Cybersecurity vs. Business as Usual

 LinkedIn Post

IT System Security Issues vs. Business as Usual

Organizations are facing rapidly evolving security challenges.  Conducting business within the ramifications of “business as usual” is increasingly dangerous. Challenges are coming from the changing nature of security attack vectors and the changing applications and the supporting backend infrastructure. Large and small organizations are known for siloed cultures and risk-averse decision making. From the business point of view, failing to address these challenges means competitive disadvantages, less efficiency, legal problems, compliance audit issues, and the lost productivity potential. From the technical point of view,  increased complexity of access and data management is a fact of life, and it will only get worse. There is a significant business opportunity to automate or simplify the technical side, but a security management magic wand does not exist yet.

Organizations must take necessary steps to enable access to core business systems, especially when there are the tenured or legacy systems are mixed with brand new platforms on the backside and customer-facing side. Due to the nature of client-side applications, web-based and native mobile apps are essential with virtual reality platforms just around the corner. PII (personally identifiable information) is subject to regulatory audits. Access control and MFA (multifactor authentication) and  IAM (identity and access management) are implementation cornerstones for PCI DSS (payment card industry data security standard and GDPR (general data protection regulation).

All the points mentioned above are known to most IT people. It appears, however, that new waves of threats and newly discovered vulnerabilities magnify the importance of security in targeted organizations.  Those who are still unaffected by all this should be able to read this excellent book: Botnets. Architectures Countermeasures and Challenges in relative calm.