5 Modern Cybersecurity Measures to Lower Breach Risk - #NileshRoy
Dr. Nilesh Roy ???? - PhD, CCISO, CEH, CISSP, JNCIE-SEC, CISA
Award winning CyberSecurity TechLeader & Advisor | Big4 Exp | Proud Member of International Advisory Board for CCISO @ EC-Council | Executive Member of CyberEdBoard | PhD - IT, CCISO, CEH, CISSP, JNCIE-SEC, CISA.
Cybersecurity attack surfaces are proliferating. Security teams must modernize to lower cyber risks.
More than three-quarters of organizations faced an increase in cybersecurity attacks in 2020. Organizations either involved the incident response (IR) team or had to report breaches to regulators in 80% of cases. These figures come from VMware’s latest Global Security Insights Report, based on a survey of more than 3,000 CIOs, CTOs, and CISOs.
The average data breach costs an estimated $4.2 million, and financial ramifications are not the only concern for executives. As the report indicates, many organizations saw their reputation damaged in the wake of cybersecurity breaches. Other companies slowed their plans for innovation out of concern about additional attack vectors and increasingly sophisticated cyberattacks.
Since the beginning of the commercial use of the internet, technology leaders have engaged in an ever-expanding and increasingly complex effort to address the damage done by cyberattacks. While it might not be possible to totally prevent breaches, the Global Security Insights Report illustrates steps leaders can take to mitigate cyber risk.
Hybrid working models require increased visibility, new data breach precautions.
Cybersecurity attack frequency rose in 2020 in part because so many organizations transformed to remote or hybrid working models. Each mobile device, computer, and third-party software instance offered hackers another attack vector to access sensitive information stored on a company’s core network.
Additional vectors in distributed locations created blind spots for CISOs and their teams.
"Seventy-eight percent of information technology executives reported that the volume of attacks increased as a result of working from home. Along with third-party applications, ransomware and out-of-date security technology proved to be major security risks."
These attack vectors are less visible to security teams because they originate at individual endpoints rather than on the edges of a centralized network.
Given this new climate, it’s unsurprising that nearly two-thirds of executives agree they need better visibility over data and apps to prevent attacks. Improved visibility for the new hybrid working model is important, though 60% of executives stated they also need to view security entirely differently as a result of these new attack vectors.
Specter of security breaches holds back innovation.
Developing modern apps and other innovations is crucial to accomplishing business goals. The environments today’s apps require have security teams are rethinking their approaches to preventing breaches. Building new or leveraging third-party applications allows organizations to more easily offer exceptional customer and employee experiences. When these avenues of innovation double as cyber risks, that can make some teams apprehensive about developing and consuming apps or technologies.
Most survey respondents perceive this potential threat all too clearly.
领英推荐
"Fifty-six percent agree security concerns are holding them back from embracing AI-based apps."
Some teams (15%) said that workloads were the most vulnerable breach point in their organization’s data journey, noting that 12 months ago that wasn’t the case.
Many security teams face a difficult reality. Apps and services are crucial to reaching employees and customers in a more distributed business environment. Yet, many of those apps, services, and remote network connections carry with them the specter of a cybersecurity breach.
Cyberattack mitigation must go beyond a traditional security solution.
For various reasons, security teams have long-recognized that traditional antivirus and malware solutions don’t quite meet the needs of today’s modern enterprise. These network security tools fall short because of expertise gaps between security and infrastructure teams. Security teams aren’t experts in production workloads (apps currently delivering information to end users) and infrastructure teams aren’t as adept at identifying the behavior of a malicious actor. The continued shift to hybrid- and multi-cloud environments will continue to make workloads a focal point of cybersecurity efforts.
If not with antivirus programs, then how can security teams mitigate cyber risk?
To narrow attack surfaces in modern environments, security teams must modernize.
Cloud infrastructures and operating models enable organizations to adapt to sudden changes, such as hybrid working. Modern architectures make it easier to reach customers and employees, even when they’re thousands of miles away because the cloud offers a personalized connection to each end user. Yet, each new connection to the company’s network represents a potential cybersecurity attack vector. Just as technology leaders have transformed infrastructures and application delivery pipelines, so, too, must security leaders transform risk-mitigation tactics.
Curated content shared by #NileshRoy | #08October2021 | #Kolkata (India)
#Cybersecurity #BreachRisk #Breach #Risk #SecurityTeams #ReputationDamage #Cyberattack #NileshRoy