Addressing the new cyber security landscape
The security landscape has evolved at a rapid rate with global attacks like WannaCry and Petya hitting global headlines within weeks of each other. No companies are immune, from global advertising agency WPP to Deutsche Bahn. And it’s not just the big fish who are being targeted by cyber criminals. SMEs are equally at risk and are suffering losses as a result, with ransomware attacks doubling last year.
Headline spinning cyber-attacks don’t just happen overnight; it’s a combination of factors that is leading to a changing cyber security landscape across Europe and globally. From the rise of cloud, to the disruption of IoT, protecting businesses has become more complex. Coupled with the upcoming General Data Protection Regulation (GDPR) and the widening IT skills gap, a traditional approach to cyber security no longer is robust enough to fight the rapidly evolving cyber threat landscape.
Here we explore the challenges and emerging trends that are shaking up global cyber security strategies…
Preparing for GDPR
The upcoming GDPR is set to dramatically alter the way that cyber security is handled in Europe. With less than a year until the regulations take effect, the clock is ticking for businesses to ensure their data is adequately protected. But despite this, many businesses are failing to take the regulations and associated penalties seriously. In fact, a recent report from Spiceworks highlighted that only 28% of European companies and 5% of American businesses have started preparing for GDPR.
A spectrum of responses, from Security Operation Centers and encryption to identity management are being explored to better defend organizations against attacks. With encryption, GDPR fines will be greatly reduced as it offers another layer of protection across the data journey.
As a last resort, companies are also investing heavily in cyber security insurance. FICO and Ovum recently highlighted that the industry will also need to better prepare the market for the rising cost of insurance pricing and damage control.
The rise of cloud
The typical data journey has changed as data is now being pushed through the cloud. Enterprises are having to readdress security operations as the cloud has become the new endpoint. In recent years, security efforts focused on the data center, but now protection will need to be shifted more heavily towards the cloud. To readdress this, big data technology, including machine learning and business intelligence at all levels will be required for added protection, from the endpoint to the data center and the cloud. This includes next generation Prescriptive Security Operation Centers and threat monitoring across the dark web, IT, OT and connected devices.
Managing object identity
Identity governance is key to succeeding in the new cyber security landscape. With IoT devices set to reach 20.4 billion by 2020, companies are having to consider object identity management as well as human access. Last year’s DDoS attack on OVH, where attackers targeted the company via IoT devices including CCTV cameras and personal video recorders, will become more commonplace as attackers look for new ways to access the business. To combat this, companies are investing in next generation identity management and governance technology with advanced encryption in the cloud and the data center. Solutions like this will better protect companies against post quantum resistance and the changing IT security landscape.
Addressing the cyber security skills gap
Even companies with the most cutting-edge security technology will fall short without access to best in class security professionals. At InfoSec 2017, Frost & Sullivan revealed that Europe will face a shortage of 350,000 IT security staff by 2022. This news will come as no surprise as security professionals have become one of the most valuable commodities in labour market.
In the long-term, governments will need to place cyber security on the curriculum and universities will need to invest in more robust and up-to-date security courses. In the meantime, companies should look to move from an internal response to a managed security services approach to combat the current threat. By collaborating and outsourcing security, companies can seek the talent they need to better protect their business.
A new approach to security
A holistic approach covering security governance, and a balance between business efficiency, protection and compliance is needed to succeed in today’s volatile cyber security landscape. Disruption from cloud and IoT has changed the nature of security as we know it. By focusing on traditional endpoint security, access management for both humans and machines, as well as data center security and cloud access protection, companies can better prepare themselves against an attack.
To find out how to better protect your business, please visit https://atos.net/en/atos-technology-days
Atos Technology Days 2017 : Watch Chris Moret’s video At the Atos Technology Days 2017, we have showcased the latest in security innovation. If you’d like to find out more about the event, please visit Atos Technology Days