"Before, customers often asked me: Do you want to pay the ransom? Before last year, IBM's advice was often: Paying the ransom is a business consideration of the enterprise, because whether to pay the ransom or not is mainly to measure the impact of ransomware on the enterprise. How big is the impact. But starting this year, IBM has enough data, so our advice to customers now is: Paying ransom is not advisable." Recently, IBM released the 2022 "Data Breach Cost Report", The report shows that the current global data leakage incidents have caused losses to enterprises and organizations, and the economic impact has reached the highest level in 17 years. The average economic loss caused by a single data leakage incident has reached 4.35 million US dollars. Feng Liang, general manager of the Cyber Security Business at IBM China Technology Division, emphasized: "Based on the strong data survey results, IBM's current advice to customers is that paying the ransom is not advisable, and most of the work and investment should be spent on avoiding data leakage incidents. and measures that can quickly recover once it occurs.”
In fact, as the digitalization of the entire society continues to accelerate, all kinds of enterprises and organizations are showing increasing reliance on data and information—digitization is making As businesses and organizations become more agile, resilient and efficient, the risks they face also increase with the deepening of digitalization.
In Feng Liang's view, in addition to "paying ransom is not desirable", the statistical results of the 2022 "Data Breach Cost Report" also show that nearly 80% of the critical infrastructure organizations surveyed have not adopted zero-trust security. strategy, their average cost of a data breach was as high as $5.4 million, $1.17 million more than organizations that had adopted a zero trust strategy; meanwhile, security in the cloud was immature, with approximately 43% of respondents Enterprises and organizations that have not yet started deploying security measures in their cross-cloud environments, or are still in the early stages of deployment, have a data breach cost of $660,000 more than organizations that have deployed mature security measures across their cross-cloud environments. Corresponding to the results of these two figures: The data showed that the average cost of a data breach was $3.05 million lower for organizations that deployed security-focused AI and automation.
"Another very interesting finding is that by far, the biggest cause of data leakage is actually still credential theft, or compromised credentials. Society promotes the importance of passwords, you have to keep changing your passwords, and there are various measures to ensure that your passwords will not be stolen, even so, password theft is still the first cause of data leakage. No. 1, it has always been No. 1. Therefore, we still need to continuously help enterprises to cope with and improve in this regard.” The popularity of advanced strategies is not high, the deployment of emerging technologies and tools is insufficient, and long-term habits are difficult to correct...all This makes enterprise data security a rather "comprehensive" problem. The first step in solving such a comprehensive problem is always technology - the support from the technical side is often the most direct and most trustworthy.
So, how should enterprises ensure their own data security and minimize the cost of data leakage, Feng Liang first proposed four principles for adopting a zero-trust strategy: strictly control privileged access, never trust, always verify, and assume there are loopholes.
"Because of the impact of the epidemic in the past two years, the concept of zero trust has become very easy for everyone to understand." Feng Liang gave an example: The so-called "zero trust strategy" is equivalent to three years ago, when we went to the airport to take a flight, we didn't need to It is not necessary to verify the 72-hour nucleic acid to check the body temperature, let alone verify whether you have been vaccinated. "At that time, everyone was allowed to enter, and it was an access mechanism based on trust. I believed that there was no threat to those who came in. But when the external environment changed and there was a highly contagious new crown virus, then entering a dense public area, Its security strategy must be adjusted to a zero-trust strategy: you must prove that you are not sick. The zero-trust security strategy is a similar logic: because in today's network security environment, threats are everywhere, pervasive, and shadowy, so we are in the entire IT environment. There must be a zero trust strategy in the environment.”
In addition to the zero-trust strategy, Feng Liang also emphasized that companies need to "strengthen drills" in terms of process and security management; in terms of technology application and architecture, "use an open architecture to reduce complexity." “Actually, many of our security measures are relatively fragmented or chimney-like systems, and as long as there is one point in the middle that is not taken into account, there may be a lot of mistakes. Therefore, using an open and integrated security method will help Connect the security data in the decentralized cloud environment; and open technology is also more conducive to forming a tightly integrated security platform." Feng Liang said.
