Where data used to take a back seat in the digital business world, it is now the belle of the hacker’s ball. Because data is so high-value, large-volume, and vulnerable, it is more attractive to hackers than ever before, and cyberattacks on business assets are becoming more sophisticated and more frequent. To protect against this threat, companies must use a mix of old and new tactics to ensure an ironclad security strategy. Security needs to be built into the systems and processes to enable digital transformation, and all aspects of Security Theory should be incorporated into the application. This include tried-and-true tactics as well as new tactics that respond to the ever-evolving threats from creative hackers.
Further, a range of sensitive and valuable information such as personal data, prices, and product procedures, is processed and stored in a company’s internal systems. This calls for special security requirements to ensure that this information is not intercepted or falsified and is available whenever it is needed.
The network perimeter still needs strong protection, but digital companies are realizing that mobile devices and Internet of Things (IoT) devices perpetually create holes in that very expensive wall as they connect to the Internet. With that in mind, security needs to move closer to the business apps. Specific examples include:
- Identify and prevent attacks from within apps
- Protect data with an all-encompassing strategy that covers the cloud, on premise, and mobile devices
- Apply 360-degree correlation analytics across the network, endpoints, application, and data
- Accelerate threat detection with real-time incident response and forensics to limit threat impact
- Respond to threats in an adaptive manner with deep-learning-powered cybersecurity analytics
SAP chief security officer Justin Somaini provides insight into which traditional security practices companies should dust off and pair with new best practices to reap the full benefits of digital transformation. Below are suggestions on specific best practices that companies should incorporate to make sure their systems are secure:
- Ensure that a consistent and regular process is in place for patches and updates. Unpatched software poses the most serious security risk for businesses.
- Encrypt communications between business systems with SSL/TLS protocols and SNC protection.
- Check the interfaces to business systems to see if they are adequately secured.
- Revisit data backup plans and disaster recovery strategies.
- Review the security configurations of the business systems platform.
At SAPPHIRE NOW in May 2017, Justin Somaini sat down with technology expert Dr. Craig Brown to discuss the topic of enterprise security and the evolving role of security in today’s world. Specific topics covered include securing cross-platform applications and new technologies like machine-learning algorithms and the IoT, as well as how companies need to remain vigilant in their security through cross-functional teams.
Justin and Craig also discussed the opportunities presented when data scientists and security professionals leverage machine learning, neural networks, and artificial intelligence to detect known and unknown threats – in the technology world and beyond. To view the complete video, click here.
To learn more about enterprise security, click here.