher Jadallah , Senior Director , Middle East and North Africa , Tenable , said organisations need a modern , comprehensive strategy to quickly and accurately identify vulnerabilities and misconfigurations in their dynamic infrastructures , that delivers clear guidance and recommendations on how to prioritise and remediate any risks . Jadallah said they also need developer-first security solutions that are compatible with their workflows to increase independence and deliver easily consumable code fixes to ensure security is baked in and threat actors locked out .
“ The first step is to truly understand the business environment . In short , the security team needs to make sure it can actively detect all assets and identify key processes across the entire attack surface wherever it resides – including any assets in the cloud , OT , and container environments . Security teams must identify all business-critical assets , applications , and services including who within the organisation ‘ owns ’ them and ensure focus is placed on risks affecting these systems first ,” he said .
Jadallah pointed out that by identifying the critical assets which the organisation relies upon to function , and the vulnerabilities affecting these systems , priority should be given to those vulnerabilities that are currently being exploited . “ This identifies the real operational risks versus theoretical threats to know what to focus on first .
Security teams should also determine whether they are assessing enough of the network . Rogue assets that can ’ t be seen could put the organisation at risk from critical vulnerabilities . The old adage of ‘ you can ’ t defend what you can ’ t see ’ still holds true so it ’ s important to eliminate blind spots ,” he advised . “ By collaborating more effectively internally from the beginning , organisations will have greater security without compromising efficient business operations .” p
www . intelligentcio . com INTELLIGENTCIO MIDDLE EAST 43