Matching cybersecurity personas to transformation

Feature
December 20, 2020 7:33 am
Dr Moataz Bin Ali, Vice President, Trend Micro, Middle East and North Africa.

Digital transformation is when organisations replace manual processes with digital processes and increasingly run on hybrid cloud environments. As digital transformation increases the corporate attack surface, IT leaders require enhanced visibility, detection, and response—not just at the endpoint, but across all key IT layers.

Infrastructure change widens an organisation’s attack surface for threat actors to target. While over 90% of threats still arrive via email, not all are phishing. File less events designed to bypass traditional security are increasing, while business email compromise and ransomware attacks evolve. Many organisations do not have the in-house skills to secure a rapidly evolving IT environment, giving threat actors ample opportunities to cause considerable damage.

Technology is central to driving an organisation’s growth, and it is especially important for organisations to incorporate cybersecurity into their digital transformation. Middle East organisations need to incorporate cybersecurity solutions across their cloud, automated threat detection, endpoint detection and response, targeted attacks and ransomware, and for manufacturing firms their OT and Industrial Control security.

Business heads need to understand the costs involved with cyber-attacks – across business downtime, leaking of or encryption of data by malware, and the loss of customer trust. Business heads should work closely with technology heads to understand the cybersecurity risks, to develop the KPIs, to ensure automation can detect threats and roll out patches and updates, and support employees in practicing proper cyber-hygiene.

CIOs can guide secure digital transformation by solutions, KPIs, and enhancing employee processes.

Since the lockdown, more than three-quarters 72% of remote workers worldwide say they are more conscious of their organisation’s cybersecurity policies, according to Trend Micro’s recent study Head in the Clouds.

However, many employees are still breaking the rules due to limited understanding or resources. Organisations should not have a one-size-fits-all cybersecurity strategy, but rather tailor cybersecurity strategies to the most common information security personas. Each persona Fearful, Conscientious, Ignorant, and Daredevil, is based on employee attitudes and behaviors on risk awareness, management, and avoidance, and personal accountability.

While endpoint detection and response has become a partial solution to cybersecurity issues, it is not enough. Security teams need visibility across the entire IT environment to better contextualise and identify threats. 

Trend Micro XDR provides visibility, detection, and response not just at the endpoint but also across email, servers, cloud workloads, and networks, and then applies AI and expert security analytics to correlate and identify threats.

Research by Trend Micro and ESG shows that organisations that have invested in XDR-like automation techniques would experience enriched outcomes, including faster identification of complex attacks, improved response times, more efficient use of security personnel, and an overall improvement in security posture.

Dr Moataz Bin Ali, Vice President, Trend Micro, Middle East and North Africa.
Dr Moataz Bin Ali, Vice President, Middle East and North Africa, Trend Micro.

Key takeaways

  • Digital transformation is when organisations replace manual processes with digital processes.
  • As digital transformation increases corporate attack surface, IT leaders require enhanced visibility, detection, response.
  • Infrastructure change widens an organisation’s attack surface for threat actors to target.
  • Technology is central to driving an organisation’s growth.
  • It is important for organisations to incorporate cybersecurity into their digital transformation.

 

Tags: