BOATech has embarked on a 6 part podcast series with our partner, Micro Focus. In this series, we discuss the importance of cybersecurity and critical topics and conversations for all businesses to consider. Each episode covers an essential part of cybersecurity, whether that’s data privacy, Enterprise data protection, strategies and data governance.
Explore the essentials of what you need to know about cybersecurity with us as we discuss this crucial topic with Micro Focus. This series, entitled “In conversation with….” is sponsored by the Micro Focus Channel.
Episode 1: Know What You Don’t Know
In this, the first episode, our CEO, Boas Chauke, kicks off the series. Meet Mr. Chauke, our company, and his view on cyber security as a discipline.
“…,you can’t have Data Privacy without security... While Data Privacy is all about the lawful collection, control, retention and use of the data, Data Protection will ensure that the data is safeguarded from exposure and the seemingly unavoidable breaches.”
We dive into the detail of what an executive must have. This involves how to conduct an effective inventory of their data, why understanding what they have and where as well as the reason (purpose) they are keeping the sensitive data is important and how to take appropriate actions to safeguard and protect the sensitive content.
This episode is the first in the series, providing context and a foundation for the discussions.
Episode 2: What Does A Modern Enterprise Security Model Look Like
In this, the second episode, our CEO, Boas Chauke, looks at a modern Enterprise Security Model and the components that make it up. It is accepted that modern businesses need to have a robust security architecture framework for protecting their most important information assets. Unfortunately, quite often security is tackled by a number of stakeholders in the business.
In this video, Mr. Chauke discusses the importance of a deliberate approach to creating an enterprise security model and how technology can assist in this. In the ever-changing world of cyber security it is imperative that companies understand the building blocks discussed in this episode.
Episode 3: So What Is Your Security Strategy?
In the third episode of our series, Mr. Chauke unpacks the components that make up a Security Strategy.
“A layered cybersecurity strategy means that if an attack gets past one solution, another will be able to pick up the slack as a failsafe. Defending against bad actors requires various layers of security controls and detection techniques to identify potential threats. To do this, SecOps teams need a variety of tools and techniques to process and correlate the enormous amount of historical and real-time security data that they ingest every day… The protected view’ (by Eric Popiel) RiskIQ predicted that, by 2021, cybercrime will cost the world $11.4 million every minute.”
In this episode Chauke takes the hard questions that we often don’t ask ourselves about the strategy to keep the company safe from cyber-attacks.
What is the strategy? How do you effectively build this? Can an organisation ‘over do’ security? And what are the consequences of over securing? Where does Change Management & Incident Management fit in to a Security Model and other tough questions that help to unlock the thinking around an effective, efficient Security Strategy.
Episode 4: The Value Of Identity-Based Data Access Governance
In the fourth episode of this series, Mr. Chauke is joined by ethical hacker Sikhu Khashane to discuss the merits of Identity-based Data Access Governance. The discussion covers many key topics including Authentication vs Authorisation, offensive security as a means for preventative security and modernisation of company policy to deal with the ever changing threat landscape.
‘Security by Design’ is Mr. Chauke’s motto for life. It comes through again and again that and effective security management team does not simply happen, but is grown through deliberate action.
Episode 5: Dynamic Data Masking
In the fifth episode, we tackle the topic of Dynamic Data Masking. What is it? Why is it important and who is responsible for this in the enterprise? At first glance this seems a simple concept however with regulatory compliance and reputation management, this small topic could have catastrophic consequences if not managed well. Join us as we unpack this interesting topic.
“Dynamic Data Masking (DDM) is usually defined as the ability change the data stream so that the person or entity requesting the data does not get access to the personal and sensitive data. Further, the original records in the original production remain unchanged. In the context of DDM, you should ALWAYS position Structured Data Manager (SDM) and Secure Data Appliance (SDA) together. The organisation needs to know what to mask first (with SDM). Once that’s understood, they can transform the sensitive data (encrypt, mask, tokenize) as appropriate (with SDA).
Knowing what to protect is why discovery and classification of data is so important. That requirement applies to all data types – structured and unstructured.”
Episode 6: The Consequence Of Not Acting
In this final episode, Mr. Chauke is joined by Sikhu Khashane, ethical hacker, to unpack the consequences of not acting with regards to building an effective cybersecurity solution.
Answering questions such as who is accountable and so what? How are companies changing to adopt more proactive security solutions in their mainstream business and what are the hidden costs of breaches or successful attacks. It becomes clear that Security should be baked into the core of a company culture. And to achieve this you need to raise the level of awareness for everyone.