news
Financial services
companies lack
trusted data to
make security
decisions
enior security leaders within
S
financial services companies are
challenged by a lack of trusted
data to make effective security decisions
and reduce their risk from cyberthreats,
according to Panaseer’s 2020 Financial
Services Security Metrics report.
Results from a global external survey of
over 400 security leaders that work in
large financial services companies reveal
concerns on security measurement and
metrics that include data confidence,
manual processes, resource wastage
and request overload.
The results demonstrate myriad
issues with the processes, people and
technologies required to have a full
understanding of an organisation’s cyber
posture and the preventative measures
required to stop a security control failure
from becoming a security incident.
The vast majority (96.77%) of
respondents claimed they use metrics
to measure their cyber posture, with
the primary use for security metrics
being risk management (41.69%),
demonstrating success of security
initiatives (28.04%), supporting security
investment business cases (19.11%) and
board/executive reporting (10.17%).
Over a third (36.72%) of security leaders
said that their biggest challenge is ‘trust
in the data’ when creating metrics to
measure and report on risk, followed by
the resources required to produce them
(21.34%), the frequency of requests
(14.64%) and confusion over knowing
what metric to use (15.3%).
Less than half of respondents (47.75%)
could claim to be ‘very confident’ that
they are using the right security metrics
to measure cyber-risk.
MCAFEE COLLABORATES WITH
ATLASSIAN TO PROVIDE ADVANCED
SECURITY CAPABILITIES IN THE CLOUD
cAfee, a device-to-cloud
M cybersecurity company, has
announced a collaboration
with Atlassian, a leading provider of
team collaboration and productivity
software, to bring advanced data
security and threat protection to
customers looking to accelerate their
move to the cloud. As a result of this
collaboration, Atlassian customers can
now leverage the power of McAfee
MVISON Cloud to apply its security
policies to their use of Atlassian
services. MVISION Cloud provides
visibility and control for Software-as-a-
Service (SaaS), Platform-as-a-Service
(PaaS) and Infrastructure-as-a-Service
(IaaS) environments, across content
management systems and DevOps
environments, via a unified security
platform which helps customers get
comprehensive control over their
cloud services from managed and
unmanaged devices.
The need for solutions that are
designed to secure the cloud are
further validated within a recent
McAfee report that found the average
enterprise organisation uses 1,400
different cloud services. As more
organisations move their operations
to the cloud and to remote work
environments, they must evolve
their security measures to meet the
challenges of unintentional data
uploads, device usage outside
traditional network parameters,
insider threats from rogue employees,
application misconfiguration and more.
Further, industry analyst firm, Gartner,
warns that, ‘through 2025, 99% of cloud
security failures will be the customer’s
fault’. This has caused enterprises to
look for ways to enforce additional
security controls on their cloud solutions
beyond Software-as-a-Service (SaaS)
or Infrastructure-as-a-Service (IaaS).
10 Issue 26 | www.intelligentciso.com