The Covid-19 pandemic has redefined life as we know it. Now we are in the age of what is termed ‘the new normal,’ but is it normal, albeit new? At the rate that businesses have been forced to adjust and adopt to this ‘new normal,’ has taught us that business resilience is now a core thinking path that business should adopt. This is a clear indication to organisations that their dependence on digital technologies, and cyber risk, are intertwined with business resilience and continuity.
So says renowned cyber security expert and Specialist Sales Executive: Security at Gijima, Lukas van der Merwe, who says the past year has brought new challenges and shifted views on what constitutes business resilience.
“Over the past year, some interesting new challenges have emerged: a significant increase in remote working, accelerated adoption of cloud computing, and a surge in disruptive technologies have expanded organisations’ attack surface which requires us to rethink our approach to security,” he says.
“Security is fundamental to business resilience, but in the early weeks of the first lockdown, most organisations had to focus solely on enabling remote work as a key business resilience priority. Everything had to be done in a short period of time, with a focus on productivity. Security was almost an afterthought at the time.” However, high profile attacks that have locked down major organisations are illustrating that security is critical for business resilience, van der Merwe says.
COVID-19 has been the trigger for significantly accelerated adoption of Cloud and other technologies previously constrained by budget limitations or business appetite. Gijima believes that this will continue, and the rate of change will present a challenge for cyber security teams.
Other emerging issues are also impacting the way in which organisations manage security and risk: privacy will continue to be an escalating priority driven by consumer demand and regulation. New technology should be architected accordingly, and legacy systems will have to be enhanced or replaced to keep pace. At the same time, artificial intelligence, robotics, automation, everything as a service and 5G will continue to be adopted, developed, enhanced, and matured in various forms to meet business growth and customer experience demands.
“This requires a paradigm shift for cyber security,” van der Merwe says.
The new approach will require pervasive cyber security, based on the principle that the asset as well as the person or device accessing the asset is no longer housed with the safe perimeter of the corporate network.
To achieve this, organisations must start by determining what corporate assets and IP must be protected, the risk to this IP, whether from external attack, or insider threat in all its guises, and a defensive value, or the consequence of a loss of this IP. This informs how much should be allocated as a security budget. Organisations should then assess the present defences, looking at whether the components interact effectively and testing the defences to get a clear picture of the current security defence landscape, and where the gaps are located.
Security leaders need the possibility of managing the skills gap, to increase security ROI.
The right security platform has the potential to solve this challenge. We offer you the best solutions available, like IBM® Qradar® a market leading platform for security information and event management solutions.
“With the current landscape understood, we can build out a risk assessment to determine where investment is needed to construct a holistic and cohesive security strategy with all elements interacting to provide true threat intelligence and response,” van der Merwe says.