As organizations amass more data, the impacts of cybersecurity breaches or near-breaches are growing, from damage to reputation to legal and regulatory troubles to financial loss, according to CDW’s latest Cybersecurity Insight Report, which is based on a survey of more than 400 IT leaders about the current state of cybersecurity. Attackers are becoming smarter and stealthier, notes Alyssa Miller, manager of CDW’s information security solutions practice, who outlines key findings from the report on the CDW Solutions Blog.
Perhaps that’s why fewer organizations are able to remediate a breach or near-breach within days – 46 percent of respondents said they can do so today, compared to 69 percent in 2017, according to the report.
On a positive note, the survey found that organizations are increasing their focus on cybersecurity, upping spending on preventive measures such as internal cybersecurity and self-scanning activities. Forty-two percent of respondents said they plan to increase their budgets for security staff, training, and software and hardware today, compared to 25 percent in 2017.
Executives and technology leaders may find themselves bombarded with conflicting messages from security vendors, consultants and practitioners, however, with each one promoting a different set of best practices that they believe will solve the organization’s security challenges, Miller says. She recommends that leaders cut through the noise by developing a cohesive cybersecurity strategy that first establishes the critical security priorities of the organization.
The most effective way to do this is by focusing not on IT-related assets, but on identifying the assets that are key to business operations. Customer data, trade secrets and financial assets surely will be on that list. Critical assets could also be personnel, or even the ability to deliver critical services. Once that list is developed, the organization can identify the types of threats those assets face and design security controls that directly address those threats. To learn more, read Miller’s blog, How Medieval Castles and Modern Cybersecurity Are Alike.