But, security is not my job

In today’s fast paced climate where employees are exceedingly tasked with taking on more responsibilities, the questions over where responsibilities reside may be riddled between functional domains and organizational silos.

Some leaders may be asking ‘Are we still talking about phishing?’

Meanwhile, despite the increasing levels of complexity in sophistication of cyber attacks, when asked, security professionals cite ransomware and phishing as top concerns according to Dark Reading:

According to the article, when asked which type of attacks worried them most, 61% of IT security professionals cited ransomware, followed by 54% for phishing attacks. These statistics are significantly higher than last year’s survey, where 41% said they were concerned about ransomware and 31% about phishing attacks.

According to IBM Cost of a Data Breach Report 2021, which examines ways to mitigate risks also notes:

Data breach costs rose from USD 3.86 million to USD 4.24 million, the highest average total cost in the 17-year history of this report.

Too many point solutions and not enough skilled resources – over-burdened and over-busy?

From fragmentation to strengthening partner alignment – taking the first steps: Getting in front of threat actors by protecting initial access points.

For example, did you know that if you are an IBM QRadar customer, Proofpoint’s Secure Email Relay solution was recently verified and published to the X-Force App Exchange:

Secure Email Relay (SER) is a hosted SMTP relay that secures application transactional email using your company’s domains. Internal or 3rd party applications connect to SER in a secure manner and all email is DKIM-signed and scanned with Proofpoint anti-spam/anti-virus technology prior to being distributed to the Internet.

Improving mitigation through awareness and education:

As the number of devices continues to proliferate along with the IoT and hybrid cloud, organizations are shifting to Zero Trust architectures.

Cisco defines this as:

Zero trust explained – What is zero trust?

Zero trust is a strategic approach to security that centers on the concept of eliminating trust from an organization’s network architecture. Trust is neither binary nor permanent. We can no longer assume that internal entities are trustworthy, that they can be directly managed to reduce security risk, or that checking them one time is enough. The zero-trust model of security prompts you to question your assumptions of trust at every access attempt.

How is a zero-trust approach different?

Traditional security approaches assume that anything inside the corporate network can be trusted. The reality is that this assumption no longer holds true, thanks to mobility, BYOD (bring your own device), IoT, cloud adoption, increased collaboration, and a focus on business resiliency. A zero-trust model considers all resources to be external and continuously verifies trust before granting only the required access.

How is your team addressing these topics today?

How can we bridge these gaps and help accelerate projects with confidence?

Avoiding the pitfalls of stalled or cancelled projects and prevent ransomware attacks.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: