infoTECH Feature

June 12, 2014

How to Challenge the Security Status Quo: A Modern Approach to Cybersecurity

By TMCnet Special Guest
Dave Frymier, Chief Information Security Officer, Unisys

Every day brings another dire headline about a cyberattack, data breach or computer virus. This year alone we have witnessed high-profile data breaches at Target, Neiman Marcus and eBay (News - Alert). With the onset of the Heartbleed bug, cybersecurity has infiltrated mainstream parlance in a way we have never seen before. 

Against this backdrop, Americans have a heightened sense of anxiety about who can access their personal and financial information online, and as more and more of our personal information is stored into online databases involuntarily or without expressed permission – whether storing online banking PINs or saving credit card numbers into retail sites – it begs the case for some spike in concern over online privacy and security. As shown by the resignation of Target’s (News - Alert) CEO, breaches have a long-term impact on business financially and on brand reputation.  

Results of the 2014 Unisys U.S. Security Index, which measures the level of concern over a range of security risks each year, showed that credit and debit card fraud topped American’s security concerns this year. Fifty-nine percent of Americans reported being seriously concerned about others obtaining and using their credit card details, up from 52 percent in 2013. When asked specifically about whether they would drop their bank or retailer following a data breach, nearly 60 percent said they would be less likely to do business with them after a security breach.

This staggering percentage makes it all the more crucial for enterprises to proactively secure infrastructure by isolating their most critical data and limiting access to those resources, especially since few consumers take their online privacy into their own hands. Businesses should review and enhance existing security measures on a continuous basis to gain continued visibility into security gaps, shield against evolving cyber and physical threats and ensure business objectives are met within the enterprise’s security, compliance and governance framework.

No organization, large or small, is immune to malicious attacks, and a status quo approach to security is ineffective against advanced persistent threats. To build a tightly-integrated security strategy, businesses should:

  1. Develop an all-encompassing security strategy that aligns security with business strategies and goals, providing a roadmap to follow
  2. Establish a “security first” mentality among your employees – things have changed, and this is now much more important than it used to be 
  3. Manage identities and entitlements to provide the highest level of identity assurance and reduce critical employee errors
  4. Pay attention to the health of endpoints through managed patching and anti-malware systems
  5. Manage identities and entitlements to provide the highest level of identity assurance and reduce critical employee errors
  6. Leverage next generation authentication capabilities such as voice, signature and facial recognition to grow with consumer preferences
  7. Isolate and cloak end-point devices to hide them from probing malware

Businesses that ignore the risk of data breaches do so at their own peril, as security threats against enterprises grow in size, scope and sophistication and consumers grow warier of the brands that can’t fight them off.

About the Author: Dave has more than 30 years of global experience in the IT industry including information security, infrastructure engineering, business alignment, tactical execution and strategic planning. He is a known thought leader and practitioner in the information security industry.




Edited by Maurice Nagle
FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter

infoTECH Whitepapers