It is time for a new approach to security. Today’s dynamic threat landscape demands a security strategy that focuses on the threat itself more than simply prevention. One that doesn’t continue to simply stick band-aid over band-aid, until a cat’s cradle of fixes and patches becomes a management nightmare. Meanwhile, the organisation’s systems remain vulnerable to new, increasingly smart, attacks.
Findings from the recent The Cisco 2018 Security Capabilities Benchmark Study reveal that more than nine out of ten (94%) companies surveyed in the Middle East and Africa have suffered a breach in the last year, with nearly a half (48%) experiencing more than $500,000 (around R6.2 million) in damage. The good news is that companies in the region are taking a progressive approach to tackling security, with 83% using automation, 78%, machine learning, and 77%, artificial intelligence to reduce the effort to secure their organisations.
“Today, security needs to also work hand in glove with an organisation’s digitalisation roadmap,” says Clayton Naidoo, Acting General Manager, Cisco Sub-Saharan Africa. “Most C-suite leaders think about cybersecurity as a way to stop threats. But in today’s intensely competitive digital economy they should be thinking about cybersecurity as a strategic advantage that not only protects, but also enables new business value.”
While organisations must continue to work diligently to protect valuable data and assets, to achieve growth, the biggest opportunity comes when we make cybersecurity a foundational component of our digital strategies. As we enter the fourth industrial revolution, companies need a multi-layered architectural approach to security that will block known threats and malware, but also be alert enough to identify and contain unknown risks quickly.
There is something of a security perfect storm brewing as we move into an increasingly digitalised world. While no one can doubt the impact of security breaches on companies, it is getting more difficult to stay ahead of them. One reason for this, ironically, is the vast choice of systems and software companies have to get the job done in the best way.
The benchmark study explains that the challenge today arises because almost a quarter (23%) of MEA companies manage more than 21 vendors. This is not unique to the region though, and the worldwide figure sits at 21%. This system complexity leaves organisations with security stacks that are too complex to manage, administrators bombarded with too many alerts, and the increased likelihood of missing critical outcomes.
Meanwhile, attacks have got more sophisticated, and more damaging. Take for instance destruction of service (DeOS) attacks, where criminals no longer care about the bitcoins they can extract from companies as ransom but instead are selling their services to destroy targeted systems completely. And then, of course, today you also still get the employee who should know better but clicks on suspicious links in emails and opens attachments that they should stay well away from.
“Whether they are moving to the cloud, launching a new product or bringing on new digital devices, organisations need to start building an industry-wide culture where security is top of mind and integrated seamlessly into everything it does,” added Naidoo. “And while it’s never been easier to deploy new IT services, these may impact visibility and control mechanisms unless the way security is implemented and managed changes.”
This is where Cisco’s integrated, architectural approach to secure IT comes to the fore. There is an important difference between an integrated approach, where multiple point products communicate via point-to-point connections through APIs, scripts and other such mechanisms, and an architectural approach where all of the components are designed to work together, and natively share information.
Any system is only as strong as its weakest link, but with an architectural approach, an update only has to happen in one location to immediately contain threats across the entire system. This shared source of information reduces the risk of false positives, and a consistent user interface prevents human error. All of this pulled together also facilitates the automation of threat management so that only the most critical threats require human intervention. An added benefit is, of course, cost reduction, both regarding deployment, and in terms of operations. Yesterday’s security thinking can’t protect tomorrow’s systems, but a holistic architectural approach sets an organisation up for future success.