By Jon Check, senior director, cyber protection solutions at Raytheon Intelligence, Information and Services
From the halls of government to C-Suites around the world, CISOs and security practitioners alike are “crying uncle” from the onslaught of security tools being pitched to them each day.
From the halls of government to C-Suites around the world, CISOs and security practitioners alike are “crying uncle” from the onslaught of security tools being pitched to them each day.
Marriott recently disclosed a data breach that affected 500 million people around the world. Most consumers rolled their eyes and continued on with their day: data breaches have become commonplace.
However, if you look closer at the details, this breach should get our attention. It went undetected for four years. Four years the attacker was quietly and systematically stealing data without anyone knowing. That is an eternity in our interconnected world.
Like most large companies, Marriott had unlimited access to the best security vendors and tools. Having such a significant breach slide under the radar begs the question: What do you do now?
The knee-jerk response is often to invest in more security tools. But this response may not solve the problem.
I’ve heard countless CISOs and CIOs across the public and private sector say they are overrun with security tools; that they don’t need any more tools. Stop. With. The. Tools.
Tool fatigue has been driven by the rapid growth of the security industry over the last decade. 2017 alone saw Venture Capital firms pump over $7.6 Billion into cybersecurity companies, according to data from CB Insights. Everyone is looking for the silver bullet that protects them from all cyber threats and many companies claim to have solutions. CIOs and CISOs are bombarded daily by cybersecurity companies and their latest tools. And many buy tools hoping for a permanent fix. But, as we all know, collecting tools does not provide a permanent fix against a threat that morphs and adapts with frightening regularity.
For security technology to remain relevant and effective, it must be continuously updated. If you fail to update your smartphone, applications stop working. This is the same for security tools.
If we are going to minimize data breaches, organizations are going to need to rethink their approach to security. Here are some ways to more effectively keep your organization safe from cyber breaches.
Assess your risk
Your organization is only as secure as your last risk assessment. Risk assessments outline vulnerabilities and their frequency, as well as, define the level of impact your organization may face if an intrusion occurs. This provides security teams the guidance to narrow their focus and allocate resources efficiently to defend against threats that pose the greatest risk to their organization.
If you don’t do regular assessments, you are at risk for both breaches and overspending on ineffective security tools.
Fine tune your tools
Because you will never out hire the threat, optimizing and integrating your cybersecurity tools is essential. They are near useless on their own. Implementing a continuous modernization and sustainment protocol will enable your security team to continually update and enhance their security environment. It also ensures your security team is focused on proactive defenses, such as active monitoring, threat hunting and automation.
If your organization does not have the bandwidth to optimize its security environment, an alternative option is to seek out a cyber-as-a-service provider. These providers deliver outcomes-based solutions and remove the burden of tool ownership and talent acquisition.
Focus on Fundamentals
Fundamental security best practices are your organizations greatest defense. According to the SANS Institute, 95% of all attacks on enterprise networks are the result of human interactions such as spear phishing.
To combat this stark reality, company-wide cybersecurity requirements must include employee training and a cultural emphasis on strong "cyber hygiene," and administrators should scrutinize software updates before implementation.
Security tools are worth the investment, but they require maintenance, evaluation and talent if they are going to generate a return. I encourage every security practitioner to think about your current security investments and take the time in 2019 to reevaluate the tools in your arsenal.
