Businesses are demanding and implementing new solutions that enable them to streamline operations, cultivate new business opportunities and provide better services to their customers. These new solutions require CSOs and CISOs alike to maintain protection of their company’s and customers’ assets even while moving the control of network, platforms, applications and data beyond the traditional technologies and boundaries of their business.
Yet, along with operational uncertainty, adding additional network and provider layers makes it difficult for businesses to sustain visibility into their current security posture with assurance that a breach has not occurred.
In addition, the speed with which new solutions can be implemented has real financial consequences for many businesses. Meanwhile, the challenges posed by attackers continue to escalate in ability and complexity, and the processes to keep incident response plans up-to-date and effective continue to be deficient in most companies.
Both are clearly documented in our annual 2017 Global Threat Intelligence Report, while our GTIC 2017 Q2 Threat Intelligence Report shows that cyber attacks are occurring more frequently and with greater sophistication. Of the extensive information included in the report, four findings are of extreme concern:
- Cyber attacks were up 24% globally during Q2 2017
- Manufacturers continue to be a key target for cybercriminals (followed by finance, healthcare, business services and technology)
- 67% of malware attacks were delivered by phishing emails
- The speed of attacks continues to increase exponentially once proof of concept code is released
For businesses that are undergoing a digital transformation, the following are critical success factors that CSOs and CISOs must consider:
- Adaptability: The existing risk, security and compliance programs and controls must be able to adapt at the same rate that new solutions can be implemented
- Risk Insight: The security risks imposed by new solutions and the most appropriate counter measures must be assessed quickly and accurately
- Business Resilience: The business needs to be able to initially adopt and continue to operate these new solutions securely
It’s easy to be overwhelmed by the demands of running an existing security program while simultaneously adapting new business solutions that use the cloud, mobile / remote computing, and/or SaaS applications. But no matter the current maturity of a security program, new demands created as a byproduct of the digital transformation process should be viewed as an opportunity – one that will further refine cyber-defense architecture and increase business resilience.