By Ellis Booker
5m read time
Every company is threatened by the worldwide epidemic of cybercrime. How can organizations, already stretched thin to support their existing IT and network infrastructures, best protect themselves? We spoke to Kris Lovejoy, global security and resilience leader at Kyndryl, about this ubiquitous problem.
Q: Cyberattacks keep growing in volume and sophistication. What’s going on?
A: Cybercriminals continually modify their attack strategies to take advantage of gaps in security approaches and technologies. For instance, some ransomware attacks now target production systems as well as backups, taking away the defense of a clean backup. This is why we contend that 100% protection is an impossible goal. Meanwhile, recent events have played into the hands of cybercriminals, greatly expanding the attack surface. I mean specifically the rush to support work-from-home [WFH] and work-from-anywhere [WFA] employees. As they try to secure a hodgepodge of legacy hardware, software, and networking vendors — and deploy new devices at the network’s edge — too many organizations have been caught flat-footed and extremely vulnerable to attack.
Q: If 100% protection is unattainable, how should companies shift their focus?
A: Instead of pursuing invulnerability, enterprises should make sure they are resilient to attack. That is, take steps to help ensure that assaults won’t have a devastating effect on the business. In our view, “resilience” combines cybersecurity, disaster recovery, and a variety of network resilience technologies to ensure continuity during and after cyberincidents. But given the IT talent shortage, migrating to a “resilience” posture is often beyond the in-house scope of most organizations. Just auditing the existing network can be a major undertaking, given the explosion of network endpoints.
Q: How do you see enterprise IT and operational risk management evolving?
A: Breaking down the silos that have built up between data governance, data security, data recovery, and business recovery is a crucial first step. Resilient firms will be able to recognize, continuously track, manage, and recover from sophisticated cyberattacks — and do so automatically whenever possible. The pressing need for automation comes from the expected wave of AI-powered cyberattacks in the future.
Q: What strategies can enterprises use to improve their security and resilience posture?
A: Secure, resilient, hybrid cloud environments are key. These architectures move away from hardware-based network appliances and proprietary management to open-standards-based software-defined networks [SDNs]. They provide security across the cloud, WAN, and LAN. In the cloud, enterprises can span compute, development, storage, disaster recovery, and business continuity across a virtualized, on-demand environment.
Q: What advanced technologies show the most promise for improving threat management, incident response, and disaster recovery?
A: Network modernization through virtualization and automation is essential in the digital era. Because the network is the platform for everything else, there is an urgent need for a more flexible and robust network infrastructure — one that is easier to provision, modify, monitor, and secure. That is why, in our view, software-defined networking is such a game-changer. It brings agility through network abstraction and automation, allowing network functions to be added or removed on demand, in the same way that cloud compute or storage resources can be added as needed.
Learn more about Kyndryl's security and resiliency services.