30 Dec 2016
How to address cybersecurity challenges
It’s no secret that cybersecurity threats and even attacks are on the rise.
Businesses, governments and even everyday citizens are struggling to keep up with the increased sophistication and efforts of hackers. In Hong Kong, cybersecurity is closely linked to the success of our banking, financial services and insurance industry.
One of the main reasons this sector is so strong is that customers trust Hong Kong companies with their money and private information — in other words they trust our security.
It’s critical to our economy and continued reputation as “Asia’s World City” that we take a current, progressive approach to cybersecurity that protects us against the threats of today and tomorrow.
So how should Hong Kong businesses protect their assets? I propose we start with apps.
Applications run today’s world
If you think about it, apps are at the center of everything we do today, at work and in our daily lives.
They are also at the heart of today’s economic and technology issues. Most of what we do today is through an app. How pervasive are apps in the workplace in our region?
We surveyed 3,200 IT decisions makers across the Asia-Pacific region and found that almost half (45 percent) currently deploy more than 200 applications, while about 15 percent of organizations currently deploy more than 1,000 apps.
Think about how many apps you use immediately after turning on a computer, at home or at work, or how many you have installed on your smartphone.
We’re seeing Hong Kong embrace its potential as a fintech hub and smart city, too, which will lead to an exponential increase in apps.
The traditional approach to security is inadequate
As organizations deliver more and more sensitive data through applications, they are exposing themselves to increased risk given remote access to apps has become the norm.
The apps they rely on can be anywhere — from private data centers to the public cloud. Seventy-two percent of today’s breaches are due to compromised user identities and vulnerable applications; however, 90 percent of IT’s security budget goes to protecting the traditional network perimeter, we found in the same survey.
Therefore, it’s time to think differently about security in the face of this new IT landscape. Instead of relying on protecting desktop computers and your company’s firewall, it is essential to know how to keep apps and identity secure — for not only employees but customers.
We need an application-centric approach to security
An application-centric approach to security allows you to maintain control over your cloud applications — providing the same availability, performance and security services across your hybrid environment.
You’ll have the confidence of knowing that the policies governing your applications in the data center will extend to the cloud.
Your goal should be freedom with your apps. This means freedom to deploy any app, anywhere, with consistent application services and security.
We recommend IT and cybersecurity professionals take an application-centric approach to security. All this needs to be enabled by a flexible architecture that focuses on the app.
What are the “must-have” requirements when you focus on making your company’s security application-centric?
Make sure you are able to do all of the following:
• See end-to-end between the user and the app.
• Understand the user context and understand the app context.
• Evaluate the risk and apply app controls policy based on the user and app context.
Ultimately, we need to work diligently to stay ahead of hackers. New technology enables inspiring opportunities to better serve customers and even society, all while improving our business operations.
However, hackers forcefully stay on top of emerging technology and the latest user behaviors to exploit gaps in technology innovation and smart attempts to compromise these innovations.
How do we keep track of it all and manage complex security needs? Among all of the bustling priorities of today, the best overall guideline is to focus on securing each app.
Full content of EJ Insight is available at www.ejinsight.com. Copyright Hong Kong Economic Journal Ltd. Republishing and editing are forbidden without authorization from Hong Kong Economic Journal.