A new report from CompTIA, a leading technology industry trade association, reveals that 55 percent of executives and 61 percent of business staff rated cyber efforts as completely satisfactory, while just 35% of IT staff said the same. The takeaway? For many C-Suite executives and business users, cybersecurity is a bit of a blind spot. Those closer to the problem know the real score. The fact is, most organizations are not fully prepared—and worse, they also may be unaware of their peril or how to best bolster their defenses.
Our recent whitepaper, Where to Invest Next: Guidance for Maturing Cyber Defenses, examines three key areas—people, processes, and technologies—where maturing organizations can most effectively bolster their cybersecurity capabilities.
1. People: Skills and Expertise to Match Technology
In many maturing organizations, cybersecurity may be seen as a “bolt on” capability within IT — but that’s a misconception. Cybersecurity requires skills and expertise beyond what is typically present in the IT function. In order to mature, organizations must have a dedicated leader for the security function, as well as a specialized team to carry out his or her security strategy.
Ongoing Security Maintenance and Oversight
It is important to keep in mind that while security tools and applications can be used to monitor the health of the organization, they are not autonomous. These solutions require maintenance and oversight. At a minimum, they must be configured to address the intricacies of each organization’s unique environment. The security team must also be capable of responding to the alerts and notifications these solutions produce. As such, organizations should implement technology only when corresponding resources can manage, operate and respond to those tools.
2. Technology: Security Without Gaps
Developing the right mix of security technologies can be a challenge for organizations with relatively little cybersecurity experience. As a first step, the security team should conduct an assessment to identify and prioritize technical capability gaps across the business. Any acquisition of new technology should address the needs surfaced during this process. Conducting this assessment is not a one-time exercise, but an ongoing operation. The organization’s needs will change over time—and so too must its solutions.
Establish a Threat Detection Framework
As part of this process, organizations may also consider creating and maintaining a “threat detection framework.” This is a working list of all use cases the organization wants to detect, mapped against the solutions that provide the corresponding detection capability and associated data. Formalizing this process early can help provide structure and order as the organization’s security infrastructure grows.
3. Processes: Grounding Your Investment
While most organizations understand that building a cybersecurity solution will involve strategic hiring and technological deployments, they sometimes overlook the protocols and processes that ground those investments. Basic security policies are among the most fundamental elements of any organization’s cybersecurity program. The security team should consider adopting a comprehensive information security policy framework that includes such topics as acceptable use, remote access, appropriate file storage and other guidance to help protect assets.
Vulnerability Management Is Important
Another crucial area of concern is vulnerability management. Patching is one of the most basic—and most important—elements in managing technical vulnerabilities; any attempt to mature an organization’s security posture must include patching with regularity. In addition, maturing organizations should perform periodic vulnerability scans, which identify potential weaknesses that have not been addressed by patching.
Asset Identification and Control Is Key
Another key aspect of the security playbook is asset identification and asset control. The organization should determine which assets are the most vital—the so-called “crown jewels” — and whether they warrant any additional protections. Along the same lines, maturing organizations should consider implementing role-based access controls that will limit the impact to the business in the event a user is compromised.
A Cybersecurity Incident Is Inevitable: Be Prepared
Given the current threat climate, it is inevitable that an organization will experience a cybersecurity incident. For this reason, maturing organizations should look beyond simple prevention efforts and incorporate threat detection and response capabilities that can effectively monitor, contain and neutralize attacks. With the threat landscape becoming increasingly complex, blending these offensive and defensive tactics into a single robust strategy is perhaps one of the most important investments an organization can make. And that’s something the C-Suite and IT professionals will likely agree on—100 percent of the time.
- Download the white paper “Where to Invest Next: Guidance for Maturing Cyber Defenses.”
- Learn how CrowdStrike Proactive Services can help increase your organization’s cybersecurity readiness by visiting the webpage.
- Learn more about the CrowdStrike Falcon endpoint protection platform by visiting the webpage.
- Get a full-featured free trial of CrowdStrike Falcon Prevent™ and learn how true next-gen AV performs against today’s most sophisticated threats.