Our site uses cookies to make it work and to help us give you the best possible user experience. By using our site, you agree to our use of cookies. To find out more about cookies and how you can disable them, please read our cookies statement. 

Cookie Settings

You can manage your cookie settings by turning cookies on and off.

Click on the different cookie  headings to find out more about the types of cookies we use on this site and to change your settings. Please be aware that if you choose to turn off  cookies, certain areas of our site may not work and your browsing experience may be impacted.

For further information on how we use cookies, please see our cookies statement. 

Strictly Necessary Cookies

(Req)

These cookies are essential for the technical operation of and proper functioning of our site  and enable you to register and login, to easily move around our site, and to access secure areas. Without these cookies our site won't function properly.  

These cookies are required

Performance Cookies

Performance cookies allow us to collect aggregated and anonymous data on how our site is used, such as the number of visitors to our site, how you navigate around and the time spent on our site and also to identify any errors in functionality. These cookies also help us to improve the way our site works by ensuring that you can find what you’re looking for easily, to better understand what you are interested in and to measure the effectiveness of the content of our site. 

Marketing Cookies

These cookies allow us to advertise our products to you and allow us to pass this information on to our trusted third parties so that they can advertise our products to you on our behalf. All information these cookies collect is aggregated and therefore anonymous. No personal information is shared to third parties. Any personal information collected while using our website could be used for direct marketing from Dimension Data only.

2019 trends

The fightback against cybercrime gathers momentum

Matthew Gyde

Group Executive: Cybersecurity ─ Dimension Data

Matthew is responsible for managing Dimension Data’s Cybersecurity business globally. His career spans more than 25 years in the technology sector, with over 20 years’ experience in IT security. This vast experience equips him with a profound understanding of the security industry and how platforms need to be implemented and managed, to ensure that organisations remain competitive while minimising their risk, in a shifting threat landscape.

Follow on LinkedIn

New dawn rising in the fight against cybercrime


Predictive intelligence and business-led cybersecurity investments will chart your course to safety

Every year, Dimension Data publishes an Executive Guide to the annual NTT Security Global Threat Intelligence Report. We call out key findings and the most significant shifts we’ve observed in the cybersecurity landscape over the past 12 months. These are complemented by recommendations on how organisations can bolster their defences against emerging threats.

Our Cybersecurity Advisory ─ where we engage with clients to conduct in-depth cybersecurity maturity assessments, through the lens of their business priorities ─ is an important new contributor to this year’s Guide.

The fightback against cybercrime gathers momentum ─ and attracts board-level interest

One of the most conspicuous issues highlighted in this year’s Guide is that 2018 marked a record for the number of new vulnerabilities discovered in a calendar year – up 12.5% from last year.

2018 marked a record for the number of new vulnerabilities discovered in a calendar year – up 12.5% from last year. Read more @Dimensiondata Tweet this

While the threat landscape will continue to evolve, and the emergence of new, more sophisticated vulnerabilities and attack vectors is inevitable, I don’t believe it’s all ‘doom and gloom’. In fact, I’m extremely optimistic and excited about the future of the fight against cybercrime, for three key reasons:

  1. Predictive threat intelligence is reaching new heights

    The notion of moving from reactive to predictive security has been around for years. However, I foresee unprecedented innovations in this field in the immediate future. Substantial progress is already being made. For example, NTT, as a leading global carrier, has significant visibility of the world’s Internet traffic. We overlay the data and insights we’ve collected with the capabilities of the NTT Security Global Threat Intelligence Centre, where our experts work around the clock to analyse and synthesise the vast amounts of threat information we collect, at the most granular level. This gives structure and context to information and turns it into intelligence

    ​Key trends text

  2. Organisations’ security investments are becoming more informed, targeted, and strategic

    We’re observing a positive trend this year, with businesses moving away from making piecemeal investments in traditional security hardware, and instead moving towards more business-aligned, strategic buying decisions. This is evidenced by the fact that while the finance and technology sectors were the most attacked this year (each representing 17% of all attacks and featuring in the top five targeted sectors in every region), they’re also the most cybermature.

    Key trends text

  3. I’ve heard many people in our industry claim that ‘today, cybersecurity is your point of access to the board.’ They believe that talk of cybersecurity alone will gain the board’s attention and they’ll typically centre their approach on instilling fear, uncertainty, and doubt, i.e.: ‘These are all the threats out there. Look at our graphs that prove it; this is what you’re doing wrong … but, don’t worry, you can protect yourself if you invest USD 300 million in these new cybersecurity technologies.’

    I disagree with this approach, as it fundamentally lacks any form of business-alignment.

