By Bala Sethunathan, CISO and Global Director of the Security Practice at SoftwareONE
Modern cyberattacks are increasing in complexity and sophistication, as hackers are developing attack tools at a faster rate than organizations can protect against them. Due to the evolving threat landscape, no organization is safe from a modern cyberattack. The question is no longer if a company will be attacked, but rather when and how extensive the impact will be. For instance, the frequency of phishing and ransomware attacks continues to rise, often crippling or devastating their targets.
According to the recent Cloud Security Threat Report (CSRT), 73 percent of firms experienced cloud incidents, such as a data breach, due to immature cybersecurity strategies and solutions. What can organizations do to ensure they have a comprehensive cybersecurity strategy that protects data both on-premises and in the cloud? What does a modern cybersecurity approach look like and is it possible for organizations to stay one step ahead of cybercriminals? Organizations across the globe ask themselves these questions every day as they strive to better understand their risks, vulnerabilities and more.
Know your threat landscape
Cyberattacks are no longer just the result of hackers working round the clock to breach a network. They are often much more subtle – and damaging as malicious attackers share information and tools within the dark-net. Just as cyberattacks and threats have evolved, so must organizations in the way they manage and combat them. Before an organization can even start to protect its assets, it must first understand its overall threat and cyber defense landscape.
When an organization starts a cybersecurity assessment, it needs to think differently. It’s not just about securing the organization’s traditional infrastructure, but also analyzing and understanding the threats that might be unique to their industry or customers. Recommended steps include:
- Take inventory: The first step for any organization to protect against modern cyberattacks is quite basic, but often time-consuming — take a comprehensive inventory of the existing information systems.
- Understand the cyber risk environment: Once you’ve conducted your inventory, start to think about where modern cyber risks originate, including fraudsters, human error, and partners who might have risky security practices.
- Behavior: Now think about behavior. When a new employee joins an organization, he or she receives the appropriate IT and login credentials and access based on their position and what is required to accomplish daily tasks. There are two types of insider threats from employees: those that are dissatisfied or those who have been compromised. They both pose a serious security threat as their access to information and to systems is legitimate and needs continuous monitoring.
Modern threat landscapes are continuously evolving, forcing organizations to analyze risks across their entire IT footprints to ensure they are protecting their critical assets.
Develop a cyber-protection plan
Once an organization understands its threat landscape it must develop a cybersecurity strategy that protects its assets. Organizations need to ask several key questions when developing this strategy:
- Existing technology. Start with what is already in place and assess whether it copes with the latest threats. Make sure it is being utilized, is securely configured and updated with the latest patches.
- Evaluate new technology vendors. Ask how they approach security from a combined people, process, and technology perspective. Make sure they align with your security policies and complement your existing cybersecurity stack.
- Workflow process. Identify the weak links. How does the workflow operate, who does it touch, and is the level of security proportionate to the value of the asset?
- People, people, people. Who has access to the organization’s assets and from where? Companies, especially large enterprises, have various types of users and more frequent employee turnover. A company can have the latest and greatest technology but people will always be the weakest link.
Unfortunately, no technology or risk strategy will ever be 100 percent secure because the expanding threat landscape is constantly introducing new types of cyberattacks. However, by staying on top of the threat landscape and remaining vigilant across technologies, people and processes, organizations can mitigate their risks and better respond to future cyber threats.
About the Author
As SoftwareONE’s Chief Information Security Officer and Director of Security Practice, Bala Sethunathan is accountable for directing the company’s cybersecurity strategy. As a technology leader, he drives risk-centric cyber standards and practices while maintaining cost-efficiency for SoftwareONE’s customers. He joined SoftwareONE to set up a cybersecurity practice and was vital in implementing a cybersecurity framework, robust Security Operations Centre (SOC) and business practices to engage cybersecurity as one of the business enablers. He has held leadership positions at BHP and IBM prior to joining SoftwareONE. Bala Sethunathan can be reached at firstname.lastname@example.org First Name can be reached online at (EMAIL, TWITTER, etc..) and at our company website https://www.softwareone.com/en/