The numbers are in, and it’s not great news: it now takes companies 206 days on average (opens in new tab) to detect a data breach. Research firm Ponemon suggests companies aim for internal detection with 100 days or less — this keeps costs “down” to just £4.5m. Push past that 100-day mark and costs ramp up to almost £7m.
The challenge? More than 75 per cent of companies asked said they don’t have a formal cyber security incident response plan (CSIRP) (opens in new tab) that’s applied consistently across their organisation. It’s no surprise, then, that 57 per cent of respondents said it now takes longer to resolve a breach and 65 per cent noted the severity of attacks increased.
Organisations and IT pros know the value of improved cyber resiliency and company-wide policies, and the outcomes speak for themselves. However, they also face the spectre of cybersecurity fatigue: constant best practices to follow and rules to implement that simply aren’t feasible day-to-day. Here are four fresh strategies to help boost cyber resilience.
Lose the lockdown mindset
Technology is now a critical factor in employee satisfaction — as noted by Digitalist Magazine (opens in new tab), 82 per cent of staff under age 34 consider their prospective employer’s tech environment before taking a new job. And for 42 per cent of those asked, poor technology implementation and availability could make them quit.
What does this mean for organisations? That despite years of being told to “lockdown” IT tools and services to boost cyber resiliency, this strategy has the opposite effect. Why? Because day-to-day tasks now require a combination of mobile tools, cloud-based services and public web searches. Attempting to curtail employee access for security purposes not only prompts turnover but can impact business performance.
It’s time for businesses to lose the lockdown mindset. Instead, focus on tools and services that provide granular, real-time end-user monitoring to provide total endpoint visibility.
Security by design: Just the start
Security by design has become a hot-button topic for many organisations thanks to the rapid uptake of mobile and IoT devices, many of which are insecure by default. The good news? Security by design is making headway, with many new services carrying embedded security tools such as encryption, strong authentication and automatic backups. In fact, the UK Government (opens in new tab) launched a policy paper earlier this year to set out its work in ensuring that consumer IoT has security built in from the design phase.
But it’s not a guarantee. Consider: new cars come with a host of safety features which — by design — are meant to protect occupants. If the car is driven recklessly, however, or these features aren’t regularly maintained, their ability to safeguard passengers goes up in smoke.
The same is true for security by design. Improving cyber resilience means recognising this development as a starting point. Sustainability is now critical; this includes open lines of communication with staff, regular training on new policies and the recognition that security is always evolving.
Don’t fight gravity
Security recommendations often sound good on paper but are almost impossible to enforce in real life as they make life more difficult for employees and so they simply circumvent any restrictions. Better cyber resiliency means accepting the consumerisation of IT tools and employee expectations: factors such as fun, ease-of-use and “coolness” all play a role in how staff interact with technology services.
IT pros should also make sure to use the power of data automation to get ahead and improve employee experience. For the world’s most successful companies, everything is automated, from server farm climate control to destroying failed disk drives, to quarantining cyber threats. More critically, this automation decouples the problem from the solution by failing over servers before they’re impacted directly and then escalating the issue for IT engineers. The result? IT can tackle their task queue without panicking since the problem isn’t getting worse — it’s just waiting for a fix.
Automation also leads to sounder cybersecurity policies and defences. In the event of a system failure caused by a malware attack, it is a critical tool in containing the threat and responding. IT departments can have automated systems in place that can alert them to potential issues, provide automatic remediation, as well as faster Mean Time to Resolution (MTTR) of issues, so that they are free to address the large issues and take a more strategic approach to prevention.
If a system failure does take place, IT needs to be able to restore normal computing services as quickly as possible to minimise the impact to the business. As infrastructures becomes more complex, IT needs to ensure visibility across the entire network, including the endpoints, in order to detect where problems might be occurring. IT also needs to see into situations that are ripe for problems, such as overloaded systems reaching storage limits; inadequate security protocols; end-user activity on suspicious websites; or even burned-out employees, who are spending too much time on their computers afterhours.
Business cyber resilience is also improved by running up to date and patched applications. Being able to automation this process minimises disruption and keep all employees synchronised. On the flip side, if an update is installed which does not work as intended, the issue should be flagged and remediated automatically, saving valuable employee time.
With the right tools in place, IT pros can see what’s happening, when, and why, and take steps to respond immediately. This might mean solving user problems before they need to call IT, or detecting insecure activity before it compromises corporate networks — this provides the critical impact of both defining and improving the end-user experience.
Shine a light
Shadow IT remains a problem. CSO Online (opens in new tab) notes that business users drive 38 per cent of technology purchases because they’re willing to circumvent IT rules and leverage cloud or mobile services to get their job done, even if it leads to increased security risk.
Common advice here tells companies to “control” shadow IT, but that often means placing arbitrary restrictions on IT services which users simply ignore. Another option? Implement digital experience management (DEM) tools (opens in new tab) that help discover where users are frustrated, then loop staff into the conversation and ask their opinion. Reliable end-user data makes it possible to design secure tools and services that booth meet employee needs and boost cyber resiliency.
There’s a ton of security advice out there, but most is just a rehash of old policies that don’t really work. Want to improve cyber resiliency in the real world? Lose the lockdown, sustain security, go with the flow and shine a light on shadow IT.
Andrew Smith, UK Sales Director, Nexthink (opens in new tab)
Image Credit: Pavel Ignatov / Shutterstock