By Kartik Shahani
As IT environments get more distributed, complex and heterogeneous through the adoption of cloud, mobility and other emerging technologies, they become more difficult to secure. Faced with this quick evolution, security teams often act reactively to the changes, opting to address the new gaps in the attack surface by purchasing “best of breed” security tools with a narrow and specific scope of functionality.
This approach, however, eventually backfires, when the security team finds that its product stack has filled up with tens of these individual tools that don’t interoperate with each other, creating data silos. Lacking a unified view of their security posture, security teams must spend time and effort manually stitching together the fragmented data from these different tools, in an often futile attempt to obtain a unified view. In other words, reactively throwing money at the problem isn’t the right approach.
It’s been reported that 82% of organizations in India increased their cybersecurity budgets in 2022 – and that 41% saw a double-digit increase. But how effective are these investments? How much of that budget is going to individual “point” tools that don’t play well with each other? According to Ponemon Institue’s Cyber Resilient Organization Report 2020, on average, organizations deploy 45 security solutions and technologies. This means having multiple metrics, analytics, reports and training requirements.
The report found that the widespread use of too many tools had an adverse effect on organizations’ ability to detect and defend against active threats. In fact, companies with more than 50 tools ranked 8% lower in the ability to detect a cyberattack. Contrary to popular belief, more security tools create inefficiencies and silos and do not equate to an organization being more secure especially when tools are deployed in an urgent manner.
If organizations want to have an effective cybersecurity strategy, they have to become less reactive and build a common set of policies and procedures, as well as invest in the right technologies. Organizations in India need to move away from relying on static, point-in-time data which causes a knee-jerk reaction every time a new exploit is discovered. Instead, organizations should shift to the ability to analyze consolidated data to make proactive, strategic decisions that maximize their efficiency and effectiveness to manage cyber risk.
Choosing the right cybersecurity technology means everything — here’s how to get it right.
From drowning in a tool soup to a single source of truth
An effective cyber defense strategy requires organizations to have continuous visibility over all assets everywhere – on premises, in the cloud, in IoT edges, in OT systems and so on – and be able to secure them. It includes understanding where to prioritize efforts, how to objectively measure progress over time and effectively communicate results to various stakeholders, and reduce the number of security incidents they need to respond to. With a unified, customizable platform, organizations have more time to address the most pressing aspects of cybersecurity by leveraging these advantages and benefits:
Comprehensive Visibility: A unified platform delivers a complete view of all assets and of their software vulnerabilities, configuration vulnerabilities and identity vulnerabilities. Security teams can now gather context about where they are exposed to risk. Complete visibility also extends to internet-facing assets so the risk of unknown security threats is reduced. It dramatically decreases the time and effort needed to understand the complete attack surface, eliminate blind spots, and build a baseline for effective risk management.
Predict and Prioritize: Without threat intelligence, organizations have no baseline to understand how assets, exposures, privileges and threats across an attack path are interconnected. With a single platform that combines threat intelligence from a large data set, organizations can continuously identify and focus on the exploitable attack and breach pathways that create the most risk. Security teams can also obtain predictive remediation insights with the least amount of effort to help prevent attacks.
Cyber Exposure Management: With a constantly evolving threat landscape, vulnerability management cannot be restricted only to patching and mitigating software bugs. Organizations need a centralized and business-aligned view of cyber risk with clear KPIs to show progress over time and effective benchmarking to compare against external peers. A centralized platform provides actionable insights into an organization’s overall cyber risk as well as the ability for cyber risk analysis to be customized or segmented by internal operating units. The platform delivers accurate business-aligned cyber risk assessments and also improves overall communication and collaboration between different departments, saving time and improving investment decisions. A single platform for cyber defense helps quantify cyber risk and drives improvement over time while tangibly reducing risk to the organization — which is good for the bottom line.
Cyberattacks are bound to become more sophisticated as technology evolves. Preventing cyberattacks in an ever-evolving threat landscape requires full visibility into all assets and exposures, extensive context into potential security threats, and clear metrics to objectively measure cyber risk. Cybercriminals will always find new ways to target organizations that become vulnerable to attacks if they lack effective deterrence. Organizations that can anticipate cyberattacks and communicate them with the leadership for strategic decisions will be best positioned to defend themselves against emerging threats.
The author is Country Manager at Tenable India
Disclaimer: The views expressed are solely of the author and ETCIO.com does not necessarily subscribe to it. ETCIO.com shall not be responsible for any damage caused to any person/organization directly or indirectly.