IT arena is like a security battle ground, where internet is fundamentally open considering the major far-ends like social media, mobility, cloud, virtualisation etc which leads to targeted attacks.
On any given day; any organisation can suffer irreparable harm at the hands of cyber- attackers. No organisation is too small or too big for this.
Unfortunately this battle field is not symmetric. The attackers have the clear advantage. Defenders have to protect a wide perimeter while the attackers only need to find one hole to inflict massive amount of damage.
To make this situation even more complicate attackers are well organised now and collaborate with one another. Attackers operate globally in a relatively low risk environment with little chance of getting caughtMO.
(Read more: Top 5 things a CISO should evaluate to benchmark an IAM solution)
Recent trends impacting IT arena:
Cloud computing
- Adds interesting challenges to organisations
- How is data protected on the move or at rest
- Contracts with cloud provider for security
Consumerisation of IT
- Personnel and professional tools integration to bring productivity
- Control hardware diversity and application support
- What happens in case of security breach
Virtualisation
- This is really exploding
- Consider; is traditional security solution perform as expected
- Virtual Machines introduce new security and compliance risk
Mobility
Mobile device usage is growing rapidly. This trend increases target on these devices. Social engineering is the art of tricking someone. This is much easier than targeted attacks. These are much more effective results in good success. Evaluation of technology trends needs to have security in the process
(Watch more : Checklist: How to choose between different types of Application Security Testing Technologies?)
Recognise and capture risk
Some movies show cyber attacks. These movies show awareness of cyber attacks and hackers but have shown very little to the general public about how security works.
In this era of too many different threats with so many products to secure measuring the impacts of security is more important.
In my experience creating fear will surely fail to funding regularly best way is to communicate impact of the threat ensure security measures are proactive.
More: Want to become a speaker and address the security community? Click here
Comments