We’ve heard many variations of the parable about an experienced independent consultant who got a major production machine in a thriving factory to start working again by hitting it with a hammer. When the factory manager received the consultant’s exorbitant bill for $10,000, he angrily demanded that the consultant justifies his price by itemizing it.
The consultant duly sent the factory manager a new bill that read: Hammer – $10; Knowing where to hit machine with hammer – $9,990.
Applied to the fight against unpredictable and resource-rich cyber attackers who threaten to bring down mission-critical systems or steal digital business assets, this parable underscores the importance of not only having the right security capabilities – the ‘hammer’ – but also the right experience, intuition, know-how and innovation.
Asia Pacific will have half of the world’s mobile connected devices by 2020 with ubiquitous mobile broadband enabling consumers and businesses to interact with people, information and applications seamlessly and on demand.
“Our research has found that on average, an organization uses 1,175 applications,” said Mohan Veloo, CTO for Asia Pacific at F5 Networks. “For businesses, the wealth of data that follows is becoming incredibly taxing to manage. Studies have already shown that Asia Pacific is 80% more vulnerable to cybersecurity attacks than other parts of the world.”
To protect customers and data effectively in an increasingly digitalized world, Mohan urged cyber defenders to acquire clear visibility into all traffic flowing through the infrastructure; meaningful context of the applications and external factors that can impact cyber defenses; and the ability to apply the right security controls to stop an attack and mitigate damage.
But empowering the workforce, including cyber defenders, with technology to foster higher performance and effectiveness “begins with understanding that employee experience, customer experience, and revenue growth are decisively linked,” suggested Forrester Consulting in a recent Asia-Pacific work transformation study.
If customer experience is the core objective of digital transformation initiatives, then robust cybersecurity is an essential enabler of improved customer experience. This is highly evident in financial institutions, airlines and retailers focusing on excellent customer experience in their digital channels.
Digital channels are now critical for stimulating sales, engaging customers and delivering services. But these efforts to grow revenues trip up when the customer loses access to an online booking system or the ability to complete a transaction due to a denial-of-service attack or a compromised system.
But 34% of respondents to F5 Networks’ 2017 State of Application Delivery survey cited the high demand and short supply of skills as a significant security challenge. This challenge has spurred many organizations to rely on either automation that minimizes the need for human intervention, or cloud-managed or outsourced service providers that have the necessary talent pool.
Customers of F5 Networks’ Silverline cloud-based application services platform, for example, have access to 24x7x365 global support from security experts at Security Operations Centers (SOCs), who help ease their transition to the cloud and minimize risk and disruption for their application-driven digital initiatives.
“The traditional perimeter for security, which is the firewall, worked for organizations that were protecting their on-premises applications,” said Ian Jones, senior vice president of Silverline at F5 Networks Limited. “But as we move applications into the cloud, the new security challenges are far broader than a firewall.
“So we’re looking for individuals that recognize how to protect a web application and use cloud security and web security to complement the existing firewall – people that have very deep networking skills and security backgrounds, people who have experience in identifying malware threats, building cloud infrastructures, and designing security as architects.”
Thankfully, many advanced tools are available today to provide the necessary visibility and predictive insights required to identify, locate and respond to issues and threats in the infrastructure as and when they occur to minimize disruption to business.
Still, with advanced security incidents that have been triaged and escalated by first-level staff of an SOC, for instance, the one who can quickly investigate them, clearly communicate discoveries to key stakeholders for prompt incident response, and articulate informed recommendations to top management will stay ahead of the capricious cyber attacker and be the cyber defender who knows where to ‘hammer’.
This is a QuestexAsia feature commissioned by F5 Networks Asia Pacific.