[BreachExchange] Cybersecurity: How to ensure solutions aren't part of the problem

[Audrey McNeil]

http://www.ciodive.com/news/cybersecurity-how-to-ensure-
solutions-arent-part-of-the-problem/424062/

Reflecting on the security headlines so far in 2016, many high-profile
breaches come to mind, from the slew of ransomware attacks on healthcare
organizations to the leaked user credentials from popular social networks.
It’s clear that despite an increased focus on security, breaches are more
prevalent, complex and impactful than ever. In response, businesses
continue to throw money at the problem but have yet to come up with the
right solution.

The cybersecurity market is booming, with millions of jobs to fill and
always new products to choose from. Why then is it that IT professionals
still lack confidence when it comes to protecting their users and endpoints?

What’s missing

In Barkly’s recent survey of 350 IT pros, almost one in five IT
professionals indicated they don’t believe endpoint security is even
possible, an indication that current solutions are not inspiring confidence
among them. Beyond this, protection is also viewed as a drag on
productivity — a major issue for today's IT teams who are expected to
improve the efficiency of the entire organization.

Although uninspired by current solutions, IT teams indicated that they
would jump at the chance to purchase something new and different, with a
quarter stating that there is no limit to what they would pay for
protection that was effective and reliable. This presents a major
opportunity for vendors, but first, they need to address key issues that
users hate about their products. The top three complaints among respondents
were system slowdowns, unjustified cost and overly frequent updates.

To resolve these issues, organizations demand a solution that stops attacks
— not just identifies and tracks them, but actually stops them — and it
must not create the same pain as those they see today.

Internal alignment is the key to success

The good news is that the other 83% of IT pros believe endpoint protection
may in fact be possible. So how can they get there without butting heads
with management or slowing things down?

First, organizations must develop their own culture of security,
internally. That means aligning security goals with business goals, and
understanding how the former can support the latter.

When there is internal alignment around security, IT teams and executives
have more clarity around what they need in order to be successful. Clearly
defined goals and metrics — whether it’s a reduction in events, lower
clean-up costs, or less downtime — need to be combined with an
understanding of how they support the company’s larger goals and
priorities. That kind of clarity and common purpose is crucial to building
a security program that doesn’t just work, but makes work easier.

Case studies are more important than features

>From there, companies should stop buying security software based solely on
features and instead focus on use cases. A good way to avoid investing in
solutions that drain productivity or collect dust is to ask vendors for
contacts at companies similar to you (in size and industry) who have used
their product successfully. That way, you can get a better understanding of
how results were achieved and whether you’re realistically positioned to
achieve them, too.

Start at the endpoint

Finally, since most major breaches begin on user systems, a good way to
prioritize early security efforts is to center them on strengthening the
endpoint. When user devices are better protected, you’ll be much more
successful at stopping attacks before they execute and spread. A layered
approach — one that includes traditional antivirus, behavioral-based
protection for new attacks, and even user education — will help bolster
endpoint security and keep employees and services up and running.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160810/08f52eff/attachment.html>