Digital Transformation in Cybersecurity
The Interface interviewed GuidePoint Security’s Todd Salmon on keeping up with the pace of the ever-changing digital world.
As the industry increasingly leverages technology, Salmon has witnessed first-hand the scale of digital transformation. But it is his belief technology moves “too fast” for the industry to keep up. “Cybersecurity is in such a reactive mode because of the sheer volume of risks and vulnerabilities an organisation faces – it’s overwhelming,” he describes. “I think it moves way too fast and technology outpaces our ability to keep up with it which is why we have so many issues with security and quality.
“The ability for people to be more thoughtful and strategic is so important. You need time to get it done. But our biggest restraint is the human factor in being able to do more with the same amount of hours in the day.”
Cybersecurity is interconnected with many other forms of enterprise risk, and the threats and technologies are evolving quickly. As a result of this, stakeholders must work together to ensure the right level of security and guard against blind spots. With increasing sophistication of threats and a growing network with architectural complexity, it creates a multitude of potential problems to overcome but Salmon is well aware of the risks.
“The speed of the industry has led to automation and the digital transformation of everything we see today is the result of that,” he explains. “Everything’s got to be done so fast, so customers can get their shiny new widgets and companies can get their products or services to market faster than their competition. But it means we over-engineer, we overthink, and we try to go to market too fast. It’s that mindset of ‘I’ve got to get this done regardless of what the consequences are. I worry we outpace our ability to keep up.’
One of GuidePoint Security’s service offerings is Penetration Testing as a Service (PTaaS), which overlays GuidePoint’s professional services, including people, processes and tools, on customer-licensed automated security testing platforms. The offering combines humans with automation to scale with speed and maintain vigilance over quality. This allows GuidePoint’s experts to deliver real-time, actionable results. Customers can benefit from rapid identification, exploitation, reporting and remediation of vulnerabilities across organisations as they arise instead of a limited segment once or twice a year.
The PTaaS platform leverages AI and machine learning to focus on continuous controls validation. The automation provides rapid testing to continuously identify and exploit vulnerabilities and can also be paired with an expert pentester to audit and validate the results.
Read More HERE.