Cybersecurity today is similar to an arms race. Enterprises need to stay one step ahead of cybercriminals to protect their sensitive information and reputation. Siloed approaches and point technical protection technologies are no longer effective to counter the emerging sophisticated threat scenarios of today.
In a recent Infosys survey of executives in large organisations, more than half (54%) of the respondents said poor integration between tools and different solutions was one of their topmost cybersecurity challenges. As a result, 51% of the organisations are wanting to focus on integrated security solutions instead of point solutions.
Certain industries such as healthcare and life sciences (59%) and banking, financial services and insurance (57%) are prioritising integrated solutions even more due to the impact of regulatory requirements relevant to their industries.
Let’s explore how integrating security solutions across the enterprise, can help build a reliable, effective defense.
Why and what to integrate?
It is important for an organisation to protect itself against risks as a complete entity instead of protecting individual processes, interaction points or systems. To do this, it needs to have visibility into the entire threat landscape. Such a view is seldom provided by point solutions. In addition, fast-changing cybersecurity threats often cannot be handled by point solutions and disparate implementations.
Today there is a need to integrate across multiple dimensions:
Integrate across multiple cybersecurity technical solutions to improve the effectiveness of the controls. Example – integrating multiple security tool alerts with a central security information and event management (SIEM) system that can co-relate and identify events that cannot be found from monitoring of single tool alerts.
Integrate across physical and logical security especially due to an increase in the IT-OT and IoT convergence. Unprecedented and serious physical damage is possible with cyber attacks due to IoT proliferation. Medical devices, smart homes, and smart cars are already being hacked with ease.
The integration of cybersecurity across digital-transformation initiatives
Most organisations began their digital transformation journeys with a view to optimise processes, improve efficiency, deliver better customer experiences, bring speed or encourage innovation. Cybersecurity and compliance are often viewed as restrictive since they slow down the digital initiatives with additional activities that may be cumbersome, expensive and time-consuming. Fortunately, with increasing incidences of loss due to cybercrime, companies are waking up to the need of having a strong cybersecurity strategy as a fundamental ingredient of any digital initiative. As per the Infosys survey, virtually all (94%) respondents said their digital-transformation efforts now include cybersecurity.
The principles of secure by design and privacy by design can play an important role in ensuring that security is embedded at the beginning and in every stage of the business cycle. Standard security guidelines and checkpoints for validation are best practices that organisations can adopt during software development life cycles, be it waterfall, agile or DevOps. Security also needs to be designed into every enterprise architecture. Privacy-related regulatory mandates have made it essential to incorporate privacy by design in almost every project. This plays a key role for organisations to gain digital trust which is a huge competitive differentiator today.
The integration of cybersecurity across people, processes, and technologies. Cybersecurity needs to be all-pervasive in an organisation as threats could arise from people, systems or processes. Employees’ low awareness of cybersecurity threats is a top concern among more than three-quarters (76%) of executives and a shortage of security skills worries nearly half (49%) of them.
Most often cybersecurity incidents are triggered by ignorant or careless employees because they were not trained or made aware of their role in keeping the organisation safe from cyber threats. Security awareness sessions, training on anti-phishing, data classification and usage can convert employees into sentinels for an organisation. It makes no sense for an organisation to invest in costly cybersecurity tools without also ensuring its employees are trained in using them. For example, DLP solutions are not effective if proper data classification policy and process is not defined. Similarly, the tool and policy are not of much use if the users are not enabled and trained on different classification levels and how to classify the information and documents created by them.
Next steps to integration
An integrated approach can deliver a unified view of an organisation’s security posture, predicting threats and supporting fast and effective responses. A good solution will not only be proactive against threats, but it should also protect data, manage identities, take care of regulation and compliance – all this with intelligence that can be shared and automation across applications and networks.
To create an integrated cybersecurity defense is neither simple nor easy. But it’s the best way to prevent cybercriminals from picking off your defences one at a time.
Views are personal.
The author is chief information security officer and head, cyber security practice, Infosys.