With 2.8 billion attacks recorded globally, the first half of 2022 saw an 11% increase in cyberattacks over the entire year of 2021. On the part of organizations, this betrays a lack of adaptation to the newer ways in which malicious actors cause harm.
As the threat landscape continues to evolve, it’s important for organizations to regularly review and update their cybersecurity operations to ensure that they are effective and efficient. However, it can be easy for cybersecurity operations to become cluttered and overwhelming, leading to confusion and inefficiencies.
In this article, we’ll consider the foundational principles guiding how to declutter your current cybersecurity operations and streamline your security efforts. By following these essentials, you can improve the overall effectiveness of your cybersecurity operations and better protect your organization’s data and systems from potential threats.
1. Sustainable Cybersecurity
Many organizations, regardless of what the whitepapers say, implement a band-aid view to cybersecurity, focusing on reactionary quick fixes rather than sustainable practices supported by not just requisite infrastructure, but also a pervasive culture and consciousness of cybersecurity throughout all facets of the business.
Evidence of the short-term view of most business leaders is that CISOs spend a shorter tenure (4.3 years) on average, compared with CEOs (8.1), or even the entire C-suite (5.3 years). Because cybersecurity is a continuous process without an end (as continuous as the core business operations, in fact), many organizations never reach a state of entrenched security because with each new leader comes a new philosophy or perspective on how to achieve the goals – if the goals even remain the same.
Therefore, decluttering your operations does not begin with auditing your technical assets (even though you will get there); it starts with a dedicated and determined commitment from the very top of the organization to create a genuinely long-term and holistic approach to establishing a comprehensive program.
Not to be mistaken, we are still seeking to fix problems, but proactive action puts you in charge and on the offensive in a domain where malicious actors are constantly evolving with technological advancements.
2. Cybersecurity Governance
According to AllianceBernstein, one of the biggest challenges for companies today involves the monitoring, training and governance of systems. The good news on this front is that reports show how more executives are acknowledging this and starting to take cybersecurity governance seriously. Definitely, after counting the huge financial costs of breaches in the past few years – $4.35 million per breach globally in 2022, and $9.44 million in the US – it seems like the inevitable decision.
A new active facet of the enterprise threat landscape that has triggered this re-evaluation is systemic risk. As a result of interconnectivity, complexity, and dependency, systemic risks have far-reaching effects beyond just the organization that was attacked, as they can also impact suppliers, partners, and customers. As an Accenture Security risk director puts it, “every corporate boardroom and director is a critical control point in defending against material risks.”
A strong cybersecurity governance structure includes strong leadership that is committed to addressing systemic cyber risk and ensuring the overall security of the organization. The top leadership will be responsible for setting the cybersecurity objectives as well as defining clear policies and procedures that outline the roles and responsibilities of all employees in terms of protecting the organization’s information and technology assets.
These policies and procedures should be regularly reviewed and updated to ensure that they are relevant and effective. This helps ensure that tasks are completed efficiently and effectively, and reduces the risk of confusion or overlap.
3. Holistic Cybersecurity
A major challenge when attempting to streamline cybersecurity is the tendency for teams to work in silos, unable to collaborate and share information with one another. Lack of collaboration across departments means that any attempts at simplifying processes can be stymied, leading to a prolonged period of inefficiency and difficulty in navigating the transition to a more secure environment.
This siloed approach also creates a lack of visibility, as teams are unable to observe the activities of other departments, hindering the ability to detect threats and identify vulnerabilities. This can lead to a lack of trust between departments and a lack of accountability when it comes to security, further complicating the process of transitioning to a more secure environment.
According to Manny Rivelo, a security CEO, “we’ve treated security as a patchwork of incremental products knitted together in a loose fabric of ever-expanding vulnerabilities… The friction hurts productivity and drives people to find workarounds that increase risk, not reduce it.”
To make matters worse, new products and technologies are continually being developed and added to the mix, often without any regard for the existing security measures in place and the potential for further threats.
Simplifying cybersecurity means that we must consider security holistically and seek out solutions that can be applied on a larger scale, rather than relying solely on a piecemeal approach.
The usual approach to decluttering operations is to conduct an audit and then remove excess elements. This is important, but not without the three key pillars of sustainability, governance, and exhaustiveness.
Sustainability involves instituting the necessary processes and frameworks to ensure the organization’s cybersecurity operations are able to remain stable and secure over the long-term. This helps organizations move from reaction to proaction; instead of chasing down malicious actors every now and then, you close the loop by entrenching a sustainable cybersecurity culture throughout the organization.
Governance, meanwhile, involves establishing clarity in terms of who is responsible for managing and enhancing the organization’s cybersecurity operations. Sometimes, clutter does not come from the abundance of tools and systems, but from the vagueness in how roles are defined. Without clear responsibilities, the state of cybersecurity will remain in disorder.
Finally, exhaustiveness requires that the organization’s cybersecurity operations cover every possible angle, and continually monitor and assess any potential risks or threats. Nothing can be achieved without collaboration; cybersecurity teams should be able to have clear lines of interaction with other teams in achieving the company’s common objectives. Together, these three elements will help organizations to better protect their data, networks, and systems.
The points noted here are all essential techniques for streamlining cybersecurity activities. Perhaps the two most important guidelines are 1) senior management understanding and support of the importance of cybersecurity management and 2) approved policies and procedures that define how the cybersecurity function operates. Before making any moves, make sure these two components are firmly in place.
Paul Kirvan is an independent resilience consultant and member of the Resilience Association. www.resilienceassociation.orgRecommend0 recommendationsPublished in