Security incidents will definitely happen; hence taking a proactive approach will mitigate its impacts to the organisation, said Philip Lee, Regional Client Partner of Dimension Data in Asia Pacific (APAC) region, in his keynote speech at Computerworld Philippines Security Summit in April.
As businesses evolve, so do the security challenges.
In essence, Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs) are expected to protect their organisations from threats, said Lee. This adds to their other concerns such as doing more with decreased budgets, finding skilled workers, complying with demanding regulators, and meeting users' demand for security.
In any organisation, security is also no longer a question of 'when' but 'if'. Therefore, security officers also need to be concerned about the ability of their organisation to respond as well as its resiliency when a breach happened, said Lee.
As such, taking a proactive approach rather than a reactive one improves the recovery time, as well as mitigates the depth of operational downtime.
In order to provide a proactive protection, threat intelligence is necessary, explained Lee. Obtaining threat intelligence is in two-fold: first is gaining visibility which can be done by getting data from ICT infrastructures and partner sources. This produces threat information. Secondly, application of deep analysis to the acquired information will result to a threat intelligence which enables proactive protection.
Since businesses are evolving, it is necessary to create insights within environment, and have a security expert to manage it to support its development, concluded Lee.
Sign up for CIO Asia eNewsletters.