Five Security areas to focus on to respond to today’s cybersecurity challenges
Blog: Capgemini CTO Blog
In the past twelve months, we have experienced an unprecedented acceleration in the digital transformation of business. As a result of the COVID-19 pandemic, digital transformation has ceased to be an item of differentiation and innovation but rather has become a survival theme. Besides, many companies have massively adopted working from home (WFH). Like digital transformation, WFH is not new, but it received a special impulse as a result of COVID-19. Still, for the same reasons, this was the year of the definitive explosion of e-commerce, social networks, investment applications, online games, streaming platforms, and cryptocurrencies.
In short, in the past twelve months, the world has experienced a brutal acceleration in digitization. Are we prepared to face these 2021 cybersecurity challenges, as a society?
The recent news of mega cyber incidents is an important warning sign – we may not be.
But then, what to do?
Below we present five points that we consider essential to respond to today’s cybersecurity challenges:
1) Identify business risks: Cybersecurity must be treated as a business issue. As with issues of social, environmental, and governance responsibility, cybersecurity must be understood as part of the business strategy. It should never be treated as a cost item within the technology budget; this practice has been observed in companies in the last 20 years and still is. But it is no longer acceptable since cybersecurity is a relevant topic for the business and on every board’s agenda. For this reason, it is essential to assess the level of maturity of the business cybersecurity program. Identify risks, assess them, and make decisions about which are acceptable and which are not; which should be mitigated, how and when; and perform emergency actions to mitigate risks that are considered to be excessively high for the business. And ensure that the cybersecurity programs work permanently by managing risk appropriately.
2) Identity management: A recurring theme when we do risk assessments for our clients is Identity management. The complexity and dynamism of processes and systems in today’s businesses makes controlling who accesses what data and why is quite challenging. But unauthorized access has always been the source of many leaks, fraud, and other serious cyber incidents. That is why a failed identity management represents a high risk for the business. We recommend that clients map the business functions and their data access needs; access profiles to systems; define processes for granting, altering, revoking access; and efficiently automate these mappings and processes.
3) Security of your applications: As we already mentioned, the current challenge of cybersecurity is the unprecedented acceleration of digital transformation and the exponential increase in the use of online systems – e-commerce, games, more diverse applications. So, application security is key. The pressures of business due to agile processes and the rapid offer of services and functionalities cannot impact the quality and security of the applications and services available online. Security should be an integral part of the development cycle (SecDevOps) and it should assess the risks, the built-in security features, the vulnerabilities of the code, and the architecture of the applications at the different stages of the process – even with the product ready and available, through periodic vulnerability scans.
4) Security in the cloud: Similarly, where we have a rapid migration of data loads and applications to public cloud environments, we run the risk of not working with the most appropriate architecture, features, and security controls for this environment. Not that the public cloud is insecure! But it is observed that many businesses are not clear about their security responsibilities in this environment, considering that some critical security controls are automatically handled by the cloud provider when in reality it is the business’s responsibility. It is important to make a case-by-case analysis of responsibilities – which includes considering which service model is contracted: IaaS, PaaS, or SaaS. The general rule of thumb is what is known as the Shared Responsibility Model, where customers are responsible for choosing how their data is protected IN the cloud, and the provider is responsible for the security OF the cloud.
5) Security operations: Another item worth mentioning is that of maintaining cybersecurity operations appropriate to the size of the business – ensuring that controls and tools adopted to mitigate risks are functioning and effective: collect and monitor logs, identify suspicious events, apply threat intelligence techniques, effectively manage perimeter security solutions, endpoint security solutions (antivirus, data loss prevention, among others), database security solutions, and so on. These operations will typically require 24/7 coverage and can be challenging for lean corporate cybersecurity teams. Luckily, there is a mature and important global market for providing managed security services that you can support.
It is worth remembering that regulations around the globe enforce cybersecurity in critical infrastructure, financial industries, and personal data protection, including the application of administrative sanctions and fines. In other words, failure to observe good cyber risk and privacy governance practices have very tangible consequences for the business: million-dollar fines, suspension of operations, reputational loss, among others. Failing to respect the rights of data subjects and neglecting cybersecurity is continuously more costly. Businesses cannot afford to disregard good cybersecurity postures in the post-COVID world.
Please contact us with questions about this article or to help you build an effective cybersecurity roadmap.
You can also follow me on LinkedIn.
To find out more about how we can help you, visit our cybersecurity services page.