Hiding in Plain Sight – Why IT Complexity is a Hacker’s Dream

By Steve Burden, Head of Security at Daisy Corporate Services

The saying ‘can’t see the wood for the trees’ is an apt one when it comes to cybersecurity. Complex IT environments are a cybercriminal’s dream, as they are typically harder to monitor, more difficult to secure and as a result, easier to breach. The last 12 months has seen IT complexity increase dramatically with the rise of mobile working leading to more devices being connected to corporate systems than ever before, and a proliferation of cloud services reshaping IT environments. Cybersecurity risk management is starting to become a bigger priority for many organisations, with 46% of respondents to a recent survey we conducted saying it was an essential part of ongoing homeworking strategies. But what do organisations need to focus on to improve cybersecurity in complex IT environments?

Forging a path through the forest

Today’s cybercriminals are becoming increasingly sophisticated at identifying and targeting weaknesses. It is therefore essential that organisations are able to forge a path through the complex forest of IT and map out all their endpoints and potential security vulnerabilities. However, as IT environments become more complex this is becoming increasingly difficult to do, requiring a huge team of cybersecurity professionals when such skills are in short supply. It’s clear that if organisations are to say ahead when it comes to cybersecurity, they need to take a technology-led approach.

SIEM’s the way

Implementing a security information and event management system (SIEM), is a great start, as it can gather intelligence across on-premises and cloud environments. Solutions such as Azure Sentinel can monitor each and every corporate device and user, alerting IT teams to suspicious activity or when systems have been compromised. Early detection is critical in helping minimise the impact of a breach.

One size can fit all

A good SIEM by itself isn’t enough to provide complete security. Businesses need core security systems to run alongside a SIEM: such as anti-virus/malware protection and data backup. All-in-one security solutions such as Acronis provide backup and security to cover mobiles, laptops, desktops, servers and virtual machines, alongside cloud suites such as Microsoft 365 and Google Workspace.

By using an integrated all-in-one solution, organisations can eliminate complexity and deliver new security capabilities while keeping costs down. Acronis, for example, lets organisations mix and match options across their IT estate for a solution that protects everything they need, in a way that suits them. Beyond the fast and reliable recovery of applications and data, such solutions also offer next-generation security based on artificial intelligence and machine learning for added protection.

With digital transformation continuing at pace as a result of the pandemic, IT complexity is only likely to increase. However, by using the right combination security solutions, organisations can keep their IT environments secure without having to hire huge numbers of staff.

This article first appeared in Networking Plus magazine