November 4 (SeeNews) - To cope with emerging cyber security risks organisations in Southeast Europe (SEE) should work out comprehensive proactive defense strategies, IBM General Manager Southeast Europe Michael Paier said.
"Over the past few years, IBM has reaffirmed its position as a security solutions provider through a series of acquisitions that have broadened our security portfolio. Now we offer comprehensive, integrated, multilayer solutions consolidated under a single business unit focusing on security and threat intelligence," Paier said in an interview for the latest edition of the SEE TOP 100 (http://top100.seenews.com) publication prepared by SeeNews.
"Our security portfolio is based on a framework comprising hardware, software, and services designed to help organizations detect, prioritize, respond to, and prevent security breaches," he added.
Following is the full text of the interview:
Q: When it comes to cybercrime, rather than being popular targets, countries from the Southeast Europe (SEE) region are more known as a hot bed of highly-skilled hackers. However, IBM researchers have recently discovered newly reconfigured malwares specifically targeting more than 20 new banks in Bulgaria and Romania. What has changed in the world of cyber security?
A: Cyber attacks are spiraling and today the world of cyber security is expanding into a world of cyber insecurity with fraud and cybercrime on the rise with threats that are more diverse than ever, and attacks becoming more personal and much more sophisticated. Explosion of data is complicating the threat landscape – 90% of the world’s data has been created in the last years, yet less than 1% of that data is being analysed. IT Infrastructure is immature – according to IDC, organisations across SEE still use less-effective and obsolete IT infrastructures which makes them vulnerable to cyber attacks. At the same time spending on mobile devices is growing, and reaching almost a third from the total IT market in SEE in 2014. With the spread of mobile apps that may not have security by design, the BYOD (Bring your own device) trend more often may mean BYOV (Bring your own virus) at work or at home. Furthermore, the regulatory framework is underdeveloped.
Q: How does the market react?
A: In order to cope with the emerging threats and mitigate risks, SEE organizations are increasing their investments in IT security. According to IDC, overall spending on security solutions is expected to increase by 47% between 2014 and 2019, which is more than the worldwide average of 31%.
Clearly we can see this on the market: different organisations – from governments and financial institutions to small businesses or individuals – are heavily investing into securing their networks, yet the number of attacks is rising and so is their scale and the damage they cause.
One of the key reasons for that is that the majority of security investments in SEE are expected to be directed toward basic security solutions only. (https://www-01.ibm.com/marketing/iwm/dre/signup?source=mid-default_short_form&S_PKG=ov39537&S_TACT=C41600MW)
Q: What does this mean for organisations and governments in SEE?
A: It means that we have all reached a tipping point and we need to take a different approach to IT security.
Given today’s threat landscape, the question for almost every organization is not whether a security breach will happen, but when. Even worse – companies are not always aware that they have been attacked and it may take time until they detect the hack. So, existing perception that 90% network security is “OK” is no longer sufficient.
Q: How should SEE organisations deal with the new realities of cyber insecurity?
A: Today fighting cyber attacks should begin with an obsessive vigilance and far before the attack can happen. Proactive defense strategies should cover the entire organisation: its IT platform, including infrastructure, applications, cloud environments, mobile devices; employees and their constant training; and the physical assets of the organisation.
Q: What is the best protection today?
A: Our best defense today is to revamp our approach to security, and move towards a unified analytics and intelligence-driven collaborative fight against cybercrime.
Developing and executing a comprehensive long term cyber-security strategy has to be at the top of any CxO agenda now. This is a must.
Q: How can IBM help?
A: Over the past few years, IBM has reaffirmed its position as a security solutions provider through a series of acquisitions that have broadened our security portfolio. Now we offer comprehensive, integrated, multilayer solutions consolidated under a single business unit focusing on security and threat intelligence. Our security portfolio is based on a framework comprising hardware, software, and services designed to help organizations detect, prioritize, respond to, and prevent security breaches.
Q: Can you point to some best practices from the region, i.e. how organisations can benefit from this approach.
A: Organisations across SEE use IBM Security solutions to proactively protect their networks and their clients data from cyber crime.
For example, United Bulgarian Bank, Zagrebacka Banka and Splitska Banka in Croatia. BRD-Groupe Societe Generale in Romania, Societe Generale Banka Serbia are all focusing on fraud prevention by using IBM Security Trusteer to protect web applications, computers, and mobile devices against advanced malware and phishing attacks. Slovenian Zavod za zdravstveno zavarovanje Slovenije — the Health Insurance Institute of Slovenia, for example is using IBM QRadar to improve the speed of solving network problems and to deal with firewall issues by closing the gap between network and security operations.