Rob Harrison, SVP of Products & Services, Sophos.
In today’s cyber threat landscape, no single technology can universally fight every attack. Cyber threats are becoming more advanced, and adversaries are more skilled in exploiting vulnerabilities. Sophos’ Active Adversary Report for Tech Leaders found the overall median dwell time was just eight days in the first half of 2023, decreasing from 10 days in 2022, suggesting threat actors are speeding up and advancing their attacks.
Preventing the most advanced attacks requires human-led threat hunting, investigation and response, which is why organizations are moving to an as-a-service model to bolster their cybersecurity solutions amid a sea of sophisticated attacks. Despite the surging demand for managed detection and response (MDR) solutions, to stay ahead of adversaries, MDR is only the beginning.
Cybercriminals are innovative and so organizations need to innovate too. They need to go beyond MDR solutions and understand the risks that are associated with their business to keep themselves fully protected.
Cyber risk management proactively identifies and addresses threats, whereas cyber resilience emphasizes an organization’s capacity to operate and recover quickly after a cyber incident. “Cyber resilience” and “cyber risk management” stand as two distinct yet complementary pillars. Combined, these pillars are fundamental to offering businesses peace of mind while providing robust protection from business-crippling attacks by allowing organizations to not only actively prevent attacks but also recover more quickly from cyber incidents.
Understanding External, Internal And Cloud Risks
As organizations increasingly rely on technology, good cybersecurity hygiene is essential. Effectively countering these threats requires a comprehensive approach to cybersecurity in managing external, internal and cloud risks.
External cyber risks, whether from cybercriminals, hacktivists or nation-state actors, vary from ransomware to distributed denial-of-service attacks. The potential consequences of these attacks are vast, ranging from data breaches and financial losses to reputational damage.
Understanding these risks involves staying ahead of the latest threat research and insight. Regular monitoring of the threat landscape enables organizations to proactively update their defenses and implement effective countermeasures. Through smart investment in advanced threat detection solutions, conducting security audits and educating employees about the dangers of social engineering, organizations can significantly mitigate the impact of external risks.
Although external threats often grab headlines, internal risks can be equally damaging, if not more so. Employees, partners and contractors with system access can compromise security, whether unintentionally or maliciously. Inside threats can range from accidental data exposure due to improper handling to deliberate data theft and extortion. Managing these risks often requires a delicate balance between fostering a culture of trust and implementing security solutions that can prevent unwanted actors from gaining access to networks.
Although the widespread adoption of cloud services offers the benefits of scalability, flexibility and cost savings, it also introduces new cybersecurity pitfalls. Cloud service providers often offer robust security measures, but organizations are responsible for securing their data and applications within the cloud landscape. Organizations must assess the security provided by their cloud provider and implement additional security measures as needed. Use encryption, multifactor authentication and regular audits to enhance cloud security and prevent unauthorized access.
Becoming Resilient Against Cyberattacks
Incorporating a holistic approach to cybersecurity risk management that considers external, internal and cloud risks isn’t only essential but also a strategic advantage. Businesses that are proactive in their risk assessment and mitigation strategies are far better positioned to protect their sensitive data, maintain operational continuity and preserve their reputation.
It involves a proactive stance on cybersecurity, mitigating the cyber threat impacts to minimize disruptions and ensure continued operations. Cyber resilience strategies combine robust measures, including incident response plans, employee training and the use of the latest insight and threat intelligence.
However, organizations shouldn’t stop there but should ensure they remain resilient against a potential attack. Cyber resilience isn’t just about building a defense but devising a comprehensive strategy that ensures businesses can withstand, adapt to and recover quickly when faced with a cyber incident.
Driven by the economics of ransomware, organizations will likely face human-driven rather than automated attacks. To defend against human ingenuity, you need human defenders. Technology has quickly become a fundamental aspect of business operations, but when it comes to protecting your data, your technology must be used correctly by a competent operator. A comprehensive strategy to fight against human-led attacks needs to integrate machine learning with human analysis for the most evolved, innovative approach to proactive security protection.
It’s easy to see why as-a-service models have become increasingly popular. They remove the operational burden, allowing businesses to focus on what matters while saving valuable time and resources. Few organizations have the resources in-house to effectively manage their security program around the clock while defending against emerging threats. Add attempting to stand up a complete security operations center (SOC) and associated threat feeds and the reality of running your own cybersecurity-as-a-service offering becomes simply out of reach for all but the largest of IT organizations.
Complementary Pillars
Today, cyberattacks are no longer a matter of “if” but “when.” It’s therefore vital that organizations take a proactive approach to their security, which involves a thorough assessment of all potential risks tied to digital assets and operational processes to ensure vulnerabilities are identified and addressed. This, paired with cyber resilience, can take a business’s security to the next level, helping ensure businesses can operate undeterred in the face of cyber threats.
Managing risks while building resilience is key to success and is the essential foundation for businesses to thrive. To effectively navigate the complex cyber threat landscape we see today, organizations need to find a balance between these two approaches. By investing in proactive risk management and cyber resilience strategies, organizations are best able to minimize the impact of cyber threats, protect their assets and ensure they keep their business operating.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Read the full article here