Why re-focusing your cybersecurity efforts for the New Year is particularly important in 2020.
All you have to do is Google cybersecurity and you’ll see article after article with predictions for the coming year. While industry predictions are helpful, they can also be overwhelming and leave even board members and CEOs feeling paralyzed at the many opinions, products, solutions, and research reports available. This is not to mention the daily bombardment of news articles about the latest breach and the millions (now billions) of records being exposed.
Cybercrime has evolved rapidly in recent years, as you can see in this infographic showing where we’ve been and the holistic approach required to address the increasingly complex threat landscape.
THE REAL QUESTION
While US firms have been somewhat confident in their security approach in past years, I think it’s safe to say that confidence has been shaken. So, the real question most businesses, organizations, non-profits, and municipalities are all facing is Where do we go from here?
A HOLISTIC APPROACH
What continues to emerge again and again is the fact that effective cybersecurity is comprised of more than only email security or firewalls or training or policies. Cybersecurity must be factored into every level of the organization across technology, employee practices and physical security, and it must also consider the external threat environment. This holistic approach is made up of four basic areas working together to create a comprehensive defense against cyber attacks.
- Cyber Guidance
This encompasses security strategy and planning and includes CISO Assessments, Improvement Roadmaps and Compliance and Policy Development.
- Cyber Operations
This includes threat monitoring by Security Analysts and Incidence Response, which we do from our Security Operations Center (SOC), and also includes implementation of Identity and Access Management.
- Cyber Intelligence
This covers intelligence on active and planned attacks and identifies signals that your data is already circulating on the Darknets. Intelligence is most effective when it goes beyond automated reports to customized insights from highly experienced cyber intelligence experts. identifies signals that your data is already circulating on the Darknets.
- Cyber Training
This includes apprenticeships and specified training for cyber and IT professionals to up-level their skills. It also consists of classes and table-top exercises to reduce risk and increase staff preparedness.
TRAINING AND IMPLEMENTATION
While new tools and technology are being developed regularly to improve the security options of various organizations on various budgets, one of the biggest lacking areas has been training and implementation.
Many organizations purchase tools only to find they haven’t been implemented properly in order to be truly effective. Organizations will focus on hiring IT personnel or outside contractors, only to realize a breach was caused by an employee opening a malicious email. While we may chuckle at the person who struggles with all the capabilities of their Smart Phone, understanding some principle concepts of cybersecurity as it applies to daily functions is necessary at all levels of an organization.
HERE’S TO YOU
So, here’s to you. As we continue to refocus and prioritize our efforts to be the most affective cybersecurity service provider, we take you as our inspiration. Your businesses, your organizations, your people and the people you serve. Amongst all the predictions, the one we stand by the most is this: we will continue to defend business and government against Internet threats. And provide the advanced skills and services necessary to detect, investigate, and respond to adversaries.
We’re here for you.