Organisations are undergoing the most significant transformation in a generation thanks to the rapidly evolving digital world. Many refer to this as the Fourth Industrial Revolution (4IR) and believe it will fundamentally change how we engage with one another. But for all the good this brings it means there will be new cyber security risks to contend with.
With 350 000 unique threats emerging daily, organisations and end users are in for a wild ride. As we move more of our data and systems to a cloud environment, the risk will only increase as malicious users start targeting organisations irrespective of industry sector, size, or geographic location.
VMware and Trend Micro have been partners for several years to take the necessary steps to secure the modern data centre in this environment. What few people realise is that the future of the data centre revolves less around physical infrastructure and more around software-defined principles.
According to “The State of Enterprise Security in South Africa 2019” report conducted by World Wide Worx in partnership with Trend Micro and VMware, local corporates need to start embracing a new kind of thinking when it comes to cyber security. They must adopt advanced strategies when it comes to safeguarding their data.
Fortunately, there are signs that this is starting to happen at least from a budgetary perspective. The report found that encryption (97.3%), mobile security (96.4%), and data back ups (94.1%) are the three areas that have seen the most significant funding increases the past year. With firewalls (93.6%) and threat monitoring (93.6%) rounding off the top five, decision-makers are starting to invest in key technologies to mitigate the risk of cyberattacks.
Part of this could be ascribed to the fact that companies are starting to see the transition to the cloud as a business imperative. With almost 72% of respondents stating they are either somewhat advanced or very advanced in their move to public cloud providers, the local market is rapidly evolving in terms of where data is hosted and how it is secured.
To this end, 97% of those surveyed stated that their companies have strategies in place to keep data safe when moving across applications and endpoints. Granted, some of this might be limited to on-site processes, but the signs that security is becoming more of a focus point are there.
While we highlighted the most pressing security concern being that of outdated software and systems (92.3%) in a previous blog, it is still important to note that this is a major issue that must be addressed. Other problem areas are senior management not understanding aspects around cyber security (89.1%), cyber attacks by activists (78.2%), and cyber attacks direct from employees (76.8%). It is especially in the latter where companies should do more to shore up internal defences around the possibly of staff attacks.
The mobile generation is also highlighting areas for concern with 76.4% of respondents stating they were aware of employees having been hacked on their own devices. It must be remembered that a mobile device is an end point itself. If there is no security installed on it, it can provide an easy entry into the corporate back-end whether that is on-site or in the cloud.
Having said that, companies need to start focusing more on the security of applications. While end point security is important, it means very little if an application is inherently insecure. The network of the future will be software-defined. It will use intelligence to secure data in real-time and provide consistent, pervasive connectivity and security for apps and data.
This is where the concept of intrinsic security is important. This weaves cyber security into every layer of the digital foundation, helping businesses gain visibility from the cloud to the edge, unify disparate product portfolios, and significantly reduce the attack surface. A digital world requires a new way of managing security. It is time for companies to evolve with it.