As the security industry feels the reverberations from ransomware attacks like WannaCry and HospitalGown, it raises an important question for front-line security professionals like us: How do we prevent these types of attacks?
For me, the answer lies in the cloud.
According to the McAfee study featured in this guide, almost eighty-five percent of the 1400 security professionals surveyed report that they trust some or all their sensitive data to the public cloud. But the security talent supply is low, and the cost of breaches is very high. With a perpetually-exploding dataset to manage, companies have little choice but to trust a cloud service provider with their data.
Once that dataset is virtualized and distributed, it creates a divided ecosystem. Trusted networks and certified devices sit opposite untrusted networks and the Internet of Things (IoT) edge. Arguably, distributed networks are harder to hack, but they’re also tougher to manage. When a hacker breaches your network, questions around accountability, due care, and brand perception will fly, fingers will point and shareholders will demand answers.
To quote the ancient philosopher Socrates, “The only true wisdom is in knowing you know nothing.” So much of what IT staff must manage is unknown, like Shadow IT, licensing requirements, and unknown network devices. In my experience, I have not seen a client yet who did not have something to discover about their environment after we completed an assessment.
At the end of the day, YOU are responsible for securing your data. Not a cloud service provider, not the latest Magic Quadrant solution, and especially not a firewall. In a paradox, we have discovered that companies who take a step back from cloud security, actually increase the rewards they gain from it. How?
IT staff must choose to take a step back from a huge volume of work they clearly can’t afford.
By working with a trusted partner, companies offload the work of day-to-day tasks like patch management and IT procurement. No partner will ever understand the user base (or have the same access) like the IT staff will. But they just have to make the choice to free up their time and focus on a strategy that reflects the true needs of their business.
The end goal is risk management, and you can manage risk using best-in-class partners. Partners who offer advice from experts that have dedicated their careers to guiding IT staff like you through a complex world of service providers and products. To me, this is a much more cost-effective strategy than hiring expensive (and increasingly rare) security staff.
I would like to thank all our partners for being part of this journey with us and to you for taking the time again to read this guide.
Category Lead, Business Development
Softchoice Enterprise Software & Security