This year’s report focused on reducing complexity, the benefits of vendor consolidation and how a planned approach, backed up with the right metrics, will increase cybersecurity efficiency and reduce costs.
As shared in the report, Cisco’s 2020 CISO Benchmark Survey revealed that security managers are continuing to reduce complexity through vendor consolidation. According to the survey, only 13 percent of organizations who responded are using more than 20 cybersecurity vendors in 2020.
Year after year, more survey respondents are also saying that working with multiple security products presents a challenge, with a 6 percent increase from 2018 to 2020.
By consolidating the security solutions being used by your enterprise, you can reduce the complexity caused by multiple consoles and increase visibility across the security infrastructure. As shared in the report, “A lack of integration exposes a critical security weakness in an organization’s ability to respond to threats rapidly.”
2. Track the right metrics
There are more ways to determine cybersecurity success than just comparing the number of security breaches. As shared in the report, making use of metrics focused on visibility and control will allow teams to more accurately determine the success of their efforts and whether solutions are performing adequately.
These metrics include dwell time, protection ratio, incident false positives and the ratio of user-identified incidents to SOC-identified incidents.
To determine which metrics to track, enterprises first need to know what their goals are, whether it be reduced costs, lower mean-time-to-detection or lower mean-time-to-remediation.
3.Choose solutions based on holistic security needs
In Cisco’s introduction to the report, they use the Hydra as a metaphor for the ever-evolving cybersecurity landscape. In essence, when security teams only focus on one specific need and introduce a security solution for it, they often end up creating needless complexity. This complexity then creates additional problems, much like when two Hydra heads grow back after cutting one off.
Instead of finding a new solution for every cybersecurity need, Cisco recommends a platform approach through integration. To find the right solutions, which also need to be able to work together, security teams need to spend time prioritizing their security needs, while also keeping business goals in mind. With this approach, security teams can make decisions that will positively impact the entire security environment.
4. Promote collaboration between NetOps, ITOps, and SecOps
While these three groups typically work independently, they rely on each other to solve problems. As shared in the report, by providing collaborative workflows and improving communication, it will “enable ITOps to remediate issues with meaningful alerts and allow NetOps to enforce policies more consistently. This reduces the burden on SecOps and improves the productivity of all three teams.”
Utilizing an integrated, platform approach to cybersecurity can help promote this kind of collaboration.
5. Make use of automation to increase efficiency
Repetitive, manual processes, which are time consuming and create opportunities for human error, can be automated when using a platform security approach. In addition to increasing efficiency, this opens up more time for more complex projects and business innovation.
Automation can help enterprises tackle the current talent shortage plaguing the cybersecurity industry, allowing enterprises to more strategically utilize employee resources. Not only does this make better use of each employee’s talents, it also improves employee retention and promotes professional development.
Cisco’s cybersecurity solutions are built to create a simplified experience, which reduces complexity, strengthens operations and allows teams to focus attention on higher-value initiatives. With products ranging from email security to next-generation firewalls, Cisco can help any enterprise with any security need. Each product is also built with integration in mind, allowing them to be integrated with non-Cisco technologies. If you want to further explore how Cisco’s security solutions can make an impact for your organization, or perhaps you want to know how you can take advantage of what Cisco has to offer, contact WEI today to start a conversation.
NEXT STEPS: Is your network staying ahead of the curve or is it holding you back? Intent Based Networking (IBN) is more than just a new industry buzzword, it’s what enterprise networks are demanding in order to keep up with the speed of business today. Learn more about IBN and how Cisco is paving the way for more intelligent networking and security solutions in our white paper, “Make Your Network Work For You With Cisco DNA Center.” If you’re a ‘Cisco shop’, this white paper is a must-read!