advertisement
Cyber Resilience – What East African Organisations Can Do to Improve their Security Posture
It is essentially the primary growth driver and we are witnessing growing ICT deployments in businesses, educational institutes and government…
It is essentially the primary growth driver and we are witnessing growing ICT deployments in businesses, educational institutes and government departments; this is helping them enhance their processes and compete globally.
While this is a cause for celebration, there is a dark cloud hovering over this ICT empowered economy. Data is the new currency and in a digitally empowered world, it’s redefining business and IT, and is on the radar of cyber criminals. Unfortunately, cyber security in East Africa has had to play catch up when it comes to challenges faced by modern day businesses and institutes when it comes to cyber threats. The inadequacy of checks and balances, unawareness of cyber security and its challenges, an inability of businesses to deploy an integrated future ready cyber security policy and an absence of stringent and enforceable IT security regulations has taken a toll on the cyber security resilience of organisations.
Traditional Approaches No Longer Work
advertisement
The key reason why the cyber security infrastructure in East African organisations is found wanting and keeping CIOs, CSOs and CEOs awake at night is that traditional approach towards making the network and endpoints secure isn’t working anymore. Picking different best of breed security products to build a comprehensive security architecture is at times proving counterproductive. You could get the best network security, endpoint protection, and application security available on the market and it still might not be enough to protect your organisation against sophisticated multi-vector attacks. The problem in this case is architectural complexity and the inability to optimally manage and control disparate platforms and systems. This leads to a scenario wherein there are gaps in the security architecture, allowing threats to fall through.
Widening attack surfaces, growing sophistication of attacks and targeted attacks mean building cyber resilience will involve realigning your security posture to meet the challenges of the present and also those of the future.
What’s more, there is no doubt that East Africa has woken up late to understanding the importance of cyber security and taking the necessary steps to bolster its defences against cyber criminals. For this region, it is a race against time and is not only about making the right choices but also adopting a new cyber security approach keeping their inherent security needs in mind.
advertisement
Improving Security Posture
The traditional security approach involves choosing best of breed for every need, which essentially has the potential to improve security posture, if the events detected and assessed from different disparate platforms are correlated accurately. But there is a big if here because the use of different point solutions results in needless complexity and complexity is the enemy of security. Say your organisation has different security agents guarding your networks and endpoints. That’s different products who have their own management consoles. Add to that the difference in deployment and settings and you have a complex system on your hands, whose potential is extremely difficult to leverage.
The solution lies in an integrated security solution that is a coming together of advanced features that offer prevention, detection and response capabilities with operational efficiency. What’s more, the world as a whole suffers from a paucity of highly trained cyber security professionals who can take charge of an organisation’s IT security apparatus. This means businesses must pick a consolidated security solution that is easy to deploy, manage, control and maintain.
advertisement
Next-Level Security
Today’s attacks are highly advanced, extremely well-planned and therefore require a whole new approach towards security, if they are to be negated. What is required is better and real-time threat intelligence, and improved coordination between your endpoints and network and all this without adding additional security agents or layer upon layer of management and control tools. What businesses in East Africa need to look for are solutions with advanced threat protection capabilities, and with none of the associated baggage that comes along with it in the form of increased resources and administrative costs.
Sophos has taken the lead in bringing such protection to the table with its Security Heartbeat™ feature that brings synchronized security to endpoints and networks; it is a part of the company’s XG Firewall/UTM and Cloud-managed endpoint protection. This security approach brings together next-generation network and endpoint security technology so that both work in conjunction with one another and also offer organisations a well-coordinated and integrated defense.
Conclusion
Finally, businesses must use emulation and enculturation to zero in on the solutions they deploy. Emulation involves following the lead of countries who’re well on their way towards adopting next generation security solutions and practices. One could also use enculturation as a means of improving cyber security posture; this involves following a cyber security approach that keeps it local. That is a policy that uses knowledge of citizenry behavior, local business environment and existing legal framework to protect sensitive information.
At the end of the day, IT security will always be a work in progress. As a business, your security posture and resilience strategy will need to be one step ahead of cyber criminals who want to infect your networks and endpoints to get at your data.