Cybersecurity – a risk that no organisation can afford to overlook
[Sponsored Article]
With cybersecurity breaches, including recent high profile attacks in Hong Kong attracting negative worldwide attention, they serve as a constant reminder that companies, regardless of their size, location or industry, cannot afford to overlook the need for robust cybersecurity practices.
Matthew Shriner, IBM Security, Global Security Intelligence Operations Consulting (SIOC) Partner, notes that whether it is a multination financial institution, large family operated business or an SME, in addition to financial and credit card cybercrime, well-organised cyber-criminals are increasingly fine-tuning their efforts to obtain and leverage higher-value data. Shriner says the demand for leaked data is trending toward higher-value records such as health-related personally identifiable information (PII), credit reports, and other commercially sensitive data. "Across the region, intellectual property, cutting edge manufacturing processes and new product design details are all vulnerable to cyber-attacks," says Shriner. Furthermore, as the adoption of new technologies such as big data infrastructures and cloud-based technologies increase the volume and spectrum of threats, it has become "mission critical" to monitor and protect the "treasure trove" or data lake of high-value information. "The increased threat of new product designs and sensitive data being compromised has placed cybersecurity issues at the company board level," notes Shriner.
With many companies using a fragmentary, disconnected approach to address their cybersecurity needs, Shiner says it is typical when IBM Security first engages with a client they will have as many as 80 security products supplied by more than 40 vendors – making security a complicated task by allowing the bad guys to hide between the cracks. In contrast, IBM's integrated security solutions correlate threat information and can automate a coordinated real-time response to threats across physical and virtual environments. "Any effective security strategy requires collaborative system integration between traditionally isolated security tools," Shriner says. This includes the sharing of real-time threat intelligence, centralising security policies and implementing consistent and coordinated policy enforcement strategies. "Adapting to a threat-aware, risk-based approach versus a compliance-based, box-checking approach is critical amidst the ever-changing regulatory mandates affecting organisations," says Shriner. For example, with potential fines anywhere from 2-4% of a company’s gross revenue for violating the EU General Data Protection Regulation (GDPR) rules, protecting GDPR data has become a cybersecurity imperative. The GDPR doesn’t just impact European companies, any organisation that stores, accesses, processes or uses EU residents’ personal data is subject to the regulation.
Widely recognised for providing one of the most advanced and comprehensive cybersecurity enterprise security portfolios available —top industry analysts -- including Gartner, Forrester, and IDC rank IBM as a leader across 12 different market segments — with more than 8,000 security professionals worldwide, IBM's X-Force team monitors more than 70 billion security events per day. Importantly, however, while IBM Security is used by major airlines, multinational healthcare companies, manufactures and global energy and utilities companies —and by 98% of the Fortune 500 list of top global financial services and banking companies — IBM's end-to-end solutions are designed to be utilised by any company regardless of industry sector or size. "IBM is the largest security consulting firm on the planet, however, our solutions are designed to cater to a wide range of clients" Shriner explains. By using IBM's X-Force solutions, companies with limited internal resources can outsource or implement security monitoring and penetration testing in a cost-effective way. "Depending on the size and structure of the organisation, the on-boarding of the X-Force solution capability can be done relatively quickly and seamlessly," says Shriner.
"From strategy and risk advisory services, threat management including design and deployment of SOC services in the cloud, on-prem or hybrid, incident response, and digital trust, IBM is able to help businesses to manage strong digital policies and continuously protect against emerging threats," says Ho.