HBR survey: Cybersecurity in the era of intelligence and an expanding attack surface

In a matter of months, businesses have witnessed the emergence of a new normal in the way they share and protect their data. The COVID-19 crisis accelerated changes that were already underway, such as digitization of processes, the proliferation of mobile devices and remote access to sensitive information. These changes, along with the growing complexity of IT estates, have created an expanded attack surface for opportunistic cybercriminals.

Companies today are struggling to balance the business benefits with the security risks of implementing new technologies such as the cloud, artificial intelligence (AI) and machine learning. These tools offer great potential for new insights, efficiencies, and levels of performance but can also expose vulnerabilities within IT systems.

Working with some of the world’s largest companies on their move to the cloud and hybrid environments, we see the challenges posed by these seismic shifts every day. DXC Technology sponsored this research by Harvard Business Review Analytic Services, Cybersecurity in the era of intelligence and an expanding attack surface, to see how companies are responding to these challenges and opportunities.

“The report provides insights about protecting against online attacks, securing remote work and the implications of new technologies," says Mark Hughes, president of Security, DXC Technology. "For example, only 43 percent of business executives believe they are well protected. And in my experience, that may be overly optimistic.”

DXC has identified several core principles to guide companies as they navigate this new cybersecurity landscape:

• As security perimeters become more fluid, we can no longer rely on the old models that focused on securing a traditional network infrastructure. We must build security around the data itself, for example, with Zero Trust models that focus on securing data rather than network segments.
• It’s critical for companies to know their IT estates, identifying where their most critical assets reside as well as key interconnections and dependencies.
• Organizations should build security into every new technology and process they implement, rather than treating it as an afterthought.
• Advanced analytics and AI make it easier to analyze complex, voluminous data and event records and detect potential threats quickly and effectively.
• Despite the best security measures, there’s a high probability every organization will experience a breach at some point, so organizations should develop a cyber resilience strategy that helps them recover from incidents quickly, with minimal damage and disruption.

“It’s easy to make errors or omissions when rushing to implement new processes and technologies,” Hughes adds. “As we move from crisis mode to more strategic planning, I encourage you to use this report as a springboard to assess your preparedness and cyber resiliency.”

Read the HBR survey report to gain valuable insights, and stay on top of the latest threats with DXC’s Security Threat Intelligence Report at dxc.com/threats.