Debunking Common IT Security Myths

Business process automation delivers productivity gains that help organizations grow and be more competitive. But with that technology comes the added responsibility of protecting business-critical data from cybercriminals who are intent on disruption.

Keeping your company’s data and intellectual property secure is imperative. But cybersecurity has also become an issue that affects every aspect of our lives. Cybersecurity software manufacturer HelpSystems recently asked six cybersecurity experts from around the world to debunk their favorite IT security myths.

Myth #1: The Majority of Consumers Are Not Vulnerable to Identity Theft

According to Michael Bruemmer, Vice President of Data Breach Resolution & Consumer Protection at Experian, consumers don’t fully realize that their online behavior may actually be risky. They don’t understand the concept of the dark web and the likelihood of personally identifiable information getting placed there. He emphasizes that consumers should use this as an opportunity to educate themselves on identity theft risks and how to better protect their personal data online.

Myth #2: Meeting Compliance Regulations Is the Gold Standard of Risk Management

Bob Carver, Sr. Security Analyst at Verizon Wireless, says that corporations frequently focus on their regulatory compliance at the expense of threat intelligence and analytics. He notes that these organizations do not fare well when it comes to preventing data compromises. He speculates that this could be because either the companies are overconfident or perhaps they don’t have adequate visibility or control over detecting threats. Today’s reality is that corporations must invest in risk mitigation in two dimensions: compliance through controls and threat intelligence through analytics.

Myth #3: You Must Change Your Password Every 90 Days

Troy Hunt, Microsoft Regional Director and an author at Pluralsight, notes that there are mixed signals regarding password changes. Although most organizations adhere to the 90-day password rule, the British National Cyber Security Centre and the National Institute of Standards and Technology do not recommend it because they believe it acerbates the problem.

Myth #4: Hackers Aren’t Interested in Your Supply Chain

Notes Jonathan Lampe, Executive Director of the CFTP Program, says that experienced hackers are interested in your supply chains for three primary reasons. First, these supply chains control millions of dollars of payments and shipped goods. Second, they realize that these supply-chain systems can be back doors into mainframes and customer databases. And third, the communications systems associated with the supply chains are hooked into the internet, which opens the door to additional cybercrime opportunity.

Myth #5: Cybersecurity Is an IT-Centric Problem

Independent information security consultant Kevin Beaver at Principle Logic believes that security has become an issue that needs to be treated as a core business function that goes beyond the technical aspect handled by IT. Although the technical security components may be under control, there still seems to be a false sense of security that leads to continued incidents and data breaches. It’s time for cybersecurity to be brought to the boardroom.

Myth #6: The Key to Security Is to Replace Human Tasks with Automation

Humans are still the major weakness when it comes to IT security vulnerability, says Ben Cole, Senior Site Editor at SearchCompliance.com. He points out that the largest and most expensive data breaches in the past five years have been due to human error. Organizations have attempted to take the human element out of the equation by using artificial intelligence, machine learning, and robotic process automation, but this has only partially addressed the issue while raising new concerns. He recommends that next-generation IT security focus on ways to integrate the human element into automated processes so organizations can get the best of both worlds.

About AllianceTek

AllianceTek is an IT solutions provider that helps you design the ideal combination of people, processes, and systems so you can scale your business operations to increase productivity and sustain a competitive edge. Our speciality is implementing, integrating, and optimizing technology that has previously been out of reach of typical fast-growing companies. AllianceTek provides the IT expertise that most small and mid-sized companies do not have at their disposal. Our core expertise is Salesforce, .NET, SharePoint, iOS, and Android applications, and web, cloud, mobile, customer relationship management, and multimedia platforms.

Bridging the IT and Business Objective Gap

Maximum efficiency is an important goal of any business. Yet misalignment of IT and business objectives continues to be pervasive, with 47% of executives in an Info-Tech Benchmarking and Diagnostic Programs study believing that IT does not support business goals. Without IT and business synergy, corporations run the risks of overall customer dissatisfaction, higher operational costs, and difficulty in advancing product development – all of which hinder success.

Ray Toler, VP of IT and Marketing at HTRI, notes that IT should not be thought of as a separate entity from the enterprise, but as part of the business process. IT should help drive new business and revenue generation. Executing business process automation with an aligned IT and business approach improves the ability to quickly address factors that affect the bottom line.

Explains Toler, “The challenge for IT is to understand the business. It’s critical that we understand what the business is trying to do and why because the why is more important the what and how. If you get to the why, the what and how are pretty easy to figure out. If you just start with the what and how and jump into a plan, it will fail.”

Diagnosing the Source of Misalignment

How do you determine if a misalignment exists? A reactive or systems-focused IT staff, instances of employees being without support staff, and/or a decentralized IT operation are all areas worth analyzing. The most common culprit is decentralized IT, which creates numerous resource overlaps across the enterprise.

IT tools also can contribute to or cause a misalignment:

• Complexity

IT departments want to stay current with emerging technologies, but doing so indiscriminately only wastes resources that the company either will not or cannot use.

• Redundancy

Having too many tools performing the same function is a waste of money and make defining IT issues difficult and time-consuming.

Devising a Blueprint for Alignment

An e-book by HOSTING, a monitoring tools and service supplier, suggests that IT operations conduct a deep-dive analysis of where IT and business can better be aligned by answering six primary questions:

• Communications

Do IT and business understand each other’s goals and pain points?

• Value measurements

Are IT metrics associated with business objectives through joint accountability and visibility?

• Governance

Are IT and business included in overall strategy planning so IT investments can be aligned with business objectives?

• Scope and architecture

Is IT viewed as supportive and flexible by participating in routine business conversations?

• Partnerships

Is IT considered an asset with a visible role in everything from strategic planning to sharing in the risks?

• Skills

Does the organization support an environment that fosters innovation and entrepreneurship by creating an open environment for learning?

About AllianceTek

AllianceTek can help you create a strategy that best suits your unique business situation. We build long-term, synergistic relationships that help you utilize the best people, implement and optimize the best technologies, and deliver scalable business solutions that connect with prospects and customers to boost business, empower employees to increase productivity, integrate with vendors for enhanced efficiency, scale your business for future growth, increase transparency within the enterprise, and bring your vision to life.