Cyber security compliance and survival in 2017
While cyber security compliance does not translate to a risk free, air tight, ultra-secure environment, it is a starting point. In a CIO poll, conducted last year, of more than 1,100 security executives around the world, 91 percent of respondents consider their organization to be vulnerable to internal or external data threats. 64 percent of respondents express the view that cyber security compliance is a “very” or “extremely” effective strategy in staving off data breaches.
“In reality the adversary is really after that data, and we’re putting the controls to protect that data itself really down at the bottom of the list,” says Vormetric CSO Sol Cates. “Data is data — it’s ones and zeroes, it doesn’t have any built-in defense.”
Too often, security operations lack sufficient rigor and consistency and key people are unaware of their organization’s vulnerabilities. Organizations might employ a range of ad hoc processes and capabilities that offer varying levels of effectiveness. In addition, many fail to practice good enterprise-wide ‘security hygiene’ – including basics such as access control, two factor authentication, rigorous vulnerability management and password policy compliance.
Cyber security compliance Growth
One cyber security compliance vendor is seeing huge growth in the Indian market. Skybox Security recently announced a 154 % increase in YoY revenue from Indian their business in 2016.India has become a prime target for cyber criminals of late, focusing both on infrastructure (read – Massive DDoS Attack on Indian ISPs) and financial targets (read 3.2M Indian Debit Cards Exposed via Malware Security Breach).
“A $460 million market and one of the largest and fastest-growing economies in the world demands dedicated attention,” said Avi Corfas, Skybox VP of Asia-Pacific and Latin America. “Internet penetration and adoption of ‘leap frog’ technologies like WLAN, mobile devices and virtualized networks are driving growth because they bring with them a dramatically different threat landscape and security management challenges. These challenges make security analytics and comprehensive network visibility vital to safeguarding the organization.”
“Compliance may be the number one operational challenge for Indian businesses – most businesses, for that matter,” said Sridhar Namachivayan, Skybox regional director of India and SAARC. “Without network automation to streamline workflows, data collection and analysis, tracking and reporting, security teams simply can’t keep up with compliance requirements. On top of that workload, they must also be concerned with the needs of the business and the day-to-day protection of their organization.” Namachivayan offers advice to companies struggling to overcome these challenges.