The WithSecure Sphere conference in Helsinki, Finland, started with a speech on Wednesday by CEO Juhani Hintikka on the team of the runner, Galiana. As the boat crew looked on, Hintikka compared what it takes to run a boat race with his WithSecure concept of results and joint – or “co” – security.
Co-security was the central theme of the event, which was a concern due to Finland’s closeness to Russia and Ukraine’s dependence on its partners and IT volunteers in the government and public sector during the Russian war.
Go to:
Collaboration is key: Ukraine’s cyber chief
The event featured Victor Zhora, vice-chairman and head of digital transformation at the State Service of Special Communication and Information Protection of Ukraine, who spoke about how relationships have played an important role in addressing cyber security issues. from Russia, including DDoS and wiper attacks in early 2022, to recent attacks on civilians.
SEE: Finland also experienced Russian DDoS attacks.
Results, not actions, should drive security, says CEO of WithSecure
The company also announced several new features at the event, including Cloud Security Posture Management available to customers using WithSecure Elements, its cloud security platform. The new WithSecure Elements module is in line with a security-focused approach, which Hintikka explained aims to integrate cyber security and security with the company’s core business goals.
“Historically, cybersecurity practices have been about threats, responding to past experiences,” he said, citing a Forrester study showing that 64% of companies still take a traditional, security-focused approach.
“The transformation of business through digital means that IT must evolve,” he said. “What we want to address is the next step: what does the company want to achieve. How does the company align cyber goals with business goals?”
Hintikka said for the chief information security officer, the key questions are how to prioritize and how to invest. He also cited some statistics from Forrester: 83% of companies are interested in proactive security and many want to partner with others to achieve it. that, as opposed to finding basic supplier relationships.
“Cybersecurity can no longer be an add-on. You have to start creating security measures, as it is created in manufacturing,” said Hintikka. He told TechRepublic that the idea is appropriate because of the growing threat landscape and the diversity of threats.
SEE: WithSecure discusses the importance of security in line with business objectives.
“We look at all the products and services out there, so if you put yourself in a CISO, how do you choose to prioritize and how do you talk to your company’s business leadership? Smart companies know that investing in cybersecurity posture is a question of discovery. You have to or maybe you don’t have a business,” he said. “Every company, in one way or another, is a software company today and it’s at risk. So there are real questions to invest your money in,” he added.
Results analysis helps security drive company goals
Laura Koetzle, who leads the Forrester research organization in Europe, explained that the approach focused on security – cybersecurity as a collaborative effort beyond traditional sales and customer relationships.
“The idea is that you follow the security measures that businesses are trying to follow. If you are, for example, trying to increase your customer base by 10%, you would ask how your security measures [posture] it will help achieve this goal,” said Koetzle.
“If you are an established business and, for more than 15 years, you have developed a lot of security tools, policies and procedures, what can you not do and say what should we stop doing?” he added.
He said a business like WithSecure, instead of approaching customers as a sole trader for security issues, would instead ask the company’s goals and implement security measures to meet those goals. He said: “You need to think differently.
A new module to protect cloud-based infrastructure
The company described its new Cloud Security Posture Management module as compatible with Elements’ endpoint protection, detection and response endpoints, as well as its security management and security collaboration modules. Its CSPM product is designed to manage risks related to the vulnerability and volatility of popular cloud products such as service platforms and provides support for Amazon Web Services and Microsoft Azure.
The company said the new feature includes:
- Cloud posture analysis identifies and prioritizes vulnerabilities based on risk levels along with mitigation recommendations.
- The configuration focuses on authentication and access control options, unencrypted data at rest, cloud transactions with public IP addresses and other cloud security issues.
- Connect with WithSecure’s consulting expertise and research.
- A dedicated dashboard with graphs, such as the evolution of the security posture over time, as well as various security information.
- Management of multiple companies and multiple clouds through a single portal with end-to-end security, enterprise security and risk management features.
- The ability of partners, such as managed service providers and security providers, to provide cloud security management as a managed service to their customers.
Also See:
Using zero trust access to stay compliant and address MDM challenges (TechRepublic)
Work tools: Cybersecurity engineer (TechRepublic Premium)
Learn Python: Online courses for beginners and professional programmers
(TechRepublic Academy)
Cybersecurity and cyberwar: More to read (TechRepublic on Flipboard)