Bad actors are waging increasingly sophisticated and frequent attacks—including ransomware, cyber espionage, zero-day malware and fileless attacks—to exploit endpoint vulnerabilities. These rapid-fire, diverse attacks are generating an average of 11,000 alerts per week that security teams must investigate, triage and address.
As business leaders outside of IT continue accepting cybersecurity as a business strategy rather than just as a digital defense mechanism, there are still major vacancies in the cybersecurity personnel pipeline that require addressing. Knowing this, WEI’s advanced security solutions are complemented by a focus on helping replenish the talent pipeline. This commitment is confirmed by WEI’s partnership with CyberTrust Massachusetts, a non-profit organization working to cultivate a robust talent pipeline. The support CyberTrust receives from its higher education consortium members is paramount, especially with the all-new Cyber Range at Bridgewater State University (BSU) opening earlier this year.
See Bill Frank’s biography and contact information at the end of this article.
[Note: This is an updated version of the original article posted on March 21, 2024. I replaced the term "Governance” Controls with “Performance” Controls to eliminate any confusion with the NIST Cybersecurity Framework 2.0 use of the term “Governance.”
I focus here on automated controls that monitor and measure the “performance” of “Defensive” controls that directly block threats or at least alert on suspicious activities.
How well are your cybersecurity controls performing? Measuring control efficacy is challenging. In fact, under-configured, misconfigured, and poorly tuned controls, as well as variances in security processes are the Achilles Heels of cybersecurity programs.
A mismatch between risk reduction potential and performance results in undetected threats (false negatives) as well as an excessive number of false positives. This leads to an increase in the likelihood of loss events.
All controls, whether people, processes, or technologies, can be categorized in one of two ways – Defensive or Performance.
Inside our IT bubble, leaders are aware of the cybersecurity skills shortage that plagues enterprises. As concerning as this challenge is, it may come as a surprise to the general public despite headlines over record ransoms, data leaks, and network breaches. Simply put, there are many more position openings than individuals available to fill them. This imbalance is creating a security gap that cybercriminals are taking advantage of.
As threat actors get more sophisticated and aggressive campaigns become more commonplace, it is imperative that corporations step up their game. In the age of artificial intelligence (AI), machine learning (ML), and automation, the resources for a holistic approach have never been more available. Enterprises are starting to recognize the need to modernize their security operations center (SOC) with an advanced SOC solution. Unfortunately, CISOs everywhere are finding it difficult to identify a partner dedicated enough to conduct their due diligence about customer needs, identify potential solutions on the market, and deliver the know-how to implement the best technical solutions. WEI can do that.
As the 2024 New Year has arrived, so does the opportunity to make educated predictions for what the future holds for cybersecurity. Fundamentally, a cybersecurity strategy is an integral component of business strategy because it allows the business to harness risk. Since cybersecurity is often driven by compliance mandates and overly restrictive policies, cybersecurity teams are sometimes seen as the “department of no.” However, that need not always be the case.
Today’s discussion on sustainability is increasingly prevalent in ongoing dialogues, touching on varied issues from governmental budgeting practices to environmental concerns over global population growth. The state of sustainability is also a hot topic when it comes to cybersecurity as the aging reliance on human-led incident response grows flawed. The rationale for this shift is straightforward:
Investors with significant stock in public companies expect a high level of disclosure on information concerning new market competitors, shifts in product demand, and operational disruptions stemming from either natural disasters or cybersecurity. In catering to this need for transparency, the United States Securities and Exchange Commission (SEC) has recognized that cybersecurity incidents also warrant equal attention.
Cyber threats are in a constant state of evolution, posing a danger to organizations of all sizes, from the largest of enterprises to small and medium-sized businesses. All face heightened vulnerability to cyberattacks for several reasons, including limited resources in the SOC and a slower response to emerging threats. Even enterprises that have the budget to swiftly adopt new technologies and data transfer methods still struggle with effectively measuring ROI from deployed security tools and sorting aggregated data coming through their firewalls.
