OCTOBER - NOVEMBER 20258EUROPEEUROPEMY OPINIONIN'A business basis'Be it an enterprise or a small business, these are the two professionals you absolutely need to have ­ an accountant and a lawyer. One could think they don't need to be involvedif the business isn't mature enough.In fact, there are people who manage to grow their business effectively without appropriate consultation and support from these professionals, not knowing what approach would have worked best for their situation. Would that be blessing, luck or simply underestimating the opponent? We won't understand how much it could be messed up in those areas until someone, with premeditation or not, discovers and uses flaws. This therefore may result in extra expense, either having to re-register or to keep maintaining a business with badly managed financial or legal matters. Or, it may as well be too expensive to straighten out. 'Information Security' being companies' top priority in post-pandemic eraHow about your company's exposure to global cybersecurity threats, particularlyin post-pandemic era? Is the information your business collects, stores, and processes safe? Same as accounting and law traps, no matter the size of your business, cyber criminals await your dissociation. Tones of home-grown hackers, but also experienced professional teams with prepared tactics & techniques,are looking for opportunities to exploit your data for their financial gain. How would you evaluate your business information value including sensitive data i.e. personally, identifiable information (PII), Personally Identifiable Financial Information (PIFI)? or protected health information (PHI)? According toa cybersecurity research by IBM, it takes 280 days to find and contain an average cyberattack and the cost of such an average attack stands at $3.86 million*. And still most of these attacks will be undetectable without human involvement. Cyber Defence strategies applied by organizations differ, from one who finish engagement on newly purchased Firewall to ones who ensure continuous improvement. Other takes unambiguous steps. FSO - Russian agency responsible for the Kremlin security decided to avoid cyber related risks and is buying typewriters**. Our risk assessment may however provide other possible recommendations,especially if the organisation must remain interconnected. How about the security services? Managed Security Services & Security Operations CentreWhen referring to Managed Security Services (MSS), most people imagine them as sort of Round-the-Clock Security Operations Centre (SOC). Cybersecurity-related services, however, go way beyond that and areconstantly becomingincreasingly complex. Core services around Security Incident and Event Monitoring (SIEM), threat and incident response would be just one of many areas where MSSPs are welcomed with their competencies and capabilities. Several MSSPs with different service portfolios constantly rally to invent, update, and smoothly run perfect stack. Their standard comprehensive out-of-box services may potentially address major cybersecurity risks for small firms, making MSS the perfect choice. However, what may be perfect for small businesses, usually doesn't match the needs of bigger companies. Due to several different factors, and not always strictly financial ones, SOC together with basic security services are still mostly provided in-house. Companies decide to ramp up their own teams to deeply penetrate organisation without any unnecessary compromises, WHY WE NEED MSSP? MANAGED SECURITY SERVICE PROVIDER & THE QUEST FOR CYBERSECURITY EXPERTSBy Marek Trebicki, Cyber Security Services Risk & Control Associate Director, Standard Chartered BankMarek Trebicki
< Page 7 | Page 9 >