Ahead of this year’s Computer Security Day, which takes place on 30th November, we reached out to a number of experts and leaders to provide comments and advice to security leaders for this day. The day is designed to raise awareness of the importance of good cybersecurity practices within organisations and to promote best practices. This year, there is a focus on bringing together international and local IT and security professionals to share their experiences, acquire knowledge and gain an understanding to safeguard their organisation’s most valuable asset – information.
My call to all CISOs on Computer Security Day is that you can’t manage what you don’t see. This simple statement sums up the reason for most security breaches — a lack of fundamental IT hygiene. \’More tools\’ is not the solution. In fact, a complex patchwork of disparate tools that don’t integrate is what often causes organisational silos in the first place. It takes too long to find the threat, too long to remediate it and too long to ensure no other systems are vulnerable. CISOs need to recognise that unless they can ensure IT hygiene, investments in advanced security or operations tools are fruitless.
To improve IT hygiene, organisations need to create a process to continuously identify assets, risks, and vulnerabilities across an environment and be able to fix them with speed and scale. A good place to start is by unifying the IT operations and security teams around a single source-of-truth.