By Fernando Garzón – @fergarzon
In recent weeks there have been cases of hacking of large organizations, and this is something that happens much more than what we can see in the media, the most affected are the end users, in cases such as Audifarma, this attack caused the company to malfunction, preventing patients from requesting medical appointments or scheduling exams.
This suggests that companies are increasingly aware of the importance of having robust solutions that minimize this type of vulnerabilities.
Every company is unique in its IT infrastructure and technology, which is why each must take a tailored approach to cybersecurity.
TEC entrepreneur, met Kyndryl the world‘s largest provider of IT infrastructure services, this company highlights four key steps highly recommended for all organizations to follow if they want to ensure effective cyber security protection.
– Take advantage of the cloud!
The cloud is positive for organizations, but an efficient cybersecurity model and effective controls that support said model must be guaranteed.
According to ISC2’s Cloud Security Report 2022, 39% of companies already have more than 50% of their operations in the cloud and this figure will grow in 2023 to approximately 70%.
The Road to the Cloud is generating challenges such as the operation of multiple providers and the lack of qualified cybersecurity personnel to meet the growing demand for assurance of cloud migration strategies.
– Invest in DevSecOps
Security teams often do not have enough control over the application development lifecycle.
Companies are buying capabilities from hyperscalers and cobbled together open source apps, but they aren’t thinking about the seams between widgets and frameworks. These organizations need a set of policies that are established and implemented as code.
By leveraging DevSecOps, organizations can ensure that security is incorporated much earlier in the development process of the software life cycle.
– Anticipate recovery
Companies need to understand what their business-critical systems are and assume they will be hacked. How long can they afford to go without systems? And how will they recover the data and settings? They need to think within the context of where their data and services are; in the same way, anticipate how to recover them, assigning priorities accordingly in the process.
– Don’t rush
It is not uncommon for organizations, almost without realizing it, to acquire a set of cybersecurity solutions that do not work for their business as they should.
This can happen very easily as new technology may have been hastily adopted reactively after a security breach, or as part of a technology package that includes other capabilities.
Maintaining a healthy cyber security posture is no easy task as cyber attackers become more and more sophisticated and elaborate in their methods.
However, it is by no means impossible. By following the principles outlined above, cybersecurity professionals can support a vigilant and agile approach at all times and set the foundation for a coherent strategy for 2023.
Comments