December 15, 2016 By Scott Koegler 2 min read

The security of enterprise data was once the domain of IT and a few specialists who tracked intrusion events and maintained company firewalls. But even in today’s environment, which typically includes a chief information officer (CIO) and chief information security officer (CISO), enterprise security collaboration can help IT leaders increase knowledge of corporate exposure to cyberattacks, spread it beyond the aforementioned specialists and improve upon internal precautions that have become inadequate to protect information assets.

Involve Top Management

Security has become a common topic at every level of the enterprise, though detailed understanding of the specifics is generally incomplete. More than half of the business and IT executives queried for PwC’s “Global State of Information Security Survey 2017,” indicated that their organizations had a CISO to drive security efforts.

The CISO should participate in critical discussions about enterprise strategy and help determine which considerations should be included in current and future planning. Progressive organizations should have these leaders advise their boards of directors so that informed decisions can be made about budget allocations and project priorities.

Implement Cloud- and Network-Based Cybersecurity

Every company needs to have its own security experts to stay current with threats and their potential impact on enterprise data and operations. Threats have expanded exponentially in volume, origin and type, making the task of understanding and responding to daily intrusions impossible for a small team to handle.

Enterprises are turning to security-as-a-service (SECaaS) to supplement their internal efforts. SECaaS providers draw on large-scale networks of people and processes to gather threat intelligence from around the globe and process it in real time to anticipate and respond to cyberthreats for their clients. The consolidation of resources, coupled with large-scale analytics, enables enterprises that don’t have the same level of resources available internally to protect their critical assets.

Collaborate Across the Enterprise

Cyber breaches are not limited to entry through computer networks. The traditional practice of social engineering, which relies on personal contact and persuasion to obtain critical information, is still alive. But cybercriminals are constantly finding new avenues to extract data. Enterprises need to advise employees on what to watch for and how to detect intrusion attempts.

Companywide cybersecurity awareness can help thwart attacks before they become critical and cause damage. In addition to internal education and conversation, companies should coordinate their knowledge efforts with other organizations in their industries. Cyberthreats often target multiple companies in similar industries once they have discovered common vulnerabilities.

Enterprise Security Collaboration Enables Digital Transformation

Digital transformation is at the top of most companies’ agenda. That transformation usually involves some use of cloud-based resources to improve performance and speed innovation. But as companies leverage these resources, those efforts can be targeted for exploitation by cyberthieves. Securing these new avenues and technologies is paramount.

Fortunately, SECaaS providers employ similar resources to collect and analyze data and provide aggressive defense against intrusion. When companies combine technical services with informed staff, they are able to build and maintain effective protection against cyberthreats.

More from CISO

Making smart cybersecurity spending decisions in 2025

4 min read - December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many budgets heading into the New Year.Gartner expects that cybersecurity spending is expected to increase 15% in 2025, from $183.9 billion to $212 billion. Security services lead the way for the segment…

On holiday: Most important policies for reduced staff

4 min read - On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals shared stolen information for free as a holiday gift. In fact, the month of December 2023 saw more than 2 billion records breached and 1,351 disclosed security incidents, according to research from IT Governance — an increase of 332% and 187%, respectively, over the month of…

Overheard at RSA Conference 2024: Top trends cybersecurity experts are talking about

4 min read - At a brunch roundtable, one of the many informal events held during the RSA Conference 2024 (RSAC), the conversation turned to the most popular trends and themes at this year’s events. There was no disagreement in what people presenting sessions or companies on the Expo show floor were talking about: RSAC 2024 is all about artificial intelligence (or as one CISO said, “It’s not RSAC; it’s RSAI”). The chatter around AI shouldn’t have been a surprise to anyone who attended…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today