Cybersecurity is a moving target. By that I mean that on any given day, an attack vector you had not even imagined in the morning can be a red-hot priority by the afternoon. Having said that, the threat you worry most about today might be all but irrelevant tomorrow.
Granted, cyberthreats don’t always move quite that fast. But with a hacker attack occurring on average every 39 seconds, there’s no shortage of velocity and momentum in cybercrime. So, it pays to sit down with cybersecurity professionals frequently to hear what’s on their minds.
A peek at the cybersecurity zeitgeist
I recently sat down with Gabe Dimeglio, GVP & GM of Rimini Protect™ security services and solutions here at Rimini Street, as part of our new “Streetwise Sessions“ interview series. Gabe is immersed in security discussions with fellow security practitioners in the cybersecurity ecosystem – not to mention Rimini Street customers – literally every day. I asked him to share a quick snapshot of today’s security zeitgeist. Here’s some of that conversation.
As a quick level set, Gabe began by noting that for all the noise, all the hype, and all the complexity in the cybersecurity arena, the basic concern boils down to two things. One is mitigating business disruption, meaning ensuring the availability and continuity of services and data in the event of a breach. The other is mitigating data breaches in general and specifically the loss of intellectual property, personally identifiable information, and any data subject to regulatory compliance requirements.
Everything else falls somewhere within or near to those two practical concerns. And even those two concerns are not entirely equal. When you look at disruptions caused by downtime versus data leaving the building, the data loss concerns are becoming as important as business disruptions, and Gabe walks us through why that is the case.
At the time of writing, the highest profile cyberthreat with the potential for business disruption, and the highest threat with the potential to cause data loss, happen to be the same threat: ransomware attacks. Globally, ransomware attacks exceeded 236 million occurrences in the first half of 2022 alone.
Every business is moving to combat ransomware. Indeed, the global market for ransomware protection solutions is projected to reach over $46 billion by 2028. At the same time, everyone recognizes that no amount of investment can get you to a state of 100 % ironclad cybersecurity. Buying your way out of risk is utterly impossible.
Overcoming cybersecurity challenges – Focus on Risk Reduction
What you can do, Gabe observed, is create clear and compelling business cases that quantify the investment to return calculus in terms of both risk reduction and revenue impact for any given security investment. And then, let the board make the call. But there are two obstacles even there.
The first is that security professionals are not always able to articulate the business case for the solution they are trying to get funded. The second is that even if they can make the case and get the funding they seek, they will quickly run up against the talent shortage in security professionals.
There are several layers of complexity here. And I’ve been giving only a high-level view of issues Gabe discussed in much greater detail during the interview. If you’re a security professional looking for practical advice, watch the video below for the full discussion including industry predictions, insights, advice.
You may also like:
- Read: CISO’s Guide to the Future of Enterprise Software Security
- Watch: Introducing Rimini Protect™
- Solution: Global Security Solutions
Looking for thought-provoking, educational content? Check out Street Wise, your one-stop shop for authoritative articles, interviews, blogs, and more from industry leaders on today’s hottest topics.
