Visibility | Skills | Context | Agility

Posted on by

The risk of cyber attacks is growing constantly and this is something corporations around the world are coming to grips with. One major challenge is that most organizations do not have the ability to quantify this risk.

This is one of the reasons that so many companies have a blinkered approach of “nothing has happened, everything is running, so we are okay”.”

It has been said that there are three types of organisations out there:

  • Those that have already been breached and don’t know about it (my research suggest that these are in the majority).
  • Those that have been breached and have some idea of the scope and consequences and will be counting the costs for years to come.
  • Those that will be breached.

All companies are challenged by the following :

  • Visibility

Having an accurate view on their security posture on an on-going basis. This includes a view on their compliance requirements (ISO, PCi, POPIA etc.) and how their people, process and technology decisions are enabling them to meet their compliance, legislative commitments, etc.

  • Skills

The lack of specialist skills to ensure they extract full value from their technology investments and also that these technology investments are doing what they should to assist in adherence to compliance requirements.

There are never enough truly specialised skills available, so one or two generalists land up having to do everything – this is quite commonplace and it is fertile ground for the bad guys.

We are human and cannot function 24x7x365 – the bad guys on the other hand never seem to stop.

We cannot digest and interpret the huge volumes of information from multiple sources to detect the “blip in the radar” that indicates something is afoot.

  • Context

Extracting actionable security insights from all the content flowing across the network, in time to make decisions that will stop incidents or at least limit the impact.

  • Agility  (Responsiveness)

The ability to detect cyber security incidents (incidents of attack and incidents of compromise) and the people and process to implement possible decisions made as a result of contextual insights.