• CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • CUSTOMER LOGIN
  • Products
    • TPRM by ThirdPartyTrust
    • Beacon by ThirdPartyTrust
  • Company
    • About us
    • Partners
    • Product Security
    • Privacy Policy
REQUEST DEMO
  • PARTNERS LOGIN
  • CONTACT US
  • PRIVACY POLICY

4 Challenges of Moving Cyber Initiatives Forward

Published by Sabrina Pagnotta on April 9, 2020
Categories
  • Blog
Tags
  • Cybersecurity
The-Challenges-of-Moving-Cyber

Ransomware, data breaches or never before seen attacks can have tremendous impact on business operations. With growing executive demand for changes to cybersecurity processes and awareness comes inherent challenges to an organization. So how difficult is moving cyber initiatives forward?

We’ll explore the challenges around change management, shadow IT, technical debt, data enablement and IoT.


CHANGE MANAGEMENT

Information technology is hard. It’s even harder when you are trying to change the behaviors of people who don’t fully understand why change has to be made. On top of that, people don’t like it when you tell them how to use their phones. They don’t like changing their everyday lives for the sake of IT.

Some of the big reasons people don’t want to go along with the new security initiatives is a lack of understanding, conflicting initiatives or change fatigue.

Most organizations and employees aren’t equipped to manage and succeed in changing environments. Change fatigue being one thing most companies are feeling more recently, because of the emergence of the digital revolution. With IT spend increasing every year, every employee is impacted by the new purchases and new changes.

More often Directors and CISOs are focused on implementing the best security practices with the least impact to business operations. That’s where governance can ensure security strategies are aligned with business objectives and consistent with regulations.


SHADOW IT

Shadow IT buying is nothing new to IT teams but the reality is, it’s becoming more frequent. It refers to applications and infrastructure that are managed and utilized without the knowledge of the enterprise’s IT department.

How does procurement keep up with people’s expectations when people are used to Amazon-like services, next day delivery or instant access to servers? They can’t and until buying processes change for teams or new processes are put into place, people won’t stop.

Read more: How to Get Legal, Procurement and Business Owners Onboard with Security

Directors and managers do not and should not blame engineers that want to continue progress on their projects and certainly, don’t want to slow them down. One recommendation is to build a system to document concerns, dictate actions with governance controls and keep a running tab of the current status of devices.

challenges-moving-cyber-initiatives-forward

TECHNICAL DEBT

What is technical debt? It’s a concept in software development that reflects the implied cost of additional rework caused by choosing an easy solution now instead of using a better approach that would take longer.

How do teams keep up with new attacks given an inability to manage antiquated platforms and budgetary constraints? First practical step is to understand what instances are mission critical, which are in use and which are dormant.

Another appropriate step to take is recording the state of devices on an ongoing basis. When it’s time to communicate the risk of dealing with antiquated technology and reasoning for budget to improve systems, an accurate record of instances can be shown.

Deciding where and when to improve infrastructure is a risk conversation, where business continuity and operational risks are discussed with the CIO and the board.


DATA ENABLEMENT & IOT

There is so much to be said about IoT security and access to data… There hardly remains a room that doesn’t have some gadget connected to the internet, and while manufacturers work hard to keep up with security, the sprawl of potential vulnerable devices is simply overwhelming.

Here are some things to consider when developing an IoT security strategy:

  1. Where does the risk reside in the technology stack? 
  2. How are you protecting yourself or ensuring security best practices at each technology provider? 
  3. Are you working closely with your hardware manufacturer to address hardware security concerns?
  4. Have you considered isolating components – cores, memory, application, system and other resources – to add more barriers for a potential attacker?
  5. Are you using secure protocols to transmit data? 
  6. Does your data engine solution encrypt data?

OPPORTUNITIES FOR moving cyber initiatives forward

  • Build your network
  • Strengthen internal relationships to build security champions
  • Discover what’s out there – what’s critical and how to do it safely
  • Launch educational efforts and communicate
  • Take a risk based approach – prioritize efforts

 


 

To learn more about how ThirdPartyTrust can help you manage third-party risk, request your free trial now:

 

Trial Account Sign-Up
Sabrina Pagnotta
Sabrina Pagnotta
Sr. Content Strategist
  • Phone
    |+1-617-245-0469
  • Address
    |
    111 Huntington Ave, Suite 2010, Boston, MA 02199
  • Sales
    |sales@bitsighttech.com
  • Contact Us
Laika_SOC2_TypeI_PurpleIris        CSA_Trusted_Cloud_Provider

©2022 ThirdPartyTrust, LLC and its Affiliates. All Rights Reserved. | 111 Huntington Ave. Suite 2010 Boston, MA 02199
  • PARTNERS LOGIN
  • CONTACT US
  • PRIVACY POLICY
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Reject AllAccept
Cookie Settings
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT