Organisations are finding the need for new cybersecurity approaches in light of evolving cyber threats

As cyber threats change, organisations are realizing the need for new cybersecurity strategies. It wasn’t too long ago that sophisticated executives could have long, thoughtful discussions on technology strategy without even mentioning security. Today, companies have substantial assets and value manifested in digital form, and they are deeply connected to global technology networks – even as cyber attackers become ever more sophisticated and adaptable to defences.

Governments and financial firms were the main targets of cyber attacks up until recently. The threat is now global as every organisation connects a growing portion of their operations to the Internet. Think about the damage caused by recent occurrences. The cyber espionage group Dragonfly attacked energy businesses in Canada, Europe, and the US between 2011 and 2014. The WannaCry ransomware held captive both public and commercial businesses in the telecommunications, healthcare, and logistics sectors in May 2017. Additionally, in 2017, big European businesses across numerous industries were targeted by the NotPetya malware. And in 2018, Meltdown and Spectre—possibly the largest cyber threat of all—were made public, demonstrating that vulnerabilities exist not just in software but also in hardware. Therefore, it should come as no surprise that risk managers currently view cyber risk as the top danger to their company. A recent McKinsey survey found that 75% of experts rank cybersecurity as a top priority. Even in sectors like banking and the automotive industry, which one might assume would be focused on other significant risks that have emerged in recent years, this is true.

Organisations quickened the speed of technical adoption throughout the epidemic as they adapted to the unprecedented disruption. This made way for more adaptability and long-term efficiency. However, this acceleration also pushed many businesses into a situation where conventional cybersecurity approaches and toolkits were insufficient. Businesses must embrace a new paradigm that guides cybersecurity decisions throughout the complete spectrum of operations rather than addressing isolated concerns centred around certain activities.

With the recent invasions and cyber threats, the new cybersecurity approach will relate below mentioned aspects:

1. Policy. One of the most significant parts of a strategic mindset is recognising that cybersecurity is no longer focused primarily on external events. Going back to the issues driving cybersecurity, most of the top issues cited are outward-facing. The focus on volume, variety, or scale of attacks is a focus on things happening outside the business. Even concerns around privacy are concerns around external expectations. There is lower recognition that cybersecurity is attached to the changing nature of internal operations, such as a growing reliance on data or a need to maintain compliance with changing regulations. Over the next year, there will be a concentrated move toward integrating cybersecurity with business operations. Accepting cybersecurity as a critical component of digital transformation will drive new questions and new measures of success throughout the organisation. At the same time, adopting a holistic viewpoint will address many of the existing hurdles around changing the approach to cybersecurity. Cybersecurity becomes more integrated with business operations.

2. Process. The idea of a secure perimeter, which had been predominant for decades, was radically disrupted with the arrival of cloud computing and mobile devices. Part of the challenge for firms dealing with the paradigm change was creating a holistic strategy that guided a variety of cybersecurity decisions. Zero trust was the solution to that problem. Zero trust is beginning to transition from a general policy into specific practises this year. The adoption of zero trust won’t happen overnight for several reasons. Zero trust is, first and foremost, a fundamentally new way of thinking about cybersecurity.

Zero trust is not a single product or action, and many discrete tools and practices can be part of a zero-trust approach. Looking at components that typically fall under a zero-trust umbrella, more organisations recognise individual parts vs. the collective whole. Multifactor authentication, one of the best tools to validate trusted identity, is in place at 46% of organisations. Cloud workload governance, a process that ensures cloud resources are being used according to plan, is in place at 41% of organisations. Other elements, such as software-defined microsegmentation (38%) and least-privilege access (26%) have lower adoption, but adoption in those areas is still slightly ahead of broad awareness for a zero-trust policy. The main takeaway is that zero trust is a philosophy around cybersecurity that informs questions and decisions. The best way to adopt zero trust is not to define a set of criteria that indicate complete success, but to build a road map identifying the best steps to take based on the status of the organisation. Those steps might include a full audit of data and workflow, implementation of specific products such as identity and access management

3. People. Businesses learn that the issue has several levels as they attempt to solve the underlying source of their security flaws. Of course, there is the technical layer, which has been the focus for many years and is still a significant component of a cybersecurity solution. There is also the worker layer, and to enhance this element, several businesses have turned to cybersecurity awareness training. Other levels, though, dealing with corporate metrics and business operations probably haven’t gotten as much attention lately.

Some businesses would have to explicitly define their SOC to determine the executives in charge of this responsibility. Smaller businesses may consider their SOC as consisting of a single cybersecurity engineer or a few IT generalists with cybersecurity duties, but large enterprises may have a chief information security officer (CISO) managing cybersecurity efforts. The creation of a SOC with a clear charter and the assignment of roles and responsibilities within the SOC will advance discussions and reveal further strategic gaps that require attention.

Sadly, acquiring the necessary abilities is only half of the struggle. It takes a lot of effort to maintain abilities, especially in a situation when they are in high demand. According to ISACA’s State of Cybersecurity 2022 report, 60% of businesses had trouble keeping their cybersecurity experts in 2021, up seven points from 2020. The good news is that many retention-related initiatives nicely align with creating a strategic cybersecurity perspective. Giving workers the tools and support they need to be productive is the #1 obstacle in managing cybersecurity resources, according to 50% of study participants from CompTIA. As with the second challenge—paying market wages—this may necessitate financial investment, but it can also be accomplished by implementing new procedures or structural adjustments.

The third challenge requires no financial investment at all but circles back to the main policy goal. Integrating cybersecurity with business initiatives is a root-cause action that can address the symptom of cybersecurity professionals who feel disconnected from the organisation.

4. Product. The cybersecurity product list starts with pieces that have been around for a long time. The main elements of the safe perimeter were firewalls, antivirus software, and anti-malware software. These components still fulfill their original purpose, despite the secure perimeter’s decline in relevance. These tools are widely used, even though many end users (and potentially even IT staff) may not consider them to be a part of the product set due to their widespread use.

Automation is the logical next step given the arsenal’s size and the cybersecurity workforce’s numerous limitations. It is clearer because of earlier CompTIA research on the subject of automation and how automation fits into a cybersecurity strategy. The study, which was done in Q2 2021 among 397 business experts, reveals that the top automation project that businesses are currently working on is spotting possible cybersecurity incidents. There are two sides to every story when it comes to automation. On the one hand, automation reduces the high level of complexity that characterises contemporary cybersecurity initiatives.

For this reason, many companies take an early view of automation as something that can directly address their personnel constraints. Just as companies hoped that automation and self-service could reduce the demand for tier-one help desk support, they hope that automation can reduce the demand for tier-one work in the SOC.

 A holistic viewpoint is necessary to address many existing hurdles in changing the approach to cybersecurity. This includes integrating cybersecurity with business operations, rather than viewing it as primarily focused on external events. Zero trust was proposed as a solution to the paradigm change brought about by cloud computing and mobile devices. It involves creating a strategy that guides various decisions related to cybersecurity. The technical layer is only one part of solving underlying security flaws; businesses must also consider other levels such as people and process.

References:

CompTIA. (2022). 2022 State of Cybersecurity. CompTIA State of Cybersecurity 2022, 3-32.

Deloitte. (2014). Transforming cybersecurity – New approaches for an evolving threat landscape. Deloitte Center for Financial Services, 1.

TECH. (2020, 04 03). Tech Times. Retrieved from Why is the Holistic Cybersecurity Approach Important?: https://www.techtimes.com/articles/248566/20200403/why-is-the-holistic-cybersecurity-approach-important.htm