Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CIOs need to adopt a holistic view to security

Zafirah Salim | July 6, 2015
In order to achieve this “holistic view”, CIOs should ensure that these three elements – people, process and technology – are aligned, said Guido Crucq, General Manager, Security Solutions, Dimension Data APAC.

"In Asia Pacific, I think we are confronted with an ageing security infrastructure," said Guido Crucq, General Manager, Security Solutions, Dimension Data Asia Pacific.

"People's demands are growing - for the business, for the IT as an enabler - and users are requiring more access to information anytime and anywhere. But we also need to conclude that the occurring security controls and technologies are not functioning properly enough. The bad guys have shown us that there are still a lot to do and I think the security industry is very aware," he added.

Speaking at a roundtable discussion hosted by Dimension Data in Singapore in mid-May this year, Crucq feels that security is becoming an issue that is steadily rising up the boardroom agenda, effectively making it a constant concern for both the CEOs and CIOs.

He added that these security concerns are valid because a security-efficient company can help to drive client loyalty, profitability and cost reduction.

Shift of security strategy: Less detecting, more hunting

According to Crucq, the security industry today is lacking largely in terms of security talent - in fact, it is 18 times as deficient as compared to four years ago. 

He lamented that the challenge lies in more than just recruiting people to join the security industry - it's about growing the pool of talent, training and educating them to be security professionals, and above all, retaining them.

In addition to the limited security talent, Crucq also pointed out that the threat surface is expanding with the advent of technologies such as mobile devices and the Internet of Things (IoT).

"The industry is now also seeing a big move towards proactivity. In the past, we were doing more of the detecting, but now we are doing more hunting. We have evolved to be more reactive - responding to breaches, and proactively trying to stop the security attacks. There is clearly a shift of security strategy from incident prevention to incident remediation," he said.

Another trend Crucq noted is the huge drive towards managed security services. According to him, the demand is increasing on a daily basis and he feels that this is due to the lack of skills and the complexity of the environment. He added that organisations need to learn how to effectively use technology to facilitate the secure use of cloud environment, ideas and services.

Lastly, Crucq highlighted the return of endpoint security. "Endpoints are continuously being affected and it is actually one of the biggest sources of infections in the infrastructure," he said.  

Talking more about the changing security landscape, Crucq recounted a time when he was a speaker at a RSA security conference sharing his future insights on cybercrime. Looking back, Crucq said that it is scary to note how the things that he predicted will happen two to five years later are actually happening today. With cybercriminals launching more sophisticated attacks using advanced technology, we need to be ready than ever to battle against them, he warned.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.