It’s common knowledge that the war against cyber crime is not being won, and that the security industry is playing a catch-up game at best. In fact, it is many security professionals’ assertion that we cannot keep threats out of our networks, and thus we need to focus on containment and mitigation only.
Lutz Blaeser, MD of Intact Security, believes relinquishing importance on prevention is a bad idea, and equates to surrendering the cyber war. “In the info security world, however, we are definitely seeing a move towards network security, governance and vulnerability management.”
He says some success is being seen in terms of protecting networks and data, but improvements are needed. “Even as we work towards better security, and more advanced tools, hackers are coming up with more sophisticated and cunning weapons with which to bypass them.”
Moreover, he says in conjunction with the growing threat from outside entities, we are dealing with an increased threat from within, that of shadow IT. Shadow IT is a term used to describe tech systems and solutions that were created and applied within organisations, without their approval.
“It usually starts when a department within the business feels hampered by what they see as the technical department’s failure to provide them with what they think they need, and they go off and create their own solution, without technical knowledge. IT will only become aware of this once a technical issue occurs, or when integration with other application within the enterprise is needed. As you can imagine, this causes many headaches for the technical team.”
According to Blaeser, the buck ultimately stops with the IT department, whether this is fair or not. However, in the event of a security incident, IT will have to deal with the CEO, regardless of who may be at fault. “The challenge, of course, is how to find and secure all these shadow IT applications within the enterprise.”
Understandably, few technical departments have the resources to handle the multiple requests that all these applications and users would generate, but a plan needs to be made, as the fallout should a breach occur due to shadow IT could be catastrophic, he states. While there is no silver bullet to fight the shadow IT problem, there are several measures IT can take to minimise the problem and identify any problems before they become a major threat.
Firstly, he advises to monitor outbound traffic, as this is the best way to ensure you know what is going on inside your company. “Firewalls focus on incoming traffic, but can be configured to keep logs on outgoing traffic too, and once you know where the traffic is going, you are better placed to pinpoint any applications you were unaware existed. Moreover, once you are better aware of outgoing traffic, you are better able to control it.”
In addition, he says user education is vital. “Most employees have a vague idea of the risks, but are quite happy to ignore them. Others are completely ignorant, and have no understanding of the situation. Educate your staff on security in general, and make shadow IT a part of that discussion. Do not leave executives out of this training and education. Once C-level executives are aware of the dangers of shadow IT and the potential fallout it could cause, they are far more likely to come on board and help control the problem.”
Behind the screen….. Intact Software Distribution is a dedicated software distributor focusing on providing a full range of security software solutions, coupled with the service performance and know-how of an experienced and specialised solution provider.
- Human capital from a different view | #LunchtimeSeries | Kevin Britz | Robyn Shirley | Regenesys | Human Resources | #Podcast | #ebizradio - July 28, 2021
- How do you get a promotion in these times? | Change Conversations with Mpume | Mabatho Takalo | #Careers | #Insight | #Podcast | #ebizradio - July 27, 2021
- The essence of luxury | AXOR ONE |#Lifestyle | #Design | Barber Osgerby | #ebizradio - July 27, 2021
- LOCAL GAMING CONTENT HUB GIVES SA STREAMERS A CHANCE TO SHINE | #Gaming | #Esport | Mettlestate | #ebizradio - July 27, 2021
- You equate money with your self worth – Its time to change that | #BrunchWithBjorn |#Money | Jade Fedder | Jade Coaching | #Podcast | #ebizradio | Björn Salsone - July 27, 2021
- URGENT PUBLIC APPEAL – South African National Blood Services is in desperate need of blood donations | #PayItForward | #Podcast | #ebizradio - July 26, 2021
- You need to haul out that ENTHUSIASM | #LunchtimeLeadership | #LeaderShip | Kevin Britz | Naomi Basson | Podcast | #ebizradio - July 26, 2021
- I’d rather be fired! | The Light #LeadershipDiaries | Michael Lebona | Thabani Msomi | Nkodwanda Mbanjw | Katlego Modise | #Podcast | #ebizradio | #Insight - July 26, 2021
- The Marketers Measurement Dilemma #LetsTalkDigital | #Digital | Audrey Naidoo | Neil Pursey | Measurebyte | #Podcast | #ebizradio - July 26, 2021
- Why are consumers encouraged to save even in these tough times? | #Money |#Insight | #FSCAMyMoney | Lyndwill Clarke | #ebizradio | FSCA - July 23, 2021