Cybersecurity is a prevalent topic in boardrooms, particularly now that businesses and individuals spend a lot of time communicating and working online.
However, many organisations are unaware of their cybersecurity status. Cybersecurity services provider, ITC Secure, monitors its client systems from a 24-hour security operations centre, reacting to attacks and proactively searching for threats on behalf of its customers.
“What we’re seeing is that cyberattacks are continuing to increase in sophistication and volume across all business verticals industries and Microsoft users often aren’t using the security solutions that they have available to them to their maximum potential,” says Arno Robbertse, CEO of ITC Secure.
The first step in a cybersecurity journey is to understand what risks and vulnerabilities the user is exposed to and then to make a plan on how these can be prevented. “The scary thing about cybersecurity is that anything could happen to users and that could have a significant impact on their business, and it’s this realisation that leads to action,” says Robbertse. “The reality is that the effort, time and expertise needed to establish 24/7 threat detection and response capabilities in-house can be overwhelming, an issue compounded by the cyber skills gap of more than 2.72 million professionals globally.”
As a result, more and more businesses are turning to managed security services providers like ITC Secure to remove the burden of deploying, configuring and managing their security across multiple environments.
According to Robbertse, Microsoft has made considerable investments into the research and development of its security products so that Azure can provide a set of tools for organisations to stay secure across all operating systems and cloud infrastructures.
As a member of the Microsoft Intelligent Security Association with Microsoft Security Advanced Specialization in cloud security, identity and access management and threat protection, ITC Secure deploys, configures and manages security workloads in the Microsoft environment in order to reduce risks for its customers.
“We think about cybersecurity as a perfect trinity of people, governance and technology,” says Robbertse. “And what we do is secure those three areas together. We manage risk effectively because what we have in Microsoft now is a platform that gives us the best in-class tools to innovate and build intellectual property around it.
“Whilst cybersecurity can be very technical, part of what we do is we turn that technical reason into boardroom language so that our customers can understand their risks and make decisions against them. We’ve been able to take this a step further in using Microsoft’s toolset, by setting the risk and compliance modules inside Microsoft to help the board visualise, quantify and track risk over time.”
By doing this, ITC Secure avoids overwhelming its customers with jargon and encourages them to save money by leveraging their existing relations with Microsoft.
“Typically, the first thing we often do to help a company is to unlock the existing security products and benefits that they are paying for but aren’t using,” says Robbertse. “We help them reduce the complexity of other tools. And at a time when security budgets tend to be going up, this allows company leaders to reallocate that budget into other products and solutions to advance their cybersecurity.”
Supply chains can also benefit from investments into stronger cybersecurity. For example, companies are using the internet of things and connecting to operational technology to track data from machinery and devices. Many of these devices were not originally designed to be connected to the internet, leaving them at risk for security breaches. “Using the Microsoft toolset, we’re able to help customers reduce that risk whilst enabling them to continue collecting and processing that data in the most secure way,” adds Robbertse.
Many companies are beginning to question how to unlock the power and intelligence of the cloud so they can use it in the most meaningful way. To do this safely, ITC Secure encourages users to think about a security strategy for their digital transformation and secure identity and access management.
“In this post-pandemic world, where hybrid working has become the new normal, a secure identity is very important in order to protect how the cloud is being accessed,” says Robbertse. “We use the Microsoft toolset to protect identities across enterprises, multiple cloud applications and enterprise resource planning systems.”
The amount of data that is accessible to an individual can render an organisation susceptible to cyberattacks, especially if the individual has access to a vast amount of data. ITC Secure uses Azure Active Directory to adjust hybrid identities and reduce the risk associated with individuals’ access to company files, which can be exploited during a data breach. This automates an individual’s access to company data, meaning that if this identity was breached, the company would be able to identify exactly what information was in danger and act accordingly.
“Employee access needs to be revised and checked so we automate as much of that as possible so that it's not down to any human being to monitor this.”
As cyber threats rapidly proliferate and continue to increase in complexity, ITC believes that legacy approaches to cybersecurity will no longer suffice.
Robbertse concludes: “As the saying goes ‘Security is always excessive, until it is not enough’, however with the right partner, cybersecurity strategies can be designed to not just manage risk, but also shift from a state of reactive, to proactive… and event to predictive.”
This article was originally published in the Summer 2022 issue of Technology Record. To get future issues delivered directly to your inbox, sign up for a free subscription.