December 15, 2016 By Scott Koegler 2 min read

The security of enterprise data was once the domain of IT and a few specialists who tracked intrusion events and maintained company firewalls. But even in today’s environment, which typically includes a chief information officer (CIO) and chief information security officer (CISO), enterprise security collaboration can help IT leaders increase knowledge of corporate exposure to cyberattacks, spread it beyond the aforementioned specialists and improve upon internal precautions that have become inadequate to protect information assets.

Involve Top Management

Security has become a common topic at every level of the enterprise, though detailed understanding of the specifics is generally incomplete. More than half of the business and IT executives queried for PwC’s “Global State of Information Security Survey 2017,” indicated that their organizations had a CISO to drive security efforts.

The CISO should participate in critical discussions about enterprise strategy and help determine which considerations should be included in current and future planning. Progressive organizations should have these leaders advise their boards of directors so that informed decisions can be made about budget allocations and project priorities.

Implement Cloud- and Network-Based Cybersecurity

Every company needs to have its own security experts to stay current with threats and their potential impact on enterprise data and operations. Threats have expanded exponentially in volume, origin and type, making the task of understanding and responding to daily intrusions impossible for a small team to handle.

Enterprises are turning to security-as-a-service (SECaaS) to supplement their internal efforts. SECaaS providers draw on large-scale networks of people and processes to gather threat intelligence from around the globe and process it in real time to anticipate and respond to cyberthreats for their clients. The consolidation of resources, coupled with large-scale analytics, enables enterprises that don’t have the same level of resources available internally to protect their critical assets.

Collaborate Across the Enterprise

Cyber breaches are not limited to entry through computer networks. The traditional practice of social engineering, which relies on personal contact and persuasion to obtain critical information, is still alive. But cybercriminals are constantly finding new avenues to extract data. Enterprises need to advise employees on what to watch for and how to detect intrusion attempts.

Companywide cybersecurity awareness can help thwart attacks before they become critical and cause damage. In addition to internal education and conversation, companies should coordinate their knowledge efforts with other organizations in their industries. Cyberthreats often target multiple companies in similar industries once they have discovered common vulnerabilities.

Enterprise Security Collaboration Enables Digital Transformation

Digital transformation is at the top of most companies’ agenda. That transformation usually involves some use of cloud-based resources to improve performance and speed innovation. But as companies leverage these resources, those efforts can be targeted for exploitation by cyberthieves. Securing these new avenues and technologies is paramount.

Fortunately, SECaaS providers employ similar resources to collect and analyze data and provide aggressive defense against intrusion. When companies combine technical services with informed staff, they are able to build and maintain effective protection against cyberthreats.

More from CISO

The evolution of a CISO: How the role has changed

3 min read - In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will result in 45% of CISOs’ remits expanding beyond cybersecurity by 2027.With the scope of a CISO’s responsibilities changing so quickly, how will the role adapt…

X-Force Threat Intelligence Index 2024 reveals stolen credentials as top risk, with AI attacks on the horizon

4 min read - Every year, IBM X-Force analysts assess the data collected across all our security disciplines to create the IBM X-Force Threat Intelligence Index, our annual report that plots changes in the cyber threat landscape to reveal trends and help clients proactively put security measures in place. Among the many noteworthy findings in the 2024 edition of the X-Force report, three major trends stand out that we’re advising security professionals and CISOs to observe: A sharp increase in abuse of valid accounts…

Boardroom cyber expertise comes under scrutiny

3 min read - Why are companies concerned about cybersecurity? Some of the main drivers are data protection, compliance, risk management and ensuring business continuity. None of these are minor issues. Then why do board members frequently keep their distance when it comes to cyber concerns?A report released last year showed that just 5% of CISOs reported directly to the CEO. This was actually down from 8% in 2022 and 11% in 2021. But even if board members don’t want to get too close…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today