With more companies embarking on a digital transformation journey, enterprise data is being spread across devices, systems and even in the cloud. As a result, focusing security efforts on protecting network perimeters is no longer enough.
“In digital transformation, as we move from the physical into the digital world, information security becomes harder, particularly for those of us who are operating in businesses in which we have personal, medical or confidential information,” Bill Packer, CIO at American Financial Resources, said. “It becomes harder to know where that information is, to plug those [information] leakages, and becomes more difficult to know whether that information is being compromised or stolen.”
During a recent webinar highlighting the best practices that organizations should adopt during their digital transformation journey, panelists were asked to discuss ways to address constantly changing threat vectors while staying innovative and transformative.
Packer noted that the issue is an ongoing debate for companies: Do they decrease speed to market to ensure they have addressed all potential threats to avoid during their digital transformation journey?
“It continues to be an everyday dialogue where we try to think security, and sometimes we accept the risk, sometimes we mitigate the risk … but it’s the methodology of risk identification, the dialogue, the conversation, and then deciding what we are going to do about it,” he said.
When it comes to security, organizations should assume that they are always under attack or can be attacked anytime, according to Inder Sidhu, executive vice president of global customer success and business operations at Nutanix. He stressed that AI technology has come a long way to help companies solve security problems.
“When I was at Cisco, we implemented a system for context-aware monitoring where … each day we cracked three billion events from 14,000 servers. We had profiles for the users, profiles for the types of data, and we had AI looking at it to figure out when somebody was accessing data that seemed a little bit out of the ordinary.”
It is equally important to think about what happens before, during and after a cyberattack, Sidhu said. Organizations should not only have the capabilities to discover vulnerabilities before an attack happens, but also have the appropriate detection, blockage and defense mechanisms in place when it does occur. After an attack, steps like scope checking, containment and remediation come into play, he added.
“Having clear responsibilities and clear processes for the before, during, and after phases has been very helpful for us,” Sidhu said.