Some days ago I came across an interesting report by KPMG aimed at cyber leaders in organizations combating threats in the cyber space. It is an interesting article especially for those in the managerial field of cybersecurity, it covers different areas of cybersecurity which are currently in evolution to provide better cyber defenses in a constant evolving and growing landscape.
The main ideas expressed in the paper is the current shift in the security industry, nowadays we can talk about cyber as the traditional security perimeter is getting disintegrated and the organizations rely on an extensice network of partners, outsourcers and providers to develop their business activities and also the growing need of organizations and employees to become mobile. All these rapid changes in the business world have fostered what it is call a cyber ecosystem.
In this cyber ecosystem all the organizations are under the constant stress to combat cyber threats not only coming or directed at their organizations but also at the rest of their business networks. Recent cyber attack such as the biggest breach in history today in a US retailer,
http://krebsonsecurity.com/2014/05/the-target-breach-by-the-numbers/
is thought to have been facilitated by one of their air conditioner suppliers based in Pennsylvania.
This demonstrated to the world how security is moving very fast out of the traditional security perimeter and new strategies need to be defined in order to defend organizations. Top world organizations in different sectors are developing new strategies to improve their defenses and cyber resilience,
- Collaboration initiated in the C-Suite and extended to the rest of organization and business ecosystem
- Targeted Cyber defenses based on human, threat intelligence and same sector collaboration
- Improving Incident Readiness sharing and collaborating with the ecosystem
- Developing better cybersecurity professionals capable of talking the business language
- Developing and supporting cyber start ups in their growing process to allow them a better alignment with big organizations
Some of these sector has been very recently in the press,
http://www.theguardian.com/technology/2015/jan/16/cyber-war-games-uk-us-intelligence
This is an excellent paper that transmit the idea that we are all part of a revolution in the security field. The same way the hacker figure has evolved into a network of criminals, foreign goverment secret services, and other cyber threat actors, organizations now need to evolve to fight cyber crime together and collaborate to become a bigger defense.