With Sibos over for another year, Richard Curran, Intel's Datacenter Security Officer, explains why cyber security policies are in need of a rethink.
It's absolutely paramount that the ecosystem works together and the industry collaborates effectively in the global fight against cyber crime
The digital transformation turbo-charging our hyper-connected, borderless world is opening up possibilities for every industry, but the rapid pace of change creates risk. The greatest area of risk is cyber security. And if you're looking for evidence look no further than the World Economic Forum's Top 10 Greatest Risks facing our World report which identified fraud/data theft and major cyberattack as number four and number five.
In simple terms, in relation to business transformation, you need to ensure that security becomes an integral component of your plans. The key to this is to move from a cost-driven, reactive approach to a proactive, security-by-design philosophy that forms a clear business parameter with identified measurable outcomes.
Thus the role of CISOs (chief information security officers) must evolve from protecting the infrastructure to ensuring the correct metrics are in place to measure business continuity and customer assurance – this is built around customer satisfaction programmes and end to end secure supply chain mechanisms. Naturally, data protection and how we use external data is a fundamental part of this plan. Given the complexity of IT and OT in large industries, it is vital that a security-minded culture is ingrained throughout the business.
Traditionally, cyber security was very much cost-driven and utilised a perimeter-based approach to infrastructure. In today's world that simply doesn't work. The cyberworld has no boundaries and in an interconnected world with the digitisation of end point devices, the exponential increase in devices and multi-cloud platforms and services has become the norm. As a result, the attack surface of a business has increased enormously, to the extent that it's practically unmanageable using the traditional approach.
With so many devices in complex edge to cloud environments, trying to detect threats through multi-faceted environments is almost like "finding a needle in a haystack of needles". It becomes an almost impossible task. By the time you've identified an intrusion or malware it's caused serious damage to your environment, your customer's, and partner's environments. But we're not just talking about phishing or ransomware attacks. We also need to protect ourselves against Advanced Persistent Threats (APT) designed and orchestrated to target a particular type of infrastructure or customer.
The Cybercrime industry, if we're allowed to call it that, is multi-faceted. Its 'opportunity' is not only data theft, fraud, or ransom practices through industry disruption but also designed for IP theft and sabotage on various levels. So at a board level having a CISO with a business orientation combined with highly skilled teams and best-in-class partners will be crucial to the company's future.
Intel recognises the transformation that is required in security and we're working with our partners and customers to create the types of platforms they need. We believe in the philosophy of protecting data in use, in transfer and at rest and have created security technologies that our partners use to develop their applications and platforms to provide state of the art security platforms and services.
Back in August, we saw the launch of the Confidential Computing Consortium*, a collaboration with the Linux Foundation* that brings a group of companies together to accelerate the usability of TEE's (Trusted Execution Environment). The group of companies (Microsoft*, Google Cloud*, Alibaba*, Tencent*, Swisscom*, IBM*, Red Hat*, Baidu*, ARM*, and Intel) are just the founding members and we are encouraging the industry to also join to create a more foundational secure industry.
For any business looking to flourish in this vibrant era of digital transformation, security needs to be front and centre of your corporate agenda.
To read more about Intel's security solutions go to:
For more information: