By CLEMENT ARUL
We live in an age dominated by technological improvements, feeding on our desire to be evermore connected.
With this, comes an expectation that access to systems and data will be available from anywhere, at any time. However, it is precisely this demand for real-time access from any location that dramatically increases our risk profile.
This makes controlling corporate data one of the most painful yet vital challenge for cyber security today.
In short, convenience exposes more attack points – decreasing our defence systems against malicious entities. Cyber security is always in the headlines due to increasing global data breaches and exploitations.
Roadblocks to cyber security
The common reasons for the current state of security are:
Growth of new threats
Organisations are not able to keep pace with the volume, velocity, and variety of threats that are emerging every day.
They must guard against rapidly changing threats, ranging from traditional malware to sophisticated, state-sponsored attacks.
Each industry faces intense pressure to bring innovation to the marketplace, connect with customers, improve operations, and collaborate with partners and suppliers – all of which can present new risks to the organisation.
Mobile applications, third-party cloud-based services, outsourcing, Internet of Things (IoT), Industry 4.0, digital transformation, and more put key business initiatives in direct conflict with cyber security policies.
Organisations must quickly respond to these conflicts, assess potential threats, and allocate resources to minimise risk and ensure compliance and security.
Lack of resources
Organisations have limited IT resources, lack of internal security expertise, struggle to hire security talent, and insufficient funds.
The weakest link
With all the news stories about hackers, botnets, and breaches involving personal information, it’s easy for the security message to sound over-used and tired.
It’s easy for people to say, ‘It won’t happen here.’
Yet, studies and surveys repeatedly show that the human factor (what employees do or don’t do) is the biggest threat to information systems and assets.
Most organisations have invested in various security technologies to protect their infrastructure and data, putting in place solutions such as firewalls, Intrusion Preventions System (IPS)/ Intrusion Detection System (IDS), encryptions, and many more.
However, many of these same organisations have failed to address the human element. People, just like computers, store, process, and transfer highly valuable information.
Yet, people remain highly insecure, since so little has been done to educate them. As a result, cyber attackers are actively targeting the human element.
Until you address the human issue, technology alone cannot secure your organisation.