[BreachExchange] Are you taking care of business? Your cybersecurity to-do list
Audrey McNeil
audrey at riskbasedsecurity.com
Fri Mar 9 14:53:01 EST 2018
http://exclusive.multibriefs.com/content/are-you-taking-
care-of-business-your-cybersecurity-to-do-list/business-management-services-
risk-management
The king of rock and roll, Elvis Presley was famous for "Taking Care of
Business." But when it comes to your business's cybersecurity dashboard, do
you have the right metrics and visibility to mount a proper cyber defense?
Or are your cyber optics just along for the ride?
No matter how many news stories about hacks, information theft and cyber
espionage surface within your Facebook or Twitter feed, the idea that it
could happen to your organization sometimes remains just that. Many
companies do not devote the proper resources to effectively safeguarding
their networks, even though the global cost of cybercrime will reach $2
trillion by 2019, up three times the amount in 2015.
Don't wait for cybercrime to find you — remember that the best defense is
always a good offense. Maintaining a successful security strategy requires
dedication and delivering on a strategy that supports all functions of an
organization. Security is a companywide issue, and quantifiable metrics not
only unify language but also demonstrate success.
Keep your eyes on the prize
Your team can't catch what they don't see. Sounds like a catchy song lyric,
doesn't it? Maintaining a comprehensive view of the entire organization
means more than just access to networks and systems. It requires an
understanding of typical user behaviors and data traffic patterns, plus an
awareness of corporate protocols as they relate to remote users and servers.
Proper visibility throughout an organization necessitates laser focus on:
BYOD (Bring your own devices) protocol and management: Most organizations
have policies around personal devices brought from home. These may or may
not be followed, so a closer eye on device usage throughout the
organization is warranted.
Email traffic: Did you know that in the third quarter of 2016 alone, 18
million new malware samples were captured? Viruses via email remain a top
concern for security teams.
Social and internet traffic: It's likely that most employees in your
organization use social media, perhaps even to promote the business.
Prevent them from becoming an avenue into committing fraud or damaging the
brand.
Unusual user behaviors: Understanding your organization's user behaviors is
key to spotting abnormal patterns. Communicate clear policies and
expectations for employees, and enforce compliance to avoid accidental
missteps and catch genuine incidents.
Cloud applications and virtual servers: Internet-based applications create
functional and productivity tools for an organization, but they put data at
risk. Careful monitoring and protective firewall construction prevent easy
access for hackers.
The best metrics: Keep it simple
Create a security plan with goals that are understood and supported by the
whole company. Measurement offers a clear and concise method of presenting
critical information, so it's important to measure the right statistics.
Communicate on stats and data aligned with business objectives to gain the
support of your employees and create a common language that everyone can
understand. Focus on answering the following questions:
How are we doing compared to our peers? In today's business environment,
understanding how successfully your organization prevents data loss or
theft compared to other companies in your vertical provides a clear
perspective on how effectively your strategy is working.
How quickly are we able to respond to a breach? Your response plan to a
potential security incident is a critical factor in recovering from a
cybercrime. Remember, it's not if you are breached, it's when. Recognition
of an incident, isolation of a breach and recovery convey the crucial steps
to preventing widespread loss of private data. Two of the effective
security metrics we use with our clients are "dwell time" and "lateral
movement." Dwell time answers the question, "How long did it take you to
find and contain a breach?" Lateral movement describes how you were or were
not able to prevent the cyber adversary's movement throughout your network.
Are we getting better? Cybersecurity is never done. Regular audits of
security processes and breach protocols provide opportunity to improve and
excel. Make sure your executive board is cognizant of the evolving journey.
Are we spending enough (or too much) money? Aligning security technology
and human resources with return on investment can be tricky, but budget
allocations are a realistic pain point for many security departments and
must be addressed.
Creating and maintaining a thorough view of an organization's user, network
and system traffic allows a security team to design a blueprint to a
comprehensive security strategy. Communicating that plan and measuring its
success requires the right metrics to align IT with business and prevent
widespread damage from information thieves.
Be a cybersecurity rock star. Just like any musician, you'll have your big
hits and your flops. But when you can see where you're going, with the
right visibility into your systems, you will be TCB — taking care of
business.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20180309/67dea3bf/attachment.html>
More information about the BreachExchange
mailing list