Managing risk is getting harder every day. Bad actors have now gone as far as adopting their own internal organizational structure and use the same well-known sales tools that the IT community uses.
As Technology Advisors, we frequently get asked about improving cyber security for organizations in the public and private sectors.
All organizations face some type of attack or breach from a wide variety of threat actors ranging from professional criminal syndicates that leverage the media and leaks to publicly attack their victims’ reputations to increase their likelihood of ransom payout to state-sponsored espionage groups that are incredibly difficult to detect.
There are many private and public entities reporting on data breaches. Verizon’s Data Breach Incident Report (DBIR) is a widely cited source of information. Some key takeaways from the 2022 DBIR report:
Web application hacking was the #1 attack vector, followed by email.
It's the first time that partner and software updates were in the top attack vectors, landing in third and fourth place.
The majority of companies in most verticals have plans for digital transformation, even in circumstances where they might not be fully deployed.
Industry vs Plans for Digital Transformation
Preparedness for Cyberattack by Vertical
The data shows there's plenty of room for improving self-reported cybersecurity in almost every industry. However, self-reported readiness is not the metric that attackers use.
How does NIST fit in?
The framework that is increasingly winning within US markets is the Cyber Security Framework (CSF) published and maintained by the National Institute of Standards and Technology (NIST).
The NIST framework details 5 core functions that are meant to be performed simultaneously and continuously to decrease cyber security risks. Each function acts as a category for grouping actions companies can take to prevent, recognize, and mitigate threat actors.
The 5 core functions are:
Identify - such as Asset Management, Business Environment, Governance & Risk Assessment, Risk Management Strategy and Supply Chain Risk Assessment
Protect - such as Identity Management and Access Control, Awareness and Training, Data Security, Information Protection Policies and Procedures, Maintenance and Protective Technology
Detect - such as Anomalies and events, Security Continuous Monitoring and Detection Processes
Respond - such as Response Planning, Communications, Analysis, Mitigation and Improvements
Recover - quickly restoring data and normal operations following a breach
While a framework like the CSF provides a roadmap, what is needed next is a maturity model to help with guideposts to show how far along an organization has moved.
In a study by AVANT, more than 40% of respondents believe that their internal teams are less than highly qualified to plan, manage, optimize, and troubleshoot the full range of their IT infrastructure, according to the report’s findings.
Companies in this condition are most likely to seek the services of a Technology Advisor, in whole or in part, depending upon their specific circumstances. As Technology Advisors, we are already involved in many key discussions around cloud infrastructure, unified communications, contact center, SaaS, and network connectivity; making it an easy addition for security framework design services.
A few key questions to ask yourself for your organization:
What security or compliance regulations do you need to adhere to?
How often do you undergo a third-party security assessment? Do you know what your weak spots are, and how to address them?
In the event of a breach or attack, what policies and procedures do you have in place?
What are the hours of operation for your internal or external security resources?
Do you have a SIEM or log management system in place? If so, who reviews and correlates the alerts?
How do you secure access to IT infrastructure and applications for remote users, BYOD employees, contractors, and third parties?
How do you identify suspicious or abnormal behavior on your corporate network?
Do you have any public-facing web applications or sites? What is the financial implication if those go down for an hour or a day?
Fill out our Security Interactive Quick Assessment
We are security infrastructure solution experts, with access to resources that will empower you to be in the driver's seat to secure your IT environment.
Want some more education on the subject of Network Security? Here's some great articles from Gartner.
**Resources used for article: AVANT's 6-12 Report, Verizon's 2022 DBIR