In addition to the above factors, Feng Liang especially emphasized another major "challenge" that enterprise users face to security - talent. "There are very few security professionals in China: in North America and developed regions in Europe and the United States, the investment in security of the entire IT budget accounts for about 15% to 20%; but in China, it is basically less than 1%. , which also makes it very challenging to staff security personnel.” The lack of talents makes many enterprises know the importance of data security, but also know that they need to supplement more critical infrastructure technically and strategically. Insufficient, but often powerless. Even if the latest technology is deployed through an IT technology provider, the follow-up maintenance, upgrades and other tasks with professional thresholds are very challenging for many enterprise users, and there are many problems and hidden dangers. Therefore, fundamentally speaking, the data security of enterprises is not a purely technical issue. In many cases, the demand for security services is as urgent as the demand for security technology, security theory and logic.
"In China, Atos' iconic event is the Olympic Games. From the 2008 Olympics to the 2022 Winter Olympics, Atos provides services as the entire IT system integrator. The Olympics are usually also a big event for hackers, and they all want to Prove that it has the ability to capture the events that billions of people around the world are watching. From 2014 to 2015, Atos has used its own tools and some security scripts to monitor the security operations of the entire Olympic Games. By 2017 In 2018, we began to promote such services to enterprises, helping multinational enterprises and large companies to integrate all their enterprise assets, related logs, and information into the Security Operation Center (SOC) for centralized management and security services. "He Chengcai, manager of Atos China's Big Data and Network Security Division, repeatedly emphasized that, as an internationally renowned IT system integrator and service provider, Atos is also ranked first in Europe in the field of network security services (Gartner Ranking), and is also certified by Gartner as the world's number one vendor for managed services in 2022. One of the advantages of Atos in the security field is to supplement the shortage of security talents for enterprises by means of third-party services.
On June 1, 2022, Atos and IBM jointly announced that they will officially launch the Managed Security Service (MSS) based on Amazon Cloud Technology China Cloud Marketplace (Marketplace) in China. This service relies on Atos' professional security operations. With experience in maintenance services and based on IBM Security QRadar XDR technology, it can help enterprises to quickly and accurately identify security incidents, conduct comprehensive investigations and take timely response actions, so as to effectively protect important assets in a mixed and diverse environment of enterprises.
He Chengcai believes that the core value of the security operation center lies in solving several major pain points of enterprise users for data security: first, to solve the problem of insufficient security operation personnel; second, according to the development trend of the entire data security field, Continue to invest in new technologies and cope with changes in the environment and upgrade of hacking methods; third, it can maximize the input-output ratio of enterprise users in data security.
"In the domestic manufacturing, medical industry, and branches of multinational companies in China, the assets they manage are very important, but the strength of security personnel is insufficient. In this case, if your own company provides itself with 7× 24-hour security risk monitoring and emergency response services are actually impossible.” He Chengcai emphasized that the security operations center (SOC) service launched by Atos, IBM and Amazon Cloud Technology this time is actually an integration of the three parties. Advantageous resources: "IBM and Atos are both core partners of Amazon Cloud Technology. After the three parties launched the IBM QRadar-based security SaaS service, we can remove some of the heavy and repetitive security operations of many Amazon Cloud Technology enterprise customers. Hand it over to Atos' professional security operation team. In this way, enterprises no longer need to purchase a separate security management platform or invest in hardware and software to build their own security operation center team. They only need to put IT-related assets By accessing the security hosting services of IBM and Atos, you can get tailor-made security operation management services and enjoy very good security protection, so that you can devote more energy to the work related to the core business." He Chengcai said .
write at the end
Security is a fairly specialized technical field in the entire IT industry. Therefore, for a considerable number of enterprise users, it is quite difficult to fully and fully plan, implement, deploy and maintain a security architecture that can keep pace with the times. Therefore, to a certain extent, when technology + service is provided to enterprise users in the form of SaaS, it has the obvious advantage of low threshold. For many enterprises lacking IT professional capabilities, it is a company with the highest input-output ratio. s Choice.
.jpg)