The document discusses challenges in cybersecurity and provides recommendations for building a strong security program. It asks 3 questions: 1) Where to start in the new IT environment? 2) How to create a security strategy that fits new technologies? 3) What are the right tools to deploy? It then provides advice on enforcing governance on "shadow IT", educating leaders, integrating security audits, and embedding a security culture. Recommended tools include next-generation firewalls, cloud access security brokers, web isolation, and secure email gateways.
1. Why Is cybersecurity
such a struggle?
3 questions to ask
before you start
Adopting the right
tools for a strong
security programme
01
Building a Strong Security Programme
2. Why is cybersecurity such a struggle?
02
Transforming IT with
new technologies
Persistent cyber
threats
Emerging threat
vectors
4. Mobile & web
applications
Internet of Things
Social media
Insider threats
Supply chain
Ransomware
Distributed
denial of service
Cryptomining
Phishing
Social
engineering
04
Persistent cyber threats: Emerging threat vectors:
5. 05
3 questions to ask:
Where do we start in this
new IT environment?
1
How to create a security strategy
that fits well with new
technologies and infrastructure?
2
What are the right tools you should
deploy?
3
6. 06
Where do we start
in this new IT
environment?
• Enforce security governance on ‘shadow
IT’ (eg. dropbox.com to store project files)
by embracing end-user innovation with
clear guidelines. Schedule periodic
checks to ensure hygiene and
compliance.
• Educate business leaders to prioritise
data safeguards over speed to market
• Extend corporate risk management
practices to IT security
• Integrate security audits early in project
development phase (eg. DevOps)
• Embed cybersecurity culture by training
staff and developing stronger processes
and policies
1
12. 12
Take back control of
IT, data & security
management
Partner business
leaders at all levels
of organisation
How to create a security strategy
that fits well with new technologies and infrastructure?
2
13. 13
Set policies to align new IT purchases with security,
privacy, documentation and control.
Take back control
of IT, data & security management
14. 14
Assist business units to select
best possible IT products and
services.
Partner business leaders
at all levels
15. 15
Next generation firewall
for threat protection
Cloud Access Security
Broker (CASB)
Web isolation
Secure email gateway
What are the right tools
you should deploy?
3
16. 16
Next generation firewall
for threat protection
• Full-stack, single-pass traffic
inspection across all ports
• Full visibility & control
• Anti-virus and anti-malware
• Command and Control (CnC)
Protection
• Content and URL filtering
• Global protect virtual
private network (VPN)
• Sandboxing
17. 17
Cloud Access Security Broker
• Detect & analyse suspicious activity,
logins and policy violations
• Protect data with 256-bit AES
encryption
• Manage sensitive content to prevent
data leakage
• Digital document watermarks to track
file history
• Granular control over cloud app access
• Malware protection
• Mobile remote wipe
18. 18
Web isolation • Render web & email content remotely
before reaching end users
• Isolate, view and scan documents for
malware
• Block access to web content with URL
filtering
• Anti-phishing
• Log and control end user actions
19. 19
Secure email gateway
• Spam protection using a mail
transfer agent
• Email & web traffic monitoring
• Email authentication & encryption
• Content based anti-spam & anti-virus
• Virus outbreak and reputation filters
• Scalable security infrastructure to
handle large spam volumes
• Content scanning & policy
enforcement
• Centralised management
20. 20
Partner with an MSSP
for the right tools to
secure your organisation
For those IT and security executives whose organisations are beginning or in
the midst of a technology transformation, these are both challenging and
exciting times. Failure to implement strong security measures can be
disastrous — there is virtually no time to spare for taking the necessary steps
to protect enterprise data.
21. 21
Chat with us to learn how we can partner with you
to design a security strategy for your organisation.