Interview with Ramsés Gallego, Strategist & Evangelist, Symantec, Office of the CTO
TIG. The Cyber Threat Landscape is in constant transformation. Which you see are the emerging threats that could become more harmful for enterprises?
Ramsés Gallego. The biggest threat is not understanding the ever changing landscape. The greatest problem is having the false sense of security… which actually turns into (in)security. We at Symantec are uniquely positioned to comprehend that the bad guys will craft new techniques to harm organizations and people around the world. We are seeing different types of malware, variations of ransomware, several flavors of phishing attacks, … But they only want one thing: your data and/or your money.
There are criminal organizations behind the attacks that we are seeing – some very sophisticated, we have to admit – and we need to work different angles to identify, detect and prevent them. We are advising customers to embrace disciplines such as Mobility, Cloud, Big Data in a secure fashion, with the appropriate technology, with the right approach, with the very much needed common sense.
Emerging threats are really … merging and we need to be prepared for that changing landscape. Somehow, we have to expect the unexpected and be ready to respond and recover.
TIG. As cyber attacks become more and more sophisticated, what actions should organizations take and what approach could help them to become more effective?
Ramsés Gallego. They should work in different dimensions, in our opinion. Culture, Behavior, Skills, Capabilities, Technology, Moral, Ethics,… They need to adapt and adopt new technologies in the business ventures that they are pursuing. These new technologies will protect and defend, prevent and respond to the threats that challenge their security posture every single minute.
We are inviting customers to have an holistic view of security: from the gateway to endpoint, from the network to applications, from the Cloud to the datacenter. Only a comprehensive, end-to-end vision of security will identify, detect, protect, monitor and respond to cyber-threats. A vision that has to turn into a mission that is always about saving people’s lives, defending intellectual property, safeguarding critical data.
TIG. New threats are also the consequence of the direct involvement of enterprises in new Digital Transformation projects, with the aim to achieve higher level of competitive advantage. As regards Cloud computing, undoubtedly it offers many benefits – scalability, flexibility, reduced costs – but there are also security challenges to overcome. What are your recommendations of actions to be taken for Cloud security?
Ramsés Gallego. Cloud is just another chapter in the IT book. Yes, it amplified and expanded our risk posture and while it provides many benefits it also brings some challenges. But it is just another platform that we need to secure and ask the right questions to the right people at the right time.
There are different aspects to be considered in the Cloud environment: from the robust, solid two-factor authentication to making sure that data is fully encrypted and only available to the appropriate ‘circles of trust’. There are aspects both for operating the Cloud (encryption, PKI, identity management, access governance, incident response,..) and for governing the Cloud (Compliance, Auditing, Portability, Interoperability,…).
We are so proud of our most recent acquisition, Blue Coat, who is a leader in the world of securing the Cloud and fully understanding the discipline of CASB (Cloud Access Security Broker). A unified and simplified way to provide secure, granular access to Cloud platforms is key for the future present.
TIG. As the scenario is becoming more and more complex, more emphasis is today over Cybersecurity Governance. Which is the situation you are experiencing in today’s organizations as regards the govern and control of their specific Security Posture ? which improvements should be taken?
Ramsés Gallego. Governance is an overarching discipline that has four main principles: strategic, tactics, risk management and the responsible use of resources. If you take a look to the definition of Governance is a pure approach to business – not technology -. It talks about mitigating the exposure factor, reducing Enterprise Risk (not IT risk nor technology risk), the responsible use of corporate resources (and they usually are digital assets). The very best companies are eager to differentiate Management from Governance and we are inviting everyone to do so. Governing requires a set of actions that are necessarily different from managing a company, assets, resources. We encourage every company to embrace a framework and to be guided into the right security posture. COBIT 5 could be one, the ISO27000 family or others. But doing nothing, in this ever-changing security landscape is not an option. We believe that hope is a very bad strategy in Cybersecurity and we at Symantec are here to protect and defend.
Elena Vaciago, The Innovation Group