editor’s question
CHRIS HODSON,
EMEA CISO
AT TANIUM
A
n organisation’s
reputation is
increasingly
contingent on
maintaining a
robust approach
to cybersecurity
and IT operations. This has been
illustrated over the last few years by a
number of high-profile breaches that
have, in turn, led to ongoing reputational
issues or loss in consumer trust for
some organisations.
Over the last 18 months, we’ve seen this
amplified as we’ve entered a hyper-
regulatory environment, illustrated by
the likes of CCPA in the US and GDPR
in Europe. Businesses are increasingly
bound by stricter regulations to
safeguard sensitive data and report
breaches in a timely manner or risk
facing sizeable fines.
So why, when organisations are working
hard to mitigate cyberthreats, do we
still see so many succumbing to data
30
An organisation’s
reputation is
increasingly
contingent on
maintaining a
robust approach to
cybersecurity and
IT operations.
breaches? The problem is that you can’t
have a strong approach to cybersecurity
and IT operations without understanding
where your digital assets – such as staff
laptops – are, what’s running on them
and the vulnerabilities that exist across
the environment. Another challenge is keeping pace
with the growing number of threats
and attacks – in the 12 months prior
to April 2018, more than 40% of all
UK businesses suffered a breach or
attack and this number has only been
increasing according to gov.uk.
And while physical assets like laptops
and servers are critically important, even
more so is the data on them. Being fully prepared to face a
cyberthreat requires an organisation
to identify and protect all digital assets
– like laptops and servers – across an
organisation’s entire ecosystem.
Companies should not merely focus
on physical assets alone. They need
to understand the significance of
data as an asset and ensure they
are implementing the best possible
safeguards to protect it. Without this
basic IT hygiene, any ‘higher-level’
cybersecurity practices are the same as
building a house on sand.
Organisations must
be able to keep track
and maintain control
of every IT endpoint
across the enterprise
environment.
Organisations must be able to keep
track and maintain control of every
IT endpoint across the enterprise
environment. As firms grow, they are
often faced with having to navigate
around various scenarios including
expanding their teams, merging with
other businesses, upgrading technology
and managing an ever-growing number
of endpoints. This push and pull between
business objectives and cybersecurity
has its repercussions.
Our latest study found that 95% of UK
CIOs and CISOs have had to make
compromises in how well they are able
to protect their organisations from
disruptions to technology, including
cyberthreats and outages. Organisations
need to invest in an IT security and
operations framework that addresses
potential risks from the outset. u
Issue 19
|
www.intelligentciso.com