Make business critical decisions heavy on data, light on risk
Managing business continuity strategies is a challenge for any organization, even in the best case scenario. And that was before companies around the world were forced to consider fully-remote working strategies on a major scale in recent months.
Add distributed workforce concerns to the expansive list of security risks and cybersecurity worries that many a business has to adapt to these days, and it becomes clear that merely setting up a firewall or purchasing more antivirus software is not going to comprehensively cover the entire organization, as one might wish.
Instead, the changing ways of doing business in light of recent world events highlights just how much the risk profile has grown for organizations in the region. Cybersecurity risks are actually business risks, and they are not just the concern of the IT or security manager any more. Indeed, the threat surface encompasses the whole company now, and that makes security and risk management the responsibility of the entire organization.
The “new normal” requires a longer-term strategy that balances company objectives with greater cybersecurity risks to survive and thrive in an uncertain climate. Integrating a data-driven information security program has countless benefits for any business.
To start with, organizations can employ data analytics and visualization to inform their decisions and mitigate risks. Furthermore, security leaders can leverage this approach to communicate with executives and other key stakeholders.
Big data can inform the company’s security stance, but also help the organization execute its business strategies, provide data-led confidence to manage uncertainty, and also help assess risks that spring from an ever-evolving cybersecurity threat landscape, along with keeping the firm up-to-date with the latest compliance requirements.
Hence the role data contributes to the organization is wide-ranging, not just for improving customer experience strategies. In much the same way, managing enterprise risk cannot be confined to a single department anymore or performed on an ad hoc basis, within operational silos.
The spread and storage of mission-critical data is widespread too, as with changing business continuity processes comes the added issue of the ballooning volume of data that is exposed online, or increasingly within a cloud storage environment.
Significant data breaches are also rising according to the 2020 Verizon Data Breach Report, and not always because of malicious malware attacks, but more and more due to errors as a result of poorly configured cloud migrations. Deploying to the cloud may improve efficiency in the short term, but the risks of misconfiguration can be substantial. Companies of all sizes need to establish the right controls to determine the risk of cloud servers being misconfigured and becoming vulnerabilities.
Distributed operational requirements or a distributed workforce comes with distributed risks. With employees connecting from unsecured networks, to security patches expiring or not found at all on personal employee devices, to newly-migrated critical systems which lack multifactor authentication, to more and more IoT devices and sensor data latching on to company systems, there is a plethora of security breach access points, data formats, and data input types that need to be secured.
Trying to make critical business decisions without the right data to support those outcomes can be a trial in itself, so organizations need to integrate the right enterprise-grade management solutions that can incorporate a comprehensive cybersecurity risk assessment process – and in the present shifting, uncertain business continuity environment, ideally a risk assessment process informed by actionable data.
Today Tech Wire Asia looks at three enterprise solutions that are geared towards enhancing company-wide risk management.
As the most advanced platform for detecting real-time risk using artificial intelligence, Dataminr is often recognized as one of the world’s leading AI businesses. Dataminr Pulse, the latest addition to the company’s full suite of products, provides global enterprises with the earliest indicators of business-critical information about risks to their people, brands, and physical and virtual assets.
For corporate executives and risk teams, Dataminr Pulse offers advanced real-time alerting and scalable operational integration capabilities to maintain situational awareness on potential risks across the enterprise spanning operational issues to brand reputation concerns to physical and cyber security. In a business environment still recovering from the aftershocks of the COVID-19 pandemic, Dataminr Pulse’s AI algorithms run on over 100,000 public data sources — such as social media platforms, blogs, and public IoT sensor data — to give organisations a first glimpse of potential threats and opportunities. The product surfaces alerts 24/7, enabling enterprise leaders to close the gap between an event occurring and when it is discovered.
Dataminr’s efficacy can be clearly seen in its early detection of the COVID-19 outbreak, where by scouring public social posts, Dataminr was able to notify its customers of the coronavirus in late December 2019 – a full week before the first announcement from the US government.
The Governance Institute of Australia has partnered with Dataminr to produce a new report which can be downloaded here: The Future of the Risk Management Professional
Dell EMC data solutions enable companies on their transformation journeys by incorporating smart infrastructure into their safety and security strategies. Its data storage and protection appliances include powerful yet cost-sensitive solutions to enhance data backup, but also data recovery, archiving and replication procedures, increasing uptimes and helping mitigate the risk of data loss.
Dell EMC offers enterprise-wide data management across a variety of industry, but targeted to find solutions for some specific challenges. For instance, the Dell Integrated Data Protection Appliance (IDPA) is a converged solution that combines capabilities for backup, recovery, deduplication, replication, instant access and restore in a single appliance with faster deployment and lower cost-to-protect.
Then there is PowerProtect DD, a scalable, reliable cloud backup solution with backup appliances for small and midsized environments along with those of the enterprise, plus it supplies a software-defined solution to shield virtual environments.
Not forgetting the cloud, PowerProtect DD also offers software for faster backup and replication, cloud disaster recovery services, as well as long-term data retention protection in the cloud. There is also a complete cloud protection portfolio that comprises data protection hardware, software, solutions and services that help transform data centers for greater operational efficiency, scalability, and resilience.
Secureworks has been a managed security services provider for two decades now, bringing a wealth of security response experience to its services-oriented solutions. Lately Secureworks has focused its service offerings on extended detection and response, also known as XDR, becoming a leading platform provider in this branch of risk mitigation.
XDR is a newish approach to threat detection and response that Gartner termed a top security and risk management trend of 2020. XDR attempts to combine elements of security information and event management with security orchestration, automation and response (SOAR), endpoint detection and response, and network traffic analysis in a software-as-a-service (SaaS) platform to centralize security data and incident response. This improves and speeds up detection and response because it correlates threat intelligence across security products, as well as visibility across networks, clouds, and endpoints.
Secureworks entered the XDR market in 2018 with its Red Cloak Threat Detection and Response (TDR) SaaS product, which stitched together artificial intelligence (AI)-driven data analytics with threat intelligence software, before adding a 24-hours a day, 7-days a week managed detection and response service on top.
Secureworks complements its unique trajectory on XDR with its 20-plus years’ expertise as security practitioners, relying on their closed tech stack to develop the tools necessary to kit out the security team.
*Some of the companies featured on this article are commercial partners of Tech Wire Asia