EDITOR’S QUESTION
/////////////////
GREG DE
CHASTEAUNEUF,
CTO AT SAICOM
Q + A + Q + A + Q + A + Q + A + Q + A + Q + A + Q + A +
Today more than ever, security can be
seen as one of the biggest inhibitors
of Digital Transformation, because
it relies on CIOs opening up their networks
and relying on employees not to unwittingly
expose their business to cyberthreats. In
too many organisations, there is still a
belief that if employees are sitting in the
office behind the firewall, that they are safe
from security threats.
The reality is that employees, whether in
office, or working remotely, click on links that
they shouldn’t; inadvertently install malware,
get access to and move laterally within the
networks. Today, there is no such thing as a
100% safe network.
CIOs need to work on the basis that security
is no longer a point of demarcation and the
perimeter firewall is dead. Applications and
content can be accessed from any device,
from any network.
The days of cybersecurity being available
only to the elite, centralised few is rapidly
diminishing. The democratisation of
cybersecurity is happening and security is
rapidly moving to the Edge device, branch
and application itself.
What this means is that CIOs need to
embrace the changes and realise that
security can no longer remain a hurdle to
Digital Transformation.
“
WHAT THIS
MEANS IS THAT
CIOS NEED TO
EMBRACE THE
CHANGES AND
REALISE THAT
SECURITY CAN NO
LONGER REMAIN
A HURDLE
TO DIGITAL
TRANSFORMATION.
We believe that security needs to be
embedded into every single thing that
businesses do.
Not just in one layer but in multiple layers
and in every single application. Ensuring that
business applications check the right boxes
are paramount and non-negotiable.
Simple considerations like end-to-end
encryption, multi-factor authentication (MFA),
trust tiers and having a clear view of who
owns which machine in the network are key.
Most modern SaaS applications today
address these security concerns. It is however
antiquated applications that still require
users to ‘Remote VPN’ into head office or a
data centre.
CIOs need to be taking a serious look at
how they move away from remote VPN
access for employees and other third
parties. They need to adopt a zero-trust,
perimeter-less model.
Who is to say that a remote user’s
machine won’t be compromised? And
when it does, the bad actor has access
back to the mothership.
28 INTELLIGENTCIO www.intelligentcio.com