Cybersecurity – A Lifelong Learning Adventure
In the previous sections, you have been reading about many of the directions that directly impact technology solutions we are working with in the market, from the perspective of solution developers, consultants and end users.
In this section, we have asked our technical solution experts to focus on which challenge their technology domain is attempting to tackle and why it is relevant for our clients to explore the solution area to harden their cybersecurity robustness and response.
Very often, vulnerabilities can be mitigated in many ways, for instance updating systems, changing a configuration, or addressing a certain user behavior.
Unfortunately, this is not always realistic nor the most economical and efficient way. Too often, a response to a cybersecurity challenge is to limit the ability of an organization to operate their IT environment in alignment with business requirements. As cybersecurity professionals, it is our responsibility to mitigate and limit the impact of security challenges in an environment where threats and vulnerabilities are weaponizing quicker than ever before.
In the section below, we have, together with our vendor partners, highlighted some of the major technical developments that are happening in the cybersecurity field, and some of the technologies that we believe a proactive response to a cybersecurity challenge requires.
Some of the things we cover extensively are around cloud security and the importance of getting it right – if you ask me, the cloud is not an option unless you also ensure you can secure it. It is not that the cloud is insecure – in fact it can be very secure – but it requires a new approach to security to use it efficiently and without exposure to cyber risks. The cloud is also the home for many of the services we talk about today – this being our Secure Service Edge offering or web-application offering, which apart from the physical infrastructure today, can also be delivered with the same great or even better feature set in our UAE based data centers.
Finally, in this section, we also allow ourselves to highlight what we think is important and glaring issues that any client should spend time on assessing their exposure to. As an example, we talk about the importance of protecting your Active Directory Services and ensuring you have an efficient recovery plan for your Active Directory. Unfortunately, we see too many organizations that are impacted by large system outages due to attacks on the soft underbelly that the Active Directory represents to many organizations, only to learn that recovery is way too complicated, if not impossible.
While we always tend to complicate cybersecurity, I believe that doing the basics right can take you very far, and maybe we only complicate things so that we can avoid accepting the fact that ‘it could happen to me’. I think it was Warren Buffet who once said “It’s good to learn from your own mistakes. It’s better to learn from other people’s mistakes.”
In cybersecurity, this is as important as ever, and as we look around us and see how attacks are impacting organizations our response should be: “What can we learn from that” instead of “It will not happen to me”.