Matthew Gyde, Group Executive – Security at Dimension Data, said “cyber threats are still flourishing, and traditional approaches to information security are no longer adequate to protect information networks from modern threats. “Even employees are not safe from variety of threats including drive-by and watering hole attacks which often occur over a weekend. In addition, we’re seeing a low level of maturity in some large enterprises – many of which have spent millions of dollars on security technology.
“When assessing the robustness of an organisation’s security, we cannot leave out the employee. In fact, it’s essential that employees understand their role as both an asset and a potential security liability in an organisation,” explains Gyde.
The company says, another key area is to link the security strategy of the organization to the vision of the company, and have a robust set of policies around vulnerability and threat management, as well as incident response processes and procedures. Ability to manage security as per industry standards such as ISO27000, standardisation and control best practice across systems and locations are also important. Sharing the metrics with the business to align IT security with the rest of the organisation
“Organisations must be able to address root cause issues and apply the right resources and controls in the most effective way to protect key assets,” he says.
