Intelligent CISO Issue 26 | Page 10

news Financial services companies lack trusted data to make security decisions enior security leaders within S financial services companies are challenged by a lack of trusted data to make effective security decisions and reduce their risk from cyberthreats, according to Panaseer’s 2020 Financial Services Security Metrics report. Results from a global external survey of over 400 security leaders that work in large financial services companies reveal concerns on security measurement and metrics that include data confidence, manual processes, resource wastage and request overload. The results demonstrate myriad issues with the processes, people and technologies required to have a full understanding of an organisation’s cyber posture and the preventative measures required to stop a security control failure from becoming a security incident. The vast majority (96.77%) of respondents claimed they use metrics to measure their cyber posture, with the primary use for security metrics being risk management (41.69%), demonstrating success of security initiatives (28.04%), supporting security investment business cases (19.11%) and board/executive reporting (10.17%). Over a third (36.72%) of security leaders said that their biggest challenge is ‘trust in the data’ when creating metrics to measure and report on risk, followed by the resources required to produce them (21.34%), the frequency of requests (14.64%) and confusion over knowing what metric to use (15.3%). Less than half of respondents (47.75%) could claim to be ‘very confident’ that they are using the right security metrics to measure cyber-risk. MCAFEE COLLABORATES WITH ATLASSIAN TO PROVIDE ADVANCED SECURITY CAPABILITIES IN THE CLOUD cAfee, a device-to-cloud M cybersecurity company, has announced a collaboration with Atlassian, a leading provider of team collaboration and productivity software, to bring advanced data security and threat protection to customers looking to accelerate their move to the cloud. As a result of this collaboration, Atlassian customers can now leverage the power of McAfee MVISON Cloud to apply its security policies to their use of Atlassian services. MVISION Cloud provides visibility and control for Software-as-a- Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) environments, across content management systems and DevOps environments, via a unified security platform which helps customers get comprehensive control over their cloud services from managed and unmanaged devices. The need for solutions that are designed to secure the cloud are further validated within a recent McAfee report that found the average enterprise organisation uses 1,400 different cloud services. As more organisations move their operations to the cloud and to remote work environments, they must evolve their security measures to meet the challenges of unintentional data uploads, device usage outside traditional network parameters, insider threats from rogue employees, application misconfiguration and more. Further, industry analyst firm, Gartner, warns that, ‘through 2025, 99% of cloud security failures will be the customer’s fault’. This has caused enterprises to look for ways to enforce additional security controls on their cloud solutions beyond Software-as-a-Service (SaaS) or Infrastructure-as-a-Service (IaaS). 10 Issue 26 | www.intelligentciso.com