United States continues to ensure an adequate level of protection for personal data
January 14, 2019Addressing the GDPR Compliance Challenges In Blockchain Technology
January 14, 2019Does technology diversity drive a better overall privacy and cybersecurity platform using professionals as a part of the security system or is digitisation the only option.
There is now a lot more data to defend, as the information footprint has expanded beyond the control of IT and cybersecurity. The increase in new cyber threats per day in the last decade has gone from 25 to over 500,000.Therefore, both businesses and governments must remain agile, competitive and need to stay within acceptable levels of operational risk, IT and cybersecurity threats.
More than 85% of companies have experienced a breach in the past three years.Companies do not or cannot move fast enough, despite seemingly significant efforts and investment when it comes to privacy, data protection and cybersecurity. Since it can take months or in a few instances even years to detect a security breach, in-house professional resources are not keeping pace with the increased volume of attacks and sophistication of the challengers.
At a recent cybersecurity event we surveyed the participants and asked what it would take to overcome the overarching cybersecurity challenges that drive cybersecurity strategies:
- The best-of-breed or defense-in-depth approach; by bypassing IT with cloud services and personal devices as many users are IoT with specialised endpoints; as more traffic is encrypted and invisible to IT, as enormous amounts of data are therefore placed in the cloud.
- Integrated platform approach; as containing and remediating a breach can take a long time, giving the challengers latitude to achieve their objective and inflict financial and reputational damage.
The results were split in half and into two groups:
Half of the group favoured a best-of-breed approach, believing that self-integration of disparate technologies with manual processes delivers the best security outcomes.
The other group wanted efficiency as a critical component to success. They favoured an integrated IT and platform approach. An open and integrated GRC security framework that enables consolidation and automation for better overall security results.
In both situations’ companies cannot solve the growing cyber security complexity and risk equation by adding more human capital. The speed and scale of the cyber issue require the combined efforts of human and machine processing.
More than 60% of organisations report that their GRC and IT security department is understaffed[1].As was the case for compliance professionals in the Financial Services industry within four years, there will be a shortfall of nearly 2 million qualified cybersecurity professionals.
Therefore,Let the 2019 strategy have the following components to ensure that:
- Create a cyber defence strategy and implement it
- Ensure that cyber attacks do not that compromised stakeholder privacy reputational damage or business operations
- Ensure that with a fully-implemented cybersecurity plan companies can identify the cause of the breach and resolve it within one month
- To prevent attacks include employee training programs, comprehensive information security strategies, recruitment of high-skilled IT employees, cyber security behaviour analytics and enhanced proactive monitoring and auditing capabilities.
- Perform a Scenario planning exercise or workshop to include the strategies as well as components like advanced multi-factor authentication technology, cyber insurance, robust cyber incident response and recovery plan.
Therefore, our GDPR seminars https://www.eugdpr.institute/events/include a GRC, Data Privacy and Cybersecurity component to emphasise that a fully implemented cyber strategy and trained staff result in organisations to be better prepared for cyber attacks.
Let the GRC IT Security 2019 strategy have the following components to ensure that:
- Create a cyber defence strategy and implement it
- Ensure that cyber attacks do not that compromised stakeholder privacy reputational damage or business operations
- Ensure that with a fully-implemented cybersecurity plan companies can identify the cause of the breach and resolve it within one month
- To prevent attacks include employee training programs, comprehensive information security strategies, recruitment of high-skilled IT employees, cybersecurity behaviour analytics and enhanced proactive monitoring and auditing capabilities.
- Perform a Scenario planning exercise or workshop to include the strategies as well as components like advanced multi-factor authentication technology, cyber insurance, robust cyber incident response and recovery plan.
[1]according to an A.T. Kearny report.