TERANET
“ We know that security hygiene , as well as operations , are not exciting . But they are very important ”
BRENDA MCCULLOCH CISO , TERANET
McCulloch says that very often , the way companies maintain their hygiene routines on a day to day basis is the cause of unexpected hacks .
“ I think many of the root causes of many breaches were because of persistent vulnerabilities , phished users , excessive privileges , etc .
“ I think it ' s really important that when you augment new initiatives , that you also augment the resources at the same time ,” she says .
Cybersecurity and the cloud The shift to cloud-based systems has been massively instrumental in creating greater vulnerabilities , points out McCulloch , and mainly , this has been caused by limited security resources .
She explains , “ One of the challenges has been the movement to the cloud and the augmentation of security resources to support them , both on premise infrastructure as well as cloud services .
“ Most organizations have limited security resources , so during the transition phase , the augmented resources and skills required to support the paradigm shift is always challenging - especially if you look at other initiatives that you want to accomplish at the same time .”
Ensuring that an organization remains abreast of novel cyber threats is a constant challenge , and only one that can be met when cyber security is considered a top priority . And at Teranet , this mentality is evident . “ At Teranet , we have very strong executive support , and we meet regularly to discuss our posture as well as challenges that the security office faces ,” McCulloch says .
Richter partnership and security The strategic partnership with Richter has also been highly instrumental in maintaining a secure footprint for the company .
McCulloch says Richter entered the security journey “ very early ”; it was this longterm partnership that has helped in Teranet ’ s cybersecurity strengthening process .
“ They were engaged [ in providing ] a security maturity and threat risk assessment because of the security programme .”
McCulloch says it ’ s essential to know precisely where companies sit in maturity in order to know what needs to be achieved .
technologymagazine . com 299