June 19, 2018, 7:59 pm
Facebook iconTwitter iconYouTube iconGoogle+ icon

SYMANTEC CYBERSEC EXPERT SAYS: An integrated cyberdefense creates enterprise independence

THE push for digital transformation (DX)—hinged on greater online collaboration, information sharing and resource swapping—has also seen organizations rapidly embracing Cloud solutions. Coupled with risky user behavior and many unknown variables in the online collaboration platform is also widening the scope for Cloud-based attacks.

Understanding the business needs to both decide to use and eventually enable online collaborative platforms is more important than the techonology itself. If an organization goes unprepared into online collaborations—from chat groups to simple emails—they may become vulnerable to cyberattacks without knowing it. 

“Many businesses these days see only the technology. How this technology can make the enterprise run better. Or adopting technology only from the point of view of productivity not seeing the issues of vulnerability. Sometimes things are happening that the organization may not even be aware of,” John Cunningham, VP for Cloud Security for the APJ, Symantec says in a one-on-one interview.

Just asking the simple questions, the CEO can challenge the Chief Information Officer (CIO) to think of the business also instead of just the technology. In many companies, according to Cunningham, the job of securing company from cyberthreats is usually left to the CIO or the IT department only. Conversely, IT departments fail to regularly include business units and executive staff when developing a Cloud strategy.

What are we doing in the Cloud? Why are my employees accessing the Cloud applications? Can anyone from outside make us vulnerable? Are the users truly authorized? Are they careful in transacting business with us? These are very basic questions, but the questions are usually not asked because the perspective of protection is the technology, not the business itself.

To understand this situation further John gives an example of how an email, sent via Office365, comes in to an employee via the normal channels. The employee then checks the email’s content, determines it is useful and since it has gone through the cyberdefenses of the company, it is not flagged and sent to a colleague for further processing. In that next step processing, the data now becomes open to attack because it is not know where it is stored, or where it goes, or how it is processed.

“This is where the problem lies, because without sufficient visibility it can be easy for a cybercriminal to penetrate the company. This may also happen because of careless employees or even rogue employees,” Cunningham explains as he points out that how the average enterprise is using 928 Cloud apps when most CIOs think only around 30 or 40 Cloud apps are used.

He shared how, based on Symantec studies that many enterprises aren’t aware of all of the Cloud services and data in use throughout the organization. And for organizations whose Cloud services are known, they cannot identify, classify, or granularly control access to, and manage the secure handling of sensitive, compliance-related data in apps they use.

“Now that is a business understanding. Not just technology but also policy, which again means understanding of the business,” the Symantec executive says adding that in the complex maze of collaboration the IT departments attempt to apply the same controls to all Cloud data. 

Oftentimes because of resources, enterprises overlook the critical need for threat detection, continuous monitoring, and post-incident response. In fact, based on their studies, most enterprises have no way to detect Cloud threats.

“If you combine that situation, with the fact that cybercriminals are opportunistic, and take advantage of flaws in legitimate operating systems, tools, and Cloud services to compromise networks, you will now understand why an integreated cyberdefense system is necessary,” Cunningham emphasizes.

Aside from the weak points in policy by a company, there is so much shadow data residing in the Cloud that further increases vulnerability. Symantec CloudSOC analysis found that 25 percent of all shadow data is “broadly shared,” increasing its risk of exposure. Three percent of this “broadly shared” data is compliance related.

Shadow data is business data stored in the Cloud without IT’s consent or knowledge simply because it was left there either by sharing or by storage, perhaps as a file uploaded into Google Drive or a stored document in Office365. 

A powerful cybersecurity platform should be able to align to both the organization’s business and security requirements. This means internal cooperation between the business and information technology elements in a company. Symantec suggests to create a Cloud Security Advisory Board. 

The question to ask is does my company need one? 

The answer is that is once a company does not have the policies in place for proper detection and protection, then it cannot operate independently from cyberattacks. It needs to know “what are the riskiest Cloud apps and services that are being used?” “What are the most critical data types in my organization?” And “who are my riskiest cloud users?”

If there is a need to know the answers, then a Cloud Security Advisory Board must be convened. To know further what solutions are right, consulting with a company like Symantec can deliver not only a technology solution, but a business plan that will mitigate more risks earlier because the risks can be identified from a business needs perspective.

“I am usually in the market 12 months before we deploy a project,” Cunningham says of his role in the strategy formulation in the region. 

“We come early here because we know that it is not just throwing a solution,” explaining how Symantec has everything from detection and mitigation of ransomware attacks, to improving security in accessing email accounts, providing flags to stop targeted phishing campaigns, and keeping systems immune to hosting malware.

Businesses are moving into the Cloud at a faster rate in the last 6 months than in the last two years. One study by the International Data Corp. (IDC) predicts there will be a 42 increase in DX investments, representing $1.7T worldwide by 2019. This also means more opportunities for cybercriminals to take advantage of.

Survival in DX will depend creating and using a powerful integrated cyberdefense platform to enable enterprises to fully embrace the technologies like the distributed Cloud, the Internet of Things, collaboration apps, which are also more vulnerable. 

Symantec aims to provide safer passage for companies to make the journey to DX faster.
No votes yet

Column of the Day

When body language speaks volumes

By ABIGAIL VALTE | June 19,2018
‘Whichever side you are on, it’s difficult to deny that the photo of Robredo put down Duterte in many, many ways, though inadvertently.’

Opinion of the Day


Rey O. Arcilla's picture
By REY O. ARCILLA | June 19, 2018
‘I believe what Digong’s detractors really mean and want is that they’d rather the country went back to kowtowing to the US.’