The maturity of enterprise IT requires a robust security strategy is proving to be that much more challenging.
Cyberattacks have become more daring and sophisticated – but businesses still on the back foot in their cyber defences as a result of remote working – cybersecurity companies must show they can provide defence against attacks that businesses in all sectors rely on.
The bad guys are winning, and the industry needs to send a message to hackers that it is up for a fight, said Rajesh Muru principal analyst, Enterprise Security Lead at GlobalData.
“In the last year, everything from software companies such as Software, oil and gas facilities such as the Colonial Pipeline, US Government departments with the SolarWinds attack, and, only last week, the Irish healthcare system, have all suffered attacks,” he noted. “Organisations are being ravaged by ransomware they don’t know how to contain or control. The Colonial Pipeline attack might be the tip of the iceberg for future critical infrastructure attacks.”
Murus believes the cybersecurity threat landscape doesn’t seem to be easing, and it has, in fact, recently catapulted in the media with cyber-attacks on Colonial Pipeline and Ireland’s Health System for example.
“The issue is not that cybersecurity isn’t on the enterprise board agenda. In fact, it has always been a top-board-level issue,” he said. “However, with the maturity of enterprise IT encompasses cloud, and in particular OT/IoT environments, defining a robust security strategy is proving to be that much more challenging for enterprises.”
According to GlobalData the beginning of 2020 that organisations need to do more in sectors such as healthcare and oil and gas to fill the gaps in their security posture end to end. However, this is not just an enterprise issue, cyber security providers need to up their games too.
Although continuous product enhancements and new releases are welcomed in industry, Muru believes there needs to be a simpler coherent product strategy.
This strategy must address cyber threats that lie ahead for businesses across all fields, providing better cyber security alignment to the dynamics that these sectors IT systems operate in across the entire supply chain, and with better threat information sharing, noted Muru.
“Cybersecurity solutions in the context of the business needs will be critical for vendors,” he said.