Security is a business problem. With security threats on the rise today, executive leadership teams are looking to better understand the likelihood of a cyber incident occurring and the impact of a data breach, including potential consequences for both the company’s bottom line and the brand. As a result, more IT leaders are faced with questions like, “How will a breach impact our ability to produce and sell products or services in the event of a serious attack?”
IT leaders must be able to answer these questions, educating executives and helping them accurately quantify security risks and prioritize where to focus their efforts in order to improve the overall security posture of the business. IBM’s 2020-2021 Data Breach Report can help, as it reveals which trends escalate risk and which techniques can actually reduce the cost of a breach.
Remote Work Creates More Risk and Bigger Data Breach Costs
AI and Zero Trust Lower Your Breach Costs
Data Breach Causes and Revenue Impacts
When IT leaders become data breach educators, it doesn’t take long for all executives to get on the same page: You can’t afford a data breach. That’s when IT leaders should guide executive teams in understanding the company’s largest security gaps with a prioritized list of investments and next steps. But how do IT leaders make that evaluation and design a strategic plan? Where do you start? Use the following four steps to help identify where you are today and what you should consider doing next to improve your security posture.
It’s important to understand what is critical to your organization’s success. Simply create a list of what would be most critical to the company’s day-to-day operations should a cybersecurity incident occur. This could include a variety of asset types such as critical server infrastructure (file servers, web servers, active directory, financial info, billing systems, etc.) as well as other corporate assets such as intellectual property, HR records, and more.
Next up is to establish a basic understanding of how these critical assets are accessed. Start by asking yourself simple questions such as:
Your network users, any remote access to company resources and cloud based environments are the current top cyber attack entry points and should all be treated as a critical attack vector that needs constant security visibility.
Putting this information together will make the often overwhelming task of “where to start” much easier.
Once you establish which assets are critical and how they are accessed, you must ask yourself the basic question: What if a ransomware attack or data breach affected any of these assets?
Tabletop exercises are designed to help companies play “what if,” considering different risk scenarios to help prepare for cyber attacks and most importantly prioritize your list of assets according to business impact. This step should help you force rank resources into categories such as essential, critical, and optional and understand how lateral movement may affect essential or critical assets.
Understanding how disruptive a security incident might be and its potential impact to the company’s bottom line and overall brand is the basis for where you can prioritize high risk assets, which leads to the final step of the assessment.
Putting everything together from steps 1 (critical assets), step 2 (mapping access to critical assets) and step 3 (prioritizing assets by business impact) helps companies establish a prioritized roadmap of where they need to focus cybersecurity efforts. Each area that poses a top security risk should be assessed based on what level of protection is acceptable given today’s environment of elevated attacks and what security approach for these assets makes the most sense for the business.
Here at Masergy, when I step clients through the process outlined above, I find that the following strategies, technologies, and services are delivering the most value for businesses today:
This security assessment approach aligns with the goals of the NIST Cybersecurity framework that every organization should be striving for as a best security practice. Following it will help guide both internal and external stakeholders in managing and reducing cybersecurity risk.
In doing so, it’s easy for IT leaders to quickly get overwhelmed by all the layers of security that must be established today, whether it be network security, cloud security, endpoint security, or just basic user security. Remember that the corporate network holds the ground truth for your security posture and nearly all cyber threats will generate observable network communications, and today’s leading security technologies are designed to monitor those threats and disrupt them from being successful.
No system or IT environment will ever be 100% secure, but proven best practices significantly reduce risk:
The key is to properly implement technologies and back them with security professionals, as technology alone is not enough.
The catalogue of security services abbreviations keeps getting longer. Here are some quick definitions and tips to help compare offerings.
The “Log4Shell" or “Log4j/Shell” vulnerability is one of the most serious cyber threats in recent history. Why is it such a serious concern and what can you do about it?
A growing number of cyberattacks and the explosion of hybrid work have pushed security resources to the brink, exposing the need for more managed services backed by machine learning.