FEATURE : CYBERSECURITY
It covers five actionable risk management strategies : ‘ identifying ,’ ‘ protecting ’, ‘ detecting ’, ‘ responding ’ and ‘ recovering ’ from a cybersecurity attack .
Identification
No matter where the end-user is , vulnerabilities exist . Tens of thousands of new vulnerabilities are posted per year and approximately 55 new vulnerabilities are posted every day . While in-house IT teams can only solve some of these , around 5 % pose a real risk – those that can be remotely exploited and have already been weaponised .
It is critical to assess , prioritise and remediate the most important risks to the network and business with Continuous Risk Scanning , which provides a view of all assets that exist within a network environment and advises teams to focus on the vulnerabilities that most put those assets at risk .
Protection
Jon Pratt , CIO at 11:11 Systems the event of an attack by enabling security leaders to transfer cybersecurity risk to the insurance company .
But do cyber insurance premiums cover all ransomware attacks and are CISOs getting the gap analysis right ? Given all the risk inherent with cyber insurance , the requirements to obtain a policy has become increasingly difficult , on top of a significant trend up for the cost of protection , rising an average of 30 % year-on-year and there are no signs of this slowing down .
Compliance and reporting are a further challenge that CISOs cannot ignore . To be certified and compliant , not only must all standards and regulations be met , but security leaders must ensure adequate and timely reporting . So how can security leaders navigate these challenges ? How can they approach resourcing and what are the key technologies that will enable them to unlock best practices ?
Cybersecurity frameworks and mission critical technologies
The NIST Cybersecurity Framework has been developed to guide IT security professionals in evaluating their security posture and improving their risk mitigation . This framework helps organisations to ensure that they have the right systems to provide an adequately robust approach to cybersecurity .
With the explosion in distributed networks , data today lives everywhere . Enabling secure connectivity and managing it ‘ where it exists ’ – across multiple sources and devices – is part of the challenge . Where security professionals often do not have the time to prioritise network security , these environments change constantly and require real-time analysis and augmentation .
Managed firewalls relieve security professionals from having to maintain the rule sets at the entry point to the network , while also providing the benefit of lessons learned from a broader set of organisations .
Even more critical to ensuring network security , CISOs need the intelligence in the network to look more holistically at the behaviour of the traffic , incorporating different data sources and automatically identifying what is good and bad traffic . From here , appropriate technologies must be employed , such as intrusion prevention , network antivirus and SD-WAN to provide safety to all users in real-time and ensure seamless secure connectivity .
Detection
Today , organisations have more apps , more data , more locations and more remote users than ever before . Alert fatigue is a real problem , assuming every element is even being monitored . Millions of daily notifications warn of potential security dangers and , while some can be discarded , others must be acted on immediately .
Managed SIEM solutions enable security professionals to log cyberattack events and to cross-analyse and aggregate the details into an actionable format . They
56 INTELLIGENTCIO EUROPE www . intelligentcio . com