<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=372201&amp;fmt=gif">
Security
 | 3 min read

If you don’t care about your cyber security – someone else will

By  Scott La Franchie,
 7 March 2017

cyber-security-blog-image.jpg

Throughout my career in the IT industry I’ve built and enhanced a number of different products, services and programs.

And the key thing I’ve noticed is that most - though not all - programs tend to follow an evolution. This evolution usually involves four main stages: conception, implementation, operation and enhancement, and lastly stagnation.

Granted, that final stage does not sound particularly flattering but in some markets this can be acceptable and even the norm. Services become stagnant so are discarded and new products are launched. However, in this increasingly sophisticated digital age it is becoming less acceptable to follow the above cycle. Never has this been more apparent than when talking about products in the cyber security market.

Cyber criminals are becoming more sophisticated, collaborative and entrepreneurial with every coming year. To be ready, IT professionals must understand the key developing trends .They must also learn how to avoid the traditional product / program cyclical behaviour which ends in stagnation – especially when developing and planning a cyber security program.

Below are what I consider to be the three key cyber security trends we as IT professionals need to be aware of and how we should apply these to our own product development:

 

Hacker sophistication

The security operations concept is born in this first trend. It is important to understand you will be hacked. It’s not a question of if, but of how many times and what you will do about it.

 Hacking and cyber crime is now a full time 24/7 job so businesses need to make sure cyber security plans and tools are aligned to match this onslaught.

 Hackers will try and penetrate networks for fraud purposes and if you are even remotely high profile in your territories – locally or globally – you could be targeted by online causes (HAcktivism) as well.

Businesses need to constantly improve security products and never let them stagnate. Security products should always have a roadmap planned and customers should also never be left stranded on a grandfathered service that’s stagnated – that is a huge risk to any business and its customers.

 

People

Businesses need to be creating solutions and embedding information security behaviours that positively affect risk. People remain the weakest link in any cyber security chain. Even the most robust security infrastructure can be undone by a careless or malicious individual.

Keeping this in mind, education is a key part of any service we launch at Kordia. While our products can keep people safe, we also need to regularly ensure our customers and staff are educated and implementing best practices. Products or services should embody regular customer updates, including tips and tricks to keep customers engaged and in turn keep own staff inside the business.

 For all organisations, people are the biggest asset. By having engagement and enhancement plans as part of your day to day operation, you can help your customers ensure people are the business’ strongest control point.

 

Your third party suppliers

Not only do you need to consider your product development life cycle and how you approach it, but you also need to consider your third party suppliers.

During the operational stage, the organisation moves to running its day-to-day security operations. Data is moved about between systems. Information is shared and exchanged every minute of every day. And it’s not just being shared within your organisation and its network but also outside of that with your third party integrators.

A range of valuable and sensitive information is often shared with suppliers and when that information is shared, direct control is lost. This leads to an increased risk for your business’ data. We now need to be reviewing and approving how our suppliers capture and store our data and what steps they take to continue to innovate and improve the process.

To summarise, these trends clearly show that allowing web security programs and products to follow the traditional product cycle and end in stagnation is not going to cut it in this ever dangerous cyber environment. Only by continuing to develop and enhance systems while keeping up to date with trends will you stay ahead of the curve.