Cybersecurity is crucial to your business. Are you secure enough?

Share on linkedin
Share on facebook
Share on twitter
Cybersecurity

CompTIA, a leading IT industry membership association, has published its IT Industry Outlook 2018 report. That study cites IDC research that projects, “global information technology spending will top $4.8 trillion in 2018, with the U.S. accounting for approximately $1.5 trillion of the market.”

A survey of IT professionals conducted for the 2018 New York Tech Summit found that 85 percent of respondents spend up to half their total IT budgets on security-related investments. This only makes sense. In the 2017 edition of this survey, nearly half the respondents (49%) cited security as their top concern.

Given those concerns and spending patterns, cybersecurity spending in 2018 could be as high as $.75 trillion in the U.S. and $2.4 trillion worldwide. Yet no amount of spending is guaranteed to be enough to protect your business from every threat or attack.


Cybersecurity threats continue to grow and evolve

That’s because the threats to cybersecurity at your business are growing in number, sophistication, and impact. A May 2018 Marketwatch.com article cited research by the Identity Theft Resource Center, a U.S. non-profit. That group found the number of “significant breaches at U.S. businesses, government agencies, and other organizations topped 1,300,” compared with fewer than 200 in 2005.

Phishing emails and websites are gaining greater personalization and persuasion features. In October 2018, the independent Anti-Phishing Working Group (APWG), reported detection of more than 230,000 unique phishing web sites during the second quarter of the year. Each of these sites can have hundreds or thousands of URLs that direct unwitting victims to them.

During that same quarter, APWG members reported more than 280,000 unique email phishing campaigns. More than one-third of those attacks (36%) targeted payment processors, while more than one-fifth (21%) were directed at software as a service (SaaS) and webmail providers.

And so-called business email compromise or BEC attacks now often contain names and specific information that increase their perceived legitimacy. That information is frequently gathered from social media sites.

Meanwhile, malware as a service continues to grow. This threat is particularly insidious. It enables criminals with no technical skills to pay a fee to have a selected number of computers infected with ransomware or other dangerous code.

(See, “Strengthen your defenses against phishing, botnets, and other cyber threats”)

Cybersecurity threats: how best to respond?

Whatever the number and mix of threats your business faces, your IT and cybersecurity leaders, teams, solutions, and processes must be ready to face them effectively. This means you need the ability to discover vulnerabilities before they become threats, and to identify and isolate threats before they can wreak widespread damage.

ITSM

Traditional, legacy cybersecurity measures are no longer adequate, if they ever were. Such measures tend to be reactive and remedial, in parallel with the “break/fix” approach to early attempts at ITSM. Today, both effective ITSM and effective cybersecurity require solutions and processes that are proactive, prescriptive, and preventive, as well as able to respond to problems after they occur.

All of this means that cybersecurity can no longer be viewed as something separate from ITSM or IT management in general. Every IT activity at your business now requires a security component.

IT discovery

IT discovery cannot simply catalog devices. It must also include information about the relationships that link devices to each other, your services, and your users. IT discovery and monitoring must also be constantly vigilant for unknown devices and unauthorized connection attempts.

ITAM

Similarly, your IT asset management (ITAM) efforts must embrace cybersecurity as well. The information you collect and store about your IT assets must be accurate, comprehensive, and timely, so your security patches, software updates, and other preventive measures are implemented consistently. 

Every business and IT service you provide must be crafted, delivered, and managed with security as a primary concern.

Information security and cybersecurity

Operationally, all of this is a great incentive to bring IT and cyber security operations closer together, as discussed in a recent webinar co-hosted by Virima and follow-up. Technologically, you need IT discovery, ITAM, and ITSM solutions that capture and deliver the information you need to maximize the effectiveness of security efforts across your entire IT estate.

In reality, your business can never be too secure, and can always be made more so. With the right perspectives, processes, and technologies, however, you can make and keep your business secure enough to survive and thrive, no matter how sophisticated or numerous cyber threats become.

Virima: your partner for better IT-security convergence

Virima’s solutions for IT asset discovery, IT asset management (ITAM), and IT service management (ITSM) are all designed to help improve management and security of your entire IT estate. In addition, they’re built to be easy to use and configure, and to produce useful, actionable reports about your IT environment, for IT managers and business decision makers. 

We help you and your service management team work more closely and effectively with your cybersecurity counterparts, to maximize availability, resilience, and resistance to threats of your IT estate.

Virima features can automatically discover and map your critical IT resources and the interconnections that link them to one another, your applications and services, and your users.

Virima is here to help. To get started, contact us today to schedule a demo and explore the possibilities!

Share on linkedin
Share on facebook
Share on twitter

Subscribe to Our Newsletter

More to Explore

IT Operations Management (ITOM) refers to the administration of technology and application requirements within an IT organization. Under the ITIL framework, ITOM’s objective is to monitor, control, and execute the routine tasks necessary to support an organization’s IT infrastructure.(Also, see…

CMDB service maps are visual depictions of hierarchical relationships among business services (sometimes also major applications) and their supporting Configuration Items (CIs). Because service maps can provide an instant bird’s eye view of critical dependencies and relationships, their utility lies…

Understanding the Configuration Management Database (CMDB) and its core functions is a critical aspect of service management. The CMDB forms the hub of numerous service management practices and provides a means of correlation needed to deliver business services successfully.   The…

Introduction  IT asset management (ITAM) and inventory management are both useful practices that can benefit any organization using IT. Both of these practices are concerned with the management of IT assets but focus on different things. Inventory management can exist…

IT asset management (ITAM) and configuration management are both useful practices that can benefit any organization using IT. Both of these practices are concerned with the management of IT assets, but focus on different things.Configuration management can exist without IT…

Some people think that an IT service desk is the same thing as an IT help desk. It isn't, as I'm going to explain. Sure, there are some similarities, but there are also many differences. Let's start by exploring what…

To understand the business value of service mapping, it’s important to shift to a service delivery mindset, rather than thinking about delivering infrastructure, equipment, software, and applications. Defining services is relatively simple if thought of as the commoditization of what’s…

Business service mapping – the area of configuration management that perplexes so many IT professionals, yet that which provides the highest value in configuration management database (CMDB) projects. There are several major reasons IT gets stopped when it comes to…

The world of ITSM has changed as technology has shifted from providing tools for administrative support to being fully embedded in the delivery of the business’ core function.  There’s a world of difference between using an accounts payable system to…

The Configuration Management Database (CMDB) provides a single database that contains information about the enterprise’s assets, both logical and physical. In modern service management platforms, it provides core functionality that is referenced by all of the service management practices, including…