The burden of complexity – and how to relieve it

The burden of complexity – and how to relieve it

Markus Melin

Head of Tieto Security Services at Tieto

Markus Melin is the founder and head of Tieto Security Services, the internal Tieto startup combating cyber-crime and securing clients’ business continuity in lean and agile way. Markus has a long and solid experience in security, software project management, cloud, and agile methodologies. Before starting up Tieto Security Services, he worked for F-Secure, where he, among several other positions, headed the R&D operations of the company in Kuala Lumpur, Malaysia.

Views 557

The burden of complexity – and how to relieve it

23.02.2017 10:00 am

What is the biggest burden in cyber security? This question may be answered in multiple ways, but ultimately most answers could be merged into just one single word: Complexity. Luckily, the first step for resolving this situation is within reach.

Cyber security and IT environments in general are overloaded with complexity. First, look at all the hardware that you need to secure your networks. Then think about all software that is supposed to protect your assets including all the endpoints and online services. The list is endless. Take a step out, and get lost in the internet.

The cyber world and its threats around us are becoming ever more complex. From this viewpoint, powerful trends such as IoT, Bring Your Own Device, and flexible employment are not very helpful.

Cyber crooks exploit the situation: They know too well that the good guys are overwhelmed by keeping track of a zillion things.

The dangerous gap in vision

Still, every organisation must survive the challenge of complexity. But what is the best way to address the challenge? More technological solutions? Nope.

The correct answer is visibility. What do we mean by it? In short: Visibility is about getting a full overview of the security posture of your company and making this information actionable.

Why do we say this? First, we have identified a serious gap in how the actionability of security information is perceived between enterprise board members and IT executives. Board members seem to have an overly optimistic look at the realities of cyber security.

For instance, 95 per cent of board members believe that cyber security data is readily actionable, while only 40 per cent of IT and security executives feel the same. Such a wide disagreement in perception can lead to dangerous overconfidence on the part of senior management.

However, successful protection of critical assets and business operations requires broad cyber security engagement from all organisational levels. We can’t afford a split vision anymore.

Lack of visibility has dire consequences. It leads to late detection of breaches, lost credibility and a failure to address regulatory requirements. All of this costs money.

Make cyber security information visible

Creating better visibility is a practical first approach to solving the complexity challenge. Primarily, what is required is a considerable rethink in the ways we share information on cyber security across the organisation. Information must become visible to all stakeholders, not just the experts, in an understandable and relevant format.

Of course, we need technology in order to make the security posture visible. We must gather massive amounts of data in real-time from a heterogeneous pool of sources and implement data-driven methods to make sense of it all. At the same time we must avoid being swamped by an overflow of security information.

The point is to encourage collaboration and to make everyone well-informed all the time, not contribute to the already painful information overload that can cause important events to drown in the noise.

Read about the solutions for better visibility and its benefits in our fresh white paper: Visible cyber security.

Latest blogs

Nish Kotecha Finboot and Bryan Foss, NED, Visiting Professor at Bristol Business School and member of the FRC Audit & Assurance Council

How Listed Companies Can Use Blockchain to Prevent Auditing and Reporting Malpractice and Avoid Scandal

Not too long ago, there was very little to link Wirecard, the disgraced payments platform in Aschheim, Germany, with Boohoo, the fast-fashion online retailer in Leicester, England, but both have recently been embroiled in high-profile scandals. Read more »

Leon Muis Yolt Technology Services

The Time for Financial Services to Become Truly Digital is Now

The financial services industry looks set to change dramatically over the next couple of years in response to COVID-19. The pandemic has certainly highlighted some inefficiencies and weak spots in current processes for many businesses, such as those Read more »

Granville Turner Turner Little

The Lockdown Money Revolution

Many Brits have found that lockdown has been beneficial for their money, having cut back on personal spending and managing to put away some extra cash. According to eToro, Brits with unspent discretionary income are set to accumulate £75.5bn in Read more »

Sandra Higgins Sysnet Global Solutions

Are You ‘Prescribing’ the Right Security Solution to Your Merchants?

When it comes to leading a healthy lifestyle, eating the right food, taking regular exercise, and maintaining a positive mindset are key. However, despite these best intentions and practices, you still might not get all the nutrients your body needs Read more »

Robert Flowers DivideBuy

It Doesn’t Have to Be the End – How Retailers Can Grow in Light of COVID-19

It’s no news that the retail industry has been flipped on its head by the COVID-19 pandemic. Due to the lockdown, most in-store operations have been shut down, and nationwide furloughs, reduced pay and steady streams of income at risk have fuelled a Read more »

Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel