forces are conspiring to make this even
more challenging.
The devil’s in the digital
As our IT world grows in complexity,
with a broadening range of supply chain
partners, digital channels and connected
devices, the attack surface widens.
Cybercriminals have quickly taken
advantage of this; for example, by using
the infamous Magecart digital skimming
code to infect supply chain firms. In
doing so, they’re able to use a domino
effect to reach a wider pool of victims
with minimal effort.
With so much complexity, it is harder
than ever for security teams to identify
and respond to threats in a timely
manner. Tool bloat, technical complexity,
supply chain risk and skills shortages
are heaping added pressures onto
security teams – teams that are already
more than aware of the business
imperative to keep data safe and lights
on. The industry as a whole is short
of nearly three million professionals
globally, including 142,000 in EMEA.
Security teams are drowning in alerts,
in constant fire-fighting mode, meaning
they are unable to take a proactive
approach to managing digital risk.
Breaking down the walls
IT risks are now intertwined with security
risks, but they are also impacting
traditional governance, risk and
compliance, and organisations are under
pressure to invest in integrated risk
management (IRM) including third party
risk. Traditionally, risk and compliance
teams have operated at arms’ length
from IT and security, focusing more on
organisational process and regulatory
commitments. However, we are seeing
the reach of digital spreading into the
world of risk and compliance. Previously,
this impact has been greatly felt with
Security teams are
drowning in alerts, in
constant fire-fighting
mode, meaning they
are unable to take a
proactive approach to
managing digital risk.
www.intelligentciso.com
|
Issue 18
87