Transformation is complicating an organisation’s security posture

Arun Shankar
September 15, 2019 11:19 pm

With the rapid increase in the attack surface, CISOs are left with the almost impossible task of manually managing privileged accounts and assets. For some organizations, digital transformation might mean embracing cloud technology, for others it may be the need to develop strong DevOps capabilities, and for still others it may be the need to plan for a wide adoption of IoT devices.

It is likely however, most CISOs will have to plan for a combination of all of these things. If you stand still, then this new digital world will consume you.

The role of CISOs has often come up in the boardroom. Their influence in this environment and the rest of the organisation is now critical to ensure security policies are adopted and followed. The best CISOs have a plan and are not afraid to make decisions that will ensure they are not the subject of a costly and embarrassing breach.

It is easy to point fingers when things go wrong but, in the world, we live in today, it is more complex than ever before. Take a DevOps environment. The development team will typically use high powered credentials, architecting business critical applications and processes in a cloud-based environment and sometimes production environments as well. The challenges this present to a CISO are enormous.

How do they balance the productivity of the business with the controls they require to deliver security? The huge increase in wearables, mobile and intelligent devices present an equally large problem. How do you control what is brought into the corporate environment, how do you protect it, how do you ensure you are meeting strict compliance mandates?

Digital transformation complicates the security posture. The world that’s been protected prior to the transformation was understood and quantifiable. It is now a world where solutions have to be dynamic, flexible and built for huge scale. The strategy, budget and ability to execute has to be right or the organisation will be at risk to attack.

Those solutions that have been made to look modern but built on a backbone that dates back 15 years, will struggle. Innovative products that solve the problem of speed, agility, visibility, control and protection will become those which solve the problems created by the modern world. The challenge is to enable and not restrict the productivity of the businesses that is being protected.

End users have to find a balance in their organisation to protect and not constrict, whilst facing a maelstrom of cyber-attacks.

John Hathaway, Regional Vice President, Middle East and India, BeyondTrust.

Key takeaways

  • The challenge is to enable and not restrict the productivity of the businesses that is being protected.
  • Solutions that have been made to look modern but built on a backbone that dates back 15 years, will struggle.
  • Top CISOs are not afraid to make decisions that will ensure they are not the subject of an embarrassing breach.

The challenge is to enable and not restrict the productivity of the businesses that are being protected.

Tags: