Most organizations still view security as a fortress that surrounds their company. They patch from time to time, but usually ignore it, assuming that they don’t have anything to worry about — after all, who wants to hack us? But as the massive data breaches of 2015 show, hackers will always find a way to sneak in and smuggle data out if no one is watching. Security needs to be integrated into every level of the company — not just its outer perimeter. Here’s what cyber security services need to learn in 2016:

 

1. Cyber security services must stop relying on technology alone. 2015 made it clear that no system is completely secure by itself. From the billion dollar international Carbanak heist, to the simple VTech hack that was used to steal identifying information of children and their parents, it’s clear no organization is invulnerable.The sad fact is that most 2015 breaches could have been prevented by better monitoring. According to M-Trends, the average hacker spends over 200 days in a network before being detected. That’s plenty of time to catch the bad guys — provided you’re looking in the right places. Symmetry cyber security services continuously monitor networks, server and users, and can react immediately when we spot suspicious activity. That means we can stop the hackers long before they find a way in.

 

2. The industry needs to adopt a managed security services approach. Hackers get better every year. The 2015 OPM breach was carried out by highly-trained people, funded by foreign governments to amass data on federal officials. Hackers are also getting faster. According to Verizon’s 2015 Data Breach Investigation Report, 75% of attacks spread to a second victim within 24 hours, with over 40% hitting the second organization in less than an hour.To keep up, cyber security services professionals need to cooperate across organizations, learning from the threats each organization faces. With managed security services, companies can pool their resources, and security pros can share their knowledge to make everybody safer. That’s why Symmetry partners with cyber security leaders like Dell SecureWorks to beat the bad guys.

 

3. The cyber security services industry needs to adapt to insider threats. 2015 started with a Morgan Stanley wealth advisor exposing massive amounts of client data. It got more press than many insider breaches, but was far from the first one. A SpectorSoft study showed that 62% of security professionals believe insider threats are up, and Vormetric found that 93% of IT decision makers believe their organizations are vulnerable. It’s clear that cyber security services professionals are starting to take insider threats very seriously.Unfortunately, as many organizations confuse security and compliance, they still aren’t doing their due diligence to stop insider threats. They put in measures like firewalls and encryption, but don’t consider insider risks like weak passwords or disgruntled workers. Companies need security partners who understand the role insiders play. Symmetry works with every level of the organization, analyzing risks, and providing training and monitoring to make sure your workers are bolstering your security — not undermining it.

 

Cyber Security Services Aren’t Just a Set of Tools

As a complete IT managed services provider, Symmetry understands that security needs to be part of everything your company does. Our SAP security services monitor and audit user activities and system changes, control access and address security issues as they happen. Our cyber security services use advanced techniques, including penetration testing to find threats before hackers can, and next gen endpoint protection to respond to external threats. And with 24/7 security and compliance monitoring, we’ll be ready to counter threats whenever they happen. Take our free cyber security vulnerability assessment today to see how secure your critical IT systems really are.

About Scott Goolik - VP, Compliance and Security Services

Scott Goolik is VP of Compliance and Security Services at Symmetry. A recognized expert in the field of SAP security and compliance, Scott has over 20 years of expertise in SAP security and is a regular presenter at SAP industry tradeshows and ASUG events. His experience includes working for one of the Big Four accounting firms and developing auditing tools, including those for segregation of duties (SOD). Scott is also responsible for architecting the ControlPanelGRC® solution which provides audit automation and acceleration of security and control processes.