The art of cyber security

Cyber security has become far too technology-centric. Each enterprise, on average, manages more than 30 different cyber security vendors, and receives varied, differing and even contradictory recommendations.

Despite the increased investment, an IDC survey commissioned by Quann found that more than 90 percent of enterprises are only in early stages of security preparedness. Breaches still occur despite the larger amount of investment into cyber security because more than half of these organizations do not have dedicated professionals looking into their cyber security.

Without the right expertise, it is easy to make mistakes that reduce or even negate the effectiveness of security technology. For example, an enterprise may have several security systems that are not fully integrated. Or it may have a central anti-virus program that was not extended to cover acquired subsidiaries, allowing hackers to find a way in through an unprotected email system.

Printers and other peripherals are another common security lapse. Valuable information remains in unencrypted printer hard drives, which hackers can compromise.

Invest in Professionals

Clearly, technology alone is not the solution to cyber threats that are increasing exponentially in volume and sophistication. Automation and machine learning are best deployed to handle known threats

But when it comes to never seen before threats such as zero-days and new exploits, people, not machines, are the best equipped to uncover them.

Advanced security technology must be complemented by skilled professionals in the entire cyber security spectrum – from audit and assessment of threats and vulnerabilities, designing the security architecture, maintaining visibility in your IT infrastructure to responding to attacks and breaches. If skilled professionals in any of these areas are not engaged, the possibility of being hacked and suffering data and reputation loss becomes a reality.

Security professionals must return to the core of cyber security and focus on human skills, instinct, and experience. Different cyber security professionals hold differing roles and responsibilities, and the team must work together to provide full security coverage so enterprises can operate without incident.

Security as a Service

To cope with ongoing threats, security professionals must find ways to effectively use the resources they have on hand. “CIOs and CISOs face what I call the cyber security trilemma: managing trade-offs in cost, security coverage, and operational effectiveness,” says Mr. Foo Siang-tse, Managing Director of managed cyber security service provider Quann. “Enterprises can achieve two out of three, but few can ever attain all three simultaneously.”

Foo advises enterprises to use their limited internal security staff to identify the applications and data that are most critical to the business. These pose the greatest risk if compromised and therefore justify the highest investments of time and funding.

For more operational tasks, it might be more efficient to engage an external Managed Security Services Provider (MSSP) that specializes in gathering data from research organizations and vendors, correlating the information, filtering out the noise, and providing actionable insights. For example Quann’s insight and quick patching have protected many enterprises in Asia from the WannaCry ransomware.

Foo recommends creating a “Live” Security Roadmap. This involves approaching security-as-a-service. For example, emerging solutions based on artificial intelligence (AI), machine learning, and predictive analytics have the potential to automate processes for identifying and responding to attacks.

When opting for SaaS, be mindful that it is a partnership between client and vendor, and not simply an outsourcing of the problem. This is because cyber security cannot be viewed in silos but rather as an end-to-end process. If one part is not managed properly, the impact is felt down the chain.

For example, a typical MSSP service is the monitoring of networks. But if the client organization does not manage devices properly with software patches, or ensure their firewalls are configured properly, it affects what can be monitored.

Fortunately, help is available to enterprises that want to boost their manpower capabilities. For instance the Infocomm Media Development Authority in Singapore is taking a multi-pronged approach to ensure companies have access to the support they need – with programs such as “Tech Skills Accelerator” which provides a training roadmap for IT professionals, and “SMEs Go Digital” to build digital capabilities.

The days of doing the bare minimum for cyber security and hoping to get by are truly over. It’s time to leave the serious business of securing the enterprise to a team of specialists who can get the job done.

Find out more at www.artofcybersecurity.com

This is a contributed article from Quann Security

1. Quann Security, Singapore companies are unprepared for cyber attacks, Quann reveals

Quann Security