With buy-in from the very top, organisations are merging security, risk and governance to form a holistic view of the threats they face and a broad solution to achieving protection
The crucial relationship between an organisation and its customers has been increasingly defined by data in recent years as new insights breed better products and services. However, this has also meant fears of a damaging data breach have sharply elevated, making it a board-level issue and a concern across the whole business.
This has also forced organisations to re-evaluate their approach to security, risk and governance, which were typically viewed and managed as separate domains. New requirements, such as the European Union’s General Data Protection Regulation, have brought the areas of security and privacy closer together and empowered people to be more aware of how their personal data is being used.
In this new reality, keeping security, risk and governance separate is detrimental to an organisation’s overall ability to protect itself. Companies implement security controls to enforce appropriate activity, but knowing what’s appropriate and determining what needs to be done requires governance and a strong understanding of the risk levels.
“They’re all part and parcel of the same process,” says Travis Grandpre, senior director of security, risk and governance marketing at Micro Focus, the UK’s biggest technology company. “Security becomes the enforcement mechanism, risk becomes the measure and governance the decision-making. If you bring all of those teams together around that uniform process, you can be much more effective and start providing a lower-risk environment.”
Companies must also recognise the clear relationship between identities, applications and data, and how each can become a vulnerability if not protected as well as the others. When silos are prevalent across an organisation, it can be easy for an individual with a background in DevOps, for example, to only think about application security.
We have some of the best, innovative technology in the marketplace, spanning not just security, but many other parts of the enterprise
By neglecting to think about the data the applications operate on or the users who interact with them, they can end up running into different kinds of security challenges. Making a change in one area can also have an impact on others that are out of view. “If they’re not careful, they can set the organisation up to be blindsided,” warns Mr Grandpre.
In the rush to meet the demand for greater security, venture capitalists have inadvertently heightened the likelihood of such silos in an organisation. Having injected more funding into the security industry in the past year than the last four combined, the result is an abundance of point solutions that tackle very narrow pieces of the security problem, creating even greater integration challenges and making it difficult to achieve a holistic view.
By providing perspective and integration across not just security, risk and governance, but the whole enterprise, including DevOps, hybrid IT and analytics, Micro Focus is well suited to organisations that wish to eliminate harmful silos and achieve a well-rounded approach to securing their business.
“We have the ability to connect all these teams, solve new use-cases and couple different businesses and buying centres, which allows organisations to bring in technology that’s been built to solve security challenges in a much more impactful way than the many point vendors out there in the market,” says Mr Grandpre.
The benefits of bringing together security, risk and governance spread beyond protecting the organisation from threats and ensuring data privacy for customers. Cybersecurity is now so engrained in the success of an organisation that achieving a well-rounded approach also enables new opportunities for businesses to grow.
“It gives you many ways to drive disruption and achieve even greater heights, while at the same time defending against breaches and keeping data private,” says Mr Grandpre. “We can help customers deliver a bright digital transformation for their future without worrying about incurring greater risk.
“Over the last 40 years, Micro Focus has proudly built this very successful business from taking a lot of amazing technology, some more mature and some new, and making it work for where our customers are going. We have some of the best, innovative technology in the marketplace, spanning not just security, but many other parts of the enterprise.”
For further information please visit www.microfocus.com/srgtimes