Story image

Security: A miserable job?

11 Jan 19

Article by ServiceNow chief information security officer Yuval Cohen

The security sector is a tough industry to be in – when all processes are running smoothly, security professionals are invisible. However, the moment something goes wrong, all blame is focused squarely in their direction. 

Third-party and in-house cybersecurity experts have a ton of responsibility. They work within a complex environment with real-world consequences. With a number of high profile data breaches reaching the public domain this year – with SingHealth and Securities Investors Association Singapore being the most recent targets of cyber attacks – security has quickly become one of the biggest concerns of organisations. Still, it’s easy to misunderstand the purpose of what security professionals do and see these growing procedures as an obstacle to productivity. 

It’s fair to say, in a lot of ways, this has the potential to be a very miserable job — even though it’s great in so many ways. 

A pack of sheep surrounded by wolves

State-sponsored attacks, ransomware, fake news, and targeted misinformation are all tools of war in the information age. Many of these attacks aren’t even reported by the press or known by outsiders. According to a study by ServiceNow and Ponemon Institute, Singapore organisations surveyed spent an average of 18,096 hours per year and USD $ 1,359,375 per year preventing, detecting and remediating vulnerabilities. 

The security industry can be the proverbial pack of sheep surrounded by wolves. As such, security professionals often stick together, even if they are rivals. Versus the ‘us against them’ mentality, it’s quite common for a financial firm’s security officer at a rival company to reveal they encountered a weird virus and offer to send samples or compare case studies. 

The balance of power in the equation is so lopsided when protecting data that everything security professionals do to help each other, helps the good guys. By working with peers, sharing best practices and insights empowers security teams to do a better job in defending organisations. 

Task overload

For security teams, a big part of the challenge is simply being overwhelmed by workflow management. It’s difficult to allocate resources between detection and operational capabilities, and to find the right blend of defensive and offensive posturing. 

Further, Singapore-specific insights from the ServiceNow and the Ponemon Institute revealed that: 

• 60% respondents said their organisations were at a disadvantage in responding to vulnerabilities because they still use manual processes; 

• More than half (54%) agreed that IT security spent more time navigating manual processes than responding to vulnerabilities, which led to an insurmountable response backlog and; 

• 68% attributed delays to lacking a common view of applications and assets across security and technology teams 

Getting in front of the challenge

At the end of the day, there will always be employees who open email attachments from strangers, choose obvious passwords, or use insecure communications unless they are prevented from doing so, or if technology paradigms change. Anticipating such actions to continuously take place allows security teams to be more equipped, organised and forward-looking. 

The urgency to adopt new approaches is increasing. Organisations in Singapore can apply automation to create a robust, efficient and effective security hygiene model. If a target has robust defenses, or presents more hassle to infiltrate than it’s worth, odds are the bad guys will move on to something else. More, little things such as establishing continuous tracking software patches, detecting irregular login patterns, and making it easy to report phishing attacks go a long way. 

Seamless processes are even more critical in a rapidly changing work environment. Multi-cloud environments mean it’s easier to pass the buck on blame for attacks. The rise of BYOD and shadow IT mean that new attack vectors show up every day, and security and IT have to be in constant communication. 

With the right steps, this doesn’t have to be a miserable job. Keep the lines of communication open with fellow security leaders, find signals and anomalies that matter in the endless data noise, and advocate for security experts everywhere. Getting in front of the challenge makes all the difference. 

Hillstone CTO's 2019 security predictions
Hillstone Networks CTO Tim Liu shares what key developments could be expected in the areas of security compliance, cloud, security, AI and IoT.
Can it be trusted? Huawei’s founder speaks out
Ren Zhengfei spoke candidly in a recent media roundtable about security, 5G, his daughter’s detainment, the USA, and the West’s perception of Huawei.
Oracle Java Card update boosts security for IoT devices
"Java Card 3.1 is very significant to the Internet of Things, bringing interoperability, security and flexibility to a fast-growing market currently lacking high-security and flexible edge security solutions."
Sophos hires ex-McAfee SVP Gavin Struther
After 16 years as the APAC senior vice president and president for McAfee, Struthers is now heading the APJ arm of Sophos.
Half of companies unable to detect IoT device breaches
A Gemalto study also shows that the of blockchain technology to help secure IoT data, services and devices has doubled in a year.
Huawei founder publically denies spying allegations
“After all the evidence is made public, we will rely on the justice system.”
Malware downloader on the rise in Check Point’s latest Threat Index
Organisations continue to be targeted by cryptominers, despite an overall drop in value across all cryptocurrencies in 2018.
IoT breaches: Nearly half of businesses still can’t detect them
The Internet of Thing’s (IoT’s) rapid rise to prominence may have compromised its security, if a new report from Gemalto is anything to go by.