    To gain the attention of the board, you need experienced professionals who thoroughly understand the current threat landscape and the latest cybersecurity technologies, but also are willing and able to have business-related discussions.

    In my experience, gaining successful access to the board ─ and being invited back for further conversations ─ is achieved by those who’re willing to first engage with their clients in an advisory capacity. They focus initially on establishing a deep understanding of the organisation’s overarching business objectives, and subsequently present cybersecurity advice and investment options that are aligned to those goals.

    a) Gauge your current and desired state of cybermaturity in terms of business-relevance

    For example, among the many applications an organisation has, one might be an HR tool that simply tracks the number of employees in the company, per region or country, but contains no personal or financial details about any individuals. It’s just a convenient tool for an HR team within a global organisation to utilise. However, another application might generate over USD 6 billion a year in revenue for the company, and contain a host of transaction details, and customers’ names and credentials. Such an application obviously needs to be far more secure than the HR one.

    Security professionals and providers who work with clients to give them advice regarding their current and ideal security posture are the ones who’ll be taken seriously. In the example above, the most sensible advice would be to say: ‘It’s going to cost you USD 300 million to secure your entire enterprise for a period of time (but not forever), but if you prioritise, and focus on elements of your core business ─ such as the application that’s generating significant revenue ─ you’ll need only invest USD 5 million to guarantee its security, and you’ll also be able to use it more prolifically. And we can remove your HR application from the scope of this engagement, as the requirement for it to be secured, is negligible.’

    Only when you start to understand and measure a company’s most critical priorities, and demonstrate how you can add value to and secure the associated infrastructure, will you be perceived as a trusted partner.

    b) Currently, cybersecurity preparedness is generally lacking

    Over the last year, our Cybersecurity Advisory teams’ engagements with clients uncovered the following:

    • Cybersecurity maturity ambitions outpace preparedness: there’s a significant gap between most organisations’ goals in terms of where they are today and where they want to be ─ the current global maturity benchmark across all sectors is 1.45 out of 5.
    • There’s misalignment between:
      • a willingness to improve an organisation’s cyberpreparedness and what actions are indeed being taken
      • what’s understood to have been done and what has been done

    However, I don’t believe these findings should leave us despondent. Levels and gaps in organisations’ current and desired cybermaturity levels aren’t where we should focus. There are several encouraging takeouts to consider, for example:

    • Clients are demonstrating a growing willingness to take action to combat cybersecurity threats, and the need for cybersecurity to be understood throughout the organisation, but especially at the board level. Our Cybersecurity Advisory assessments reveal that, at present, the finance, technology, manufacturing, and healthcare sectors are the most engaged, and are driving increasing levels of strategic awareness and involvement.
    • Interest in ongoing, strategic cybersecurity improvements that include innovations such as threat intelligence, and automation and orchestration, is on the rise. This will offer in-house security professionals the opportunity to learn and to enhance their skill sets. More importantly, however, it’ll elevate their role to that of strategic business-enablers instead of being perceived as ‘the security guys down in the basement’ ─ this will impact employee morale and retention positively.
    • The fact that clients are spending much more strategically means that they no longer wish to deal with transactional partners. They’re looking for providers who’re invested in and understand their business, and how they can help drive it forward by applying security holistically throughout the lifecycle, from development to operations, as part of a long-term journey.
  4. Increasing buy-in and collaboration among stakeholders across the cybersecurity value chain

    The third area where I see encouraging progress is in the level of collaboration and information-sharing among organisations across the cybersecurity value chain.

    From research and development organisations, suppliers of security products and services, and in-house IT professionals, to boards, regulatory bodies, and governments, we need to create a united front to ‘fight the good fight’ and (from a business perspective), where necessary, leave any competitive inclinations ‘at the door’.

    Cybersecurity affects every one of us in some way, in both our professional and personal capacities. Ultimately, the success of our battle against this scourge hinges on how effectively we co-operate and collaborate.

So, together, let’s start pushing the boundaries of what’s possible.

Ultimately, the success of our battle against this scourge hinges on how effectively we co-operate and collaborate. Read more @Dimensiondata Tweet this

Recommended for you

How we can help you

Two people sitting in a meeting

Cybersecurity Advisory

Get the insights and action you need to improve your security posture.

Read more
A person standing on a cliff with a starry sky

Managed Security Services

Management and optimisation of your security infrastructure to shield and protect your data and applications no matter where they reside.

Read more

Get the Executive Guide to the NTT Security 2019 Global Threat Intelligence Report

Australia

By clicking submit below, you are agreeing to the Dimension Data Terms and Conditions and Privacy Policy