Ali Neil, the Director of International Security Solutions at Verizon, discusses the current cyberthreat environment and the re-think strategies CIOs need to undertake to build a successful security blueprint for 2019.
Last year was a year of digital acceleration, as new technologies such as 5G, Artificial Intelligence (AI) and next-gen cloud moved into the realm of reality and started to radically transform how business operations work. In particular, these technologies enable real-time insights that are changing business behaviours. Organisations are wanting to build a ‘Real-Time Enterprise’, where they can make business decisions based on what is happening right now, rather than what happened last week, or last month – and this is particularly the case when it comes to security strategies. So what does this mean for how businesses will work with their security providers?
Become a forward thinker with cyber intelligence
The first point to consider in the Real-Time Enterprise environment is that businesses no longer have to be the unknowing victims of cybercrime; there are now several tools at their disposal to proactively help them take on cybercriminals and lessen the impact a cyberattack may have. Cyber intelligence will be used in more meaningful ways this year and be recognised as the catalyst for greater proactive threat hunting and security awareness within the business. Utilising this ‘intelligence posture’ will enable companies to look under the covers of cybercrime and hunt threats earlier in the game, increasing detection speeds and response for more timely containment of threats.
However, selecting the correct intelligence partner is key – so consider this decision carefully. Companies should look to suppliers that have access to intelligence based on a broad sweep of data traffic that’s cross-checked with other sources – this will provide a well-rounded view. For example, at Verizon, we cross-reference data from our global IP network and our Managed Security Services engine with intelligence gleaned from over a decade of analysis from our DBIR series – this enables us to offer our customers a treasure trove of cyber intelligence that is hard to beat.
Enhance visibility of the cyber-risks out there
Research also shows that 90% of board members do not understand the cyber-risk profile of their business and considering today’s changing threat landscape, this leaves many business vulnerable to the cyber dangers out there. Preventing and responding to cyber-risks requires real-time visibility on the real-time cyber environment.
Verizon Risk Report is an information framework that is designed to introduce businesses to the concept of viewing their own security posture – an outward and inward valuation of cyber-risk. CIOs making a business or purchasing decision can use this dynamic snapshot of their risk profile to adapt their security posture in real-time to address any identified gaps.
We will see this type of solution become more sophisticated as the year continues. More value-add partners will be introduced so that these frameworks can embrace threat analysis from varying perspectives to deliver an even fuller view of the cyber-threat environment for customers.
Look for a strategic partner, not a transactional supplier
With new technologies disrupting traditional business models, we also can’t expect the supplier relationships of the past to remain unchanged. A rethink is required. Security has changed – it is no longer simply about boxes, solutions and products, but rather intelligence, insight and consultancy. It is no longer a one-off or monthly transaction, but rather an ongoing journey that needs to adapt as cyberthreats evolve, technologies develop and business needs change. Businesses need to align themselves with a security strategy partner who understands this shift and recognises the need to grow alongside their customers.
Strategic partners will unite unique combinations of technology know-how, professional service expertise and global service model, to make real-time security a reality, optimising security operations to work in a real-time environment and beyond the traditional security perimeter. They will be able to pull cyber response teams together when required and run to the cyber crisis to get it under control and resolved quickly and efficiently.