Governance, Risk and Compliance, Security Strategy, Plan, Budget, Compliance Management

Here’s what proactive security looks like

Proactive security

Governments around the world have made clear that their patience has worn thin with data breaches. More severe consequences are coming.

Europe led the way with GDPR. The U.S. federal government has taken significant steps to enhance cybersecurity through accountability. The Biden administration launched a zero-trust architecture (ZTA) strategy to improve the cybersecurity of government agencies. Elsewhere, the administration’s National Cybersecurity Strategy puts the responsibility for software security on developers. The Securities and Exchange Commission has even told corporate directors they are responsible for cybersecurity policies, procedures, and incident response.

All this to say that the status quo has not worked. CISOs are in the hot seat, and change will come. What will this new era of proactive security look like? It will have these three characteristics:

  • Good security posture. The previous generation of security products blocked users and activities. It focused on prevention. With a distributed workforce, that’s no longer acceptable from a user-experience perspective. A new generation of security products now offers more subtle, changing permissions, and access. This approach doesn’t stop user activity from happening. It’s preventative, the same as blocking, but it doesn’t create friction with users or the business. Posture management has exploded with dozens of new products for applications, cloud, data, and SaaS security.
  • A focus on prioritization. Today’s CISO doesn’t need another tool that's offers visibility and can identify even more problems. They need problems solved and risk reduced. They are now measured on that. CISOs are responding by acknowledging what they can and cannot do. They cannot afford to treat all assets and data the same way. It’s a time for prioritization. Better posture and a more proactive approach are two important elements. Another includes focusing on the threats that matter most. Even the most well-resourced teams cannot chase down every high-severity alert. Proactive security products leverage AI/ML to synthesize and offer actionable insights. They deliver guided remediation, if not the real dream of auto-remediation. For example, attack surface management products automate the discovery of external assets. They offer context and expose high-impact, exploitable risks across the entire attack surface. Automated discovery combined with risk-based prioritization to act against the most critical threats. With focus, security teams can make meaningful risk reduction and prove it.
  • Extensive practice. Security pros must always consider people as part of the cybersecurity problem – and the solution. Employees are highly-targeted by attackers who go to great lengths to confuse them into clicking the wrong link, or sharing the wrong information. We hear about successful phishing attacks all the time. Employees are an often-overlooked part of the attack surface, and it shows. Proactive security awareness training programs are designed to educate employees on best practices for cybersecurity, such as how to identify and report potential security threats. By increasing employee awareness and knowledge of cybersecurity risks, companies can reduce their overall risk exposure. Practice also includes testing the thesis. Are these new, proactive tools with better posture and more context making a difference? Test all work with proactive penetration testing. This involves simulating a real-world cyber-attack to identify potential vulnerabilities in an organization's IT systems. By proactively identifying potential security risks, companies can take steps to address these risks before attackers can exploit them.

Proactive security will require facing reality. The status quo does not work. An age of accountability will emerge, from governments, regulators, and corporate boards. We can no longer sit back and do what has been done before. Proactive security will mean having the focus and context required to do the most important tasks right now. It’s about leaning forward with new tools and technologies. It’s about continuous improvement over time. There are no magic bullets. No easy outs. It's time for action.

Marc Gaffan, chief executive officer, IONIX

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.