While businesses benefit from moving their data and operations away from their own physical servers in owned and operated data centres to Cloud companies such as Amazon Web Services, MicroSoft Azure and Google Cloud, there remain problems – the main one being cybersecurity.
While Cloud may achieve mass acceptance, through the widespread uptake of what might be described as a utility based model of computing, it disrupts not just traditional processing models, shifting the focus primarily off own premise deployments, it also disrupts corporate postures with respect to governance, risk and compliance (GRC).
The rapidly changing legislative and regulatory framework now clearly attributes responsibility for organisations GRC posture to named officers of those organizations.
No longer can liability for failure of business continuity, security and loss of customer data be attributed to the “IT crowd”. These are board level considerations – and the emergence of roles such as Chief Security officer, Chief information security officer and Data protection officer clearly reflect the radically shifting of emphasis from internal IT service providers to such officers when it comes to questions of responsibility and accountability.
The design concept underpinning our planned contribution to ACSIA is intended to provide an easily understood and managed communications channel from a corporate cloud based system directly to those who will be accountable in the event of issues arising and not being effectively addressed.
4Securitas are creating a comprehensive security and communications service integrated in easy to understand interfaces – against the trend of disconnected point solutions – ACSIA (Automated Cybersecurity Interactive Application) joins up system alerts and communications to the relevant people in a manner that is clear and concise while at the same time being sufficiently information rich to allow appropriate action to be taken.
Analysis of the recent history of large scale data breaches typically show that while traditional event logging may have been in place, information overload, corporate inertia and unclear understanding of roles and responsibilities meant that alerts were either switched off or ignored.
By aligning the detection as envisaged by this product, into one unified source of knowledge the product – as an enabling technology – will empower organisations to refine and adapt to the fast moving world of cybersecurity risk mitigation.
Subscribe to our blog on how to secure your digital assets and achieve more.