Johannesburg – A cyber security firm has urged companies to secure their networks and laptop use.
In2IT technologies, which specialises in cyber security, warns that: “As a country, we are facing two types of cyber-attacks: one on systems such as networks and the other on people such as phishing”.
Rounding off October – cyber security month – Amritesh Anand, the In2IT vice president, said: “We are inundated with multiple attacks on both fronts in our customer environments”.
Anand added: “It is important to understand that organisation-wide security is a responsibility of every individual.
“So, updating policy on a laptop to maintain process level compliance is extremely key.
“This is where we realise that most of the organisations in South Africa are prone to cyber security threats despite investing a lot in security software.”
Anand said In2IT has invested heavily in the security domain since its inception a decade ago.
“Our portfolio of security services covers the life cycle services requirement of our customer,” said Anand.
The In2IT portfolio includes:
(a) Consulting – to find out the right solution, product, or architecture or to find gaps in the existing security structure of an organisation. In2IT can help organisations from that starting point.
(b) Professional Services – through our vast partnership portfolio and experienced and certified resources in heterogeneous product lines available throughout the industry for an organisation to ensure they have set up devices and solutions that are going to ensure their organisations are going to be secured after implementing what they bought. Professional services thus become the foundation block for a strong security setup for any organisation.
(C) Managed Security Services – Unlike other towers of IT, security towers are a constantly evolving area where you need agile eyes to ensure your return on investment is protected right from IT to business. In2IT’s portfolio involves ISO 27001 certified 24×7 Security Operations Center (SOC) guarded by experienced threat hunters, security analysts to seasoned certified hackers who can provide defensive as well as offensive security.
“To this portfolio, AI/ML is playing a huge role in how we will protect our future organisations as it is practically impossible to keep a human eye on ever-offensive hackers and constantly evolving security posture, hence you need your tools equipped with AI/ML solutions viz SOAR, etc,” said Anand.
“Portfolio is enhanced through the adoption of OT (Operational Technologies) into the mix along with IT as organisations have greatly adopted IoT in their business. Further, our Security COE is busy coming up with a solution using Quantum Technologies.”
Asked what In2IT’s biggest USP is that di?erentiates it from competitors, Anand said: “Constantly evolving security solution that’s bounded by technology and not by a particular product/OEM is the mainstream focus for our Security COE.
“That’s why In2IT is able to come up with 360-degree defence for our customers which are interconnected to each other and backed up with In2IT AI/ML solution line to ensure the defence is tight.
“Further, we ensure we adopt the newest of technologies quickly viz Quantum Security as we speak.”
Anand said the advantages In2IT has over other players in the industry include:
- (a) A large pool of certified resources across heterogeneous products and technology lines(b) Certified and secured SOC centre which is ISO 27001 certified.
- (c) Investment in Security COE, which ensures we constantly evolve and equip ourselves with new technology, product, and developments in the security world.
- (d) In2IT’s 360-degree defence portfolio which provides life cycle services for our customers.
The area of security is evolving at an extremely fast pace, as much as it is important to invest in the right people within an organisation, it’s pretty difficult to keep on investing to cover the requirement end to end.
Hence it is advisable that organisations must identify partners who specialise in security and invest in security on a constant basis so that organisations get the right mix of security solutions at fraction of the cost.
“It’s a constantly evolving space and it’s not going to stop as we are surrounded by bigger and faster devices all around us, be it a professional life or personal life,” said Anand.
“With the adoption of quantum computing catching up in the mainstream, demand will aggravate.
“Hence organisations need to have a constant focus and keep on redefining their security portfolio constantly.”
Commenting on cloud-based security versus in-house security, Anand said: “As we mentioned, the security portfolio is vast and as organisations are busy moving and adopting cloud in their portfolio”.
Anand said it was very important to adopt and secure cloud-based solutions primarily for two reasons:
(a) as you move your applications to cloud, you need to ensure you have a portfolio of security solutions securing your investment in cloud.
(b) even though your IT investment and applications are spread between cloud and on-premises, today we can take advantage of security solutions hosted on cloud which ensures quick deployment and ensures that industry best practices are available to every customer.
“Hence our recommendations are it is definitely important to look at cloud-based solutions in any organisation’s portfolio, however, keep an eye on flexibility to implement as per your need as well as ensure you have the right mix of cloud-based and on-premises solutions as per your needs,” said Anand.
On CISOs getting approval for security investments from other stakeholders within the business, Anand said there was a risk of losing a business, data, reputation, and competitor edge are far riskier positions than a right mix of investment on security.
He also warned that security threats were evolving and can impact not only IT but also OT technologies.
“It’s important to notice that as much as security is driven through defence by deploying the right set of products, it’s equally important to adopt offensive security today to identify gaps before hackers found it out and you can plug the loopholes,” Anand said.
“The biggest investment which organisations can make is awareness campaigns within an organisation, training for everyone in the organisation so that you not only invest in technology but also to protect it given that the biggest risks are generated through human mistakes.”