Kathy Gibson is at the Mimecast Cyber Resilience Summit – The only constant in the technology world is the pace of change.
Companies like Mimecast – and their customers – have to keep abreast of the changing world and modify their own strategies to do so, says Paul Stafford, vice-president of Mimecast Africa.
Cyber security is changing so radically, and so quickly, that resilience is now more important than any other security strategy, he adds.
He describes resilience as a mindset – a way of thinking. “It’s really around disruption.”
Stafford says Mimecast talks about three drivers for security disruption.
The first is malicious or criminal intent, fueled by things like cryptocurrencies.
The second is technical failure, where services, devices or software let companies down in terms of security or disaster.
The third is human error, possibly the biggest challenge in security. “Often it’s not because people intend damage, but they could be ignorant,” Stafford says.
The reason they are more relevant today is because we have become so much more dependent on technology in our business lives.
“We have become completely dependent on technology,” Stafford points out. “Companies can’t even go back to paper-based business.
“Not only are we dependent, but there are huge interdependencies. The Internet has connected all our systems together, both inside and outside of the organisation.
“If one of the areas in a process fails, there is a larger disruption than there would have been before.”
Regulation is also contributing to disruption, and organisations are all on a compliance journey at the same time as they are setting out on a digital transformation journey.
At the same time, big cloud providers are starting to consolidate company and customer data.
“If you look at all these moving parts, we start to understand that disruption is now cyber disruption. And this leads to a new digital reality that we live in.”
Between them IT and SecOps aim to provide services for users, while making them less risky.
“Companies want to be resilient, at a reasonable cost, and easy to use,” Stafford points out. “We all grapple with the right amount of disruption for user cost, balanced with the threats.”
Mimecast has been at the forefront of email security, with its transaction engine; a detection engine that integrates third-party security; a policy engine that lets companies personalise their processes; a data store; and analytics.
On top of these building blocks, Mimecast’s application processing interface (API) lets the systems integrate with others.
This means that, on top of email security, Mimecast can now offer data protection as well; with Web security also part of the service.
Now, end user training can also be offered as part of the embedded services offered on Mimecast’s multi-tenanted community defence platform.
Analytics can also be used for threat intelligence, with data also directed to various point solutions.
Seamless interoperability with Office 365 and other third party services makes it easier to use these services in day-to-day operations.