In the last six months, the fear of cyberattacks has grown significantly, largely due to several high-profile incidents that left enterprises struggling to deal with the fall out and the general public fearful of the next attack.
Today’s cybercriminals aren’t just targeting corporations or financial institutions. They’re paralyzing oil pipelines, shutting down public transportation, and holding police forces hostage. Anyone and anything can be a target and businesses need to prepare accordingly.
So, what are you doing to protect against omnipresent cyberthreats? Below we have provided five tips that can help IT leaders ensure their cybersecurity strategy is comprehensive.
1. Carefully Consider Your Cybersecurity Budget
According to Cyber Defense Magazine, cybersecurity spending is to exceed $1 trillion over a five-year period ending in 2021. That constitutes a growth rate of 12 percent to 15 percent a year. However, they also predict that the cost of cybercrime around the world will rise to $6 trillion over that same period.
Obviously, there seems to be a disconnect. We are spending more money to protect against threats that are in turn costing an increasing amount of money. You don’t have to be a financial advisor or CFO to know that the ROI on that $1 trillion isn’t very good.
A 2019 study conducted by Deloitte showed that financial institutions spend an average of 10 percent of their IT budget on cybersecurity, while a 2019 State of the CIO Survey showed a mean of 15 percent.
While there is no hard answer to how much a company should spend on cybersecurity, companies should be getting some type of return on their investment, just like any other IT acquisition. Just throwing money at the problem won’t make it disappear if you don’t have a strategic plan for those funds.
2. Make Sure You’re Focusing On The Right Threats
A 2017 survey involving approx. 1,100 cybersecurity executives showed a blaring disconnect between the security solutions their organizations spent money on and the solutions they actually needed to address their most pertinent threats.
While 30 percent of the respondents classified their organizations as “very or extremely vulnerable to data attacks,” 62 percent listed network security as their top spending priority, while 56 percent cited an endpoint solution. As it turns out, data-at-rest security solutions ranked last.
So, why does spending not match up with cybersecurity vulnerabilities? One possible explanation for this quandary is that companies continue to purchase what they are used to or what has worked in the past. However, threats are continually evolving, therefore your required solution sets must evolve as well. Another factor is that many organizations implement security measures without first assessing what their digital environment truly compasses, leading to an incomplete picture of their cybersecurity vulnerabilities.
3. Don’t Get Caught Up On Every New “Best Of Breed” Solution
If you’re involved with IT solution purchasing, you should be familiar with the term “best in breed,” which signifies a solution is the best option available. In theory, best of breed sounds wonderful and at WEI, we stand behind solutions that we can attest are the best solution available for your unique business needs.
That being said, when it comes to purchasing, cybersecurity is a bit different than other areas of IT. Cybercriminals evolve quickly and new attack strategies emerge every day. Trying to stay ahead of these developments by snapping up every new best in breed solution is an inefficient strategy and may actually create more cybersecurity risks. According to a 2020 study, 40 percent of security professionals say that purchasing from a multitude of security vendors adds cost and purchasing complexity to their organization. In fact, the 2020 CISO Benchmark Survey underscored a direct correlation between the number of security vendors a company had with the amount of downtime they experienced as a result of a security incident.
The bottom line is that more solutions create more complexity and reduce the effectiveness of your overall cybersecurity strategy. Unfortunately, adequately defending your digital environment is more complicated than just picking up the newest and hottest cybersecurity solution.
4. Avoid Cybersecurity Silos At All Costs
You’ve probably heard this a million times already. To be truly successful, enterprises need to break down IT silos. We often associate silos with management systems or data storage solutions and while companies have made great headway over the years in breaking these down, the average cybersecurity estate remains plagued with them.
Each tool works independently and forces IT professionals to perpetually bounce back and forth between tools, creating both visibility and attention gaps. It also creates a deluge of unfiltered alerts. According to the 2020 CISO Benchmark Study, 44 percent of organizations see more than 10,000 daily alerts, of which only half are addressed. The same study showed that 82 percent of CISOs acknowledged that orchestrating alerts from multiple vendor products was challenging.
5. Utilize A Cybersecurity Platform
Today’s enterprises need a security strategy that enables a more holistic and collaborative approach to combat threats, especially as the industry suffers from a lack of qualified cybersecurity professionals.
While many IT leaders are familiar with the concept of solution-based platforms, such as an endpoint protection platform or the platform of tools conglomerated in a next generation firewall appliance, portfolio-based platforms allow you to integrate the products you already use now with the products you may want to use in the future, even third-party products.
These agnostic security platforms, such as Cisco SecureX, can unify visibility across all parts of your infrastructure through a combined console that vastly increases operational efficiency. These platforms provide actionable automation when it comes to workflows in order to better hunt and remediate threats.
In particular, Cisco’s security platform enables better decision making through comprehensive threat detection, powerful analytics and security policy management. In addition to its security offerings, a modernized security platform provides value through greater efficiency and ROI metrics that can greatly accelerate time to value.
Achieve Comprehensive Cybersecurity With Cisco
As a leader in enterprise security, and with products ranging from email security to next-generation firewalls, Cisco can help any enterprise ensure comprehensive cybersecurity. With Cisco SecureX, enterprises can simplify their cybersecurity strategy and improve response efficiency without compromising data.
NEXT STEPS: Learn more about how Cisco SecureX is unifying and simplifying enterprise security in our free solution brief download below. Click below to start reading.