Intelligent CIO asked Fady Younes, Cybersecurity Director – Middle East and Africa, Cisco, if it is becoming easier for cybercriminals to access company data. Here is his response:
Network borders are rapidly being eroded by the need to enable anyone, anywhere to connect to anything, at any time. Employees, partners, and customers are using mobile devices and applications to connect from homes, hotels, airport Internet kiosks, and local coffee shops, collaborating through mobile platforms, increasing business efficiency, productivity and flexibility.
However, enhanced communication also increases the risk of losing sensitive information, such as intellectual property and customer data, due to innocent or malicious activities.
Recently, multiple data loss incidents affecting large organisations have made headlines – Equifax, Uber, Yahoo – and this shows that the challenge is the struggle between the relentless attackers and the tireless defenders does not always seem to be evenly balanced.
Attackers have unlimited resources and an unlimited number of tries to conduct attacks. They only need one to succeed to get what they want. The defenders, on the other hand, have limited time and resources and need to have complete visibility of their infrastructure and data and the potential ways in.
It does not seem to be a comfortable equation, especially as criminals tend to be much more agile than their targets. Every organisation has something valuable to protect and adversaries who want to get their hands on it.
Organisations need to be able to understand who wants access to the network, what type of device is being used, where they are located, and what services they want to access which is why Cisco offers a threat centric integrated architecture which protects the customers across network, endpoint and cloud.
In just three years, an estimated 50 billion new devices will be connected presenting companies with a significant opportunity, if they can seize this digital revolution with a holistic approach to cybersecurity. The proliferation of devices and applications are creating many new entry points for threats while generating a flood of traffic, requiring organisations to rethink data security.
Virtualisation, cloud, and software defined networking (SDN) increase security complexity, while new technologies such as microservices, containers and APIs increase the opportunity for data theft. Traditional perimeter methods for security are no longer sufficient to protect dynamic applications and workloads.
The Cisco Annual Cybersecurity Report found that 80% of data breaches originate from third parties. To reduce risk, organisations must foster a value chain where trust is not implicit, and security is everyone’s responsibility. Keeping the difference between responsibility and accountability in mind, everyone in the company needs to be responsible for cybersecurity.
Cybersecurity is finally becoming a top-of-mind business objective for many with many organisations making the board hold accountability, which makes sense considering a large security breach/incident doesn’t only affect finances and productivity but can severely damage customers’ trust towards the brand.
An ounce of prevention is worth a pound of cure, so the saying goes. When it comes to protecting your organisation against the imminent threat of a cyberattack, it’s essential to factor in both. Adversaries are working hard to create data incidents, so we’re working harder to build secure, intelligent networks to enable positive customer outcomes.
Click below to share this article