EXPERT OPINION

Henry Jiang , Chief Information Security Officer at Diligent Corporation , shares his thoughts on how to successfully tackle top challenges faced by IT teams . He delves into the ramifications of inadequate resources on an organisation ’ s security posture and how to foster teamwork within an IT department to the point of achieving overarching security objectives .

During COVID , we saw that many unprepared organisations found themselves trying to rapidly secure a mobile workforce in a challenging situation . Fortunately for us at Diligent , we had already transitioned our high workloads to the cloud and established robust controls to support this shift . However , in today ’ s era of Digital Transformation where digital assets are integral to businesses of all sizes , the prevalence of computer assets and data in the business landscape has become common . Consequently , we observe a heightened risk , particularly concerning data quality .

The challenges extend beyond just data quantity ; it ’ s also about the quality and acquisition of data . Today , organisations – whether they are major enterprises or small businesses – generate thousands , if not millions , of events daily . This influx of data , even from daily service providers like Microsoft and Google to diverse security systems , presents a conundrum . There is a surplus of data making it difficult for IT teams to effectively monitor and manage events . The core issue lies in the fact that data lacks meaning until it is presented in a meaningful way .

This leads us to a fundamental concept : all risks , including cyber-risk intelligence , should be presented , analysed and discussed in a persona-based manner and driven by the data . While this may seem like a high-level concept in

Henry Jiang , Chief Information Security Officer at Diligent Corporation

practice , we are actively exploring how to turn this idea into a practical reality .

Could you elaborate on the potential ramifications of inadequate resources on an organisation ’ s security posture ?

The lack of resources is not a new issue in our world . It has been a concern since about a decade ago . Regardless of the resources allocated , people often claim they don ’ t have enough to tackle challenges , especially in the realm of cybersecurity . However , the potential consequences of this resource shortage can have a significant impact . This impact is also evident when we examine the data breaches reported in the public domain .

The root cause of many of these issues can be traced back to resource www . intelligentciso . com

49