Connect with us

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website. .

Technology

Security Ecosystems: A cyber security approach to call your own

iStock 1314860311 - Global Banking | Finance

By Adam Louca, Chief Technologist for Security, Softcat

Organisations are rapidly adapting to deliver new digital platforms and services for their customers and staff, creating an IT environment that is constantly in flux.

But your security strategy doesn’t have to be.

When it comes to cyber security, it’s all about balance. Balancing board-level expectations, infrastructure efficiencies, costs, and talent. All the while, you need to deliver on your Cyber Security Improvement Plan.

Despite spending on security solutions reaching a peak, industry surveys and breach rates consistently point to the flaws in a siloed approach, where organisations rely on a mix of standalone tools for protection.

What’s needed instead is a more holistic approach to security management.

A game of cat and mouse

Cybersecurity is a cat and mouse game between hackers and defenders; a game with higher and higher stakes as our reliance on technology grows.

But unlike in Tom and Jerry, the Toms are winning…the hackers.

The cybercriminals of this world have become expert hunters, leaving organisations (the Jerrys) increasingly vulnerable.

Cyber security is one of the greatest challenges organisations face today, with the potential to threaten finances, halt operations and shatter carefully built reputations.

And it’s a threat that’s being taken seriously too. In fact, over the past four years, Softcat’s customers have consistently ranked cyber security as their priority area for tech investment.

Yet, despite global cyber security spending projected by Gartner to exceed $150 Billion in 2021, cybercriminals continue to land successful attacks with relative ease…and regularly.

A shift in security management

The rise in cybercrime has a lot to do with changing norms and technology adoption, and the pandemic was the perfect storm for threat actors.

The rapid shift to homeworking, financial pressures and mass cloud adoption gave cyber criminals a window of opportunity to take advantages of the gaps in security.

They were also quick to focus more effort on timely social engineering techniques to capitalise on anxieties, fears and the chaos that COVID-19 caused.

There’s also a widening skills gap affecting the cyber security sector, leading to stretched IT teams with less resource for ongoing security management and threat response.

Add to the mix an expansive vendor landscape, creating fragmented visibility and manual workflows, and you can see why organisations can struggle to make the right security decisions.

But within security infrastructure there’s untapped value to be found; a more holistic approach needs to be taken to give greater visibility and coverage. And an integrated security ecosystem can deliver this.

How to create a security ecosystem

Simply put, an ecosystem is a group of technologies that work together on one platform to provide an outcome greater than the sum of its parts. Technology, all in harmony.

This optimises cyber spend, increases efficacy and maximises investments, meaning you’ll be able to better respond to threats and fight back. The odds are suddenly in favour of the Jerrys.

Organisations have the flexibility (dependent on need) to take a platform or partnership approach. This can be formed by products built by separate expert vendors with a deep specialism in a specific area or technology; products built by the same vendor across a wide range of areas, so you gain a broader set of tools within the same platform; or technology built by separate vendors and represents a deep specialism but acts and functions as an integrated platform.

So, if you’re looking to shift to a holistic security approach, follow these five steps:

#1 A security spring clean

Before you start, understand where you are now and where you want to be. Think of it like a security-based spring clean – what can you keep and what do you no longer need?

It’s important to be self-critical and honest, and to do that you need input from your broader team. It’s a great opportunity to consolidate and optimise, so you need to gain a real and true picture of what’s in place as a starting point.

#2 Set your priorities

Only when you understand what you have and what does and doesn’t work can you confidently say what you need from your security ecosystem.

Are you trying to reduce your number of vendors? Do you want to simplify your security solutions? Are you looking to retain the most valuable and remove the cheaper options?

Answering these questions will help you to work out the criteria for your ecosystem. There is no right or wrong answer – your ecosystem will be as unique as your business.

#3 Get grouping

Duplication of capabilities can lead to unnecessary spend, complex and time-consuming management processes and an overlap of data.

Look to where you can group technologies, depending on their purpose or features. This can help you to identify overlap and spot opportunities to consolidate and streamline. This, in turn, will simplify how you detect and respond to incidents.

#4 Fill in the gaps 

Once you’ve finished your spring clean, you may notice some gaps that need to be filled.

For any new technologies, you’ll want to consider vendors and tools that naturally integrate together to get the best from each. If they don’t, you’ll create siloed visibility and reduce your ability to detect security events.

There’s no one-size-fits-all approach; it’s entirely down to your unique business needs and priorities. Working with a vendor-neutral partner can help identify the right technologies and mature your security posture over time.

#5 Don’t be complacent

Once you have your personalised security ecosystem in place, it isn’t job done.

Staying organised is an ongoing job. Define your roadmap and always check your progress against it and monitor whether the right things have changed. And if they have, by how much.

You can share this progress with the wider business to support future funding, build more trust and get backing for any projects further down the line.

Global Banking & Finance Review

 

Why waste money on news and opinions when you can access them for free?

Take advantage of our newsletter subscription and stay informed on the go!


By submitting this form, you are consenting to receive marketing emails from: Global Banking & Finance Review │ Banking │ Finance │ Technology. You can revoke your consent to receive emails at any time by using the SafeUnsubscribe® link, found at the bottom of every email. Emails are serviced by Constant Contact

Recent Post