Are you relying on someone else’s strategy to build your cybersecurity plan?
With the complexity of building a solid cyber strategy, it’s tempting to copy what others are doing, especially if your internal and external influencers are promoting the same suite of products they used in their last project. And sure, what’s worked for others might work for your environment. But when it comes to your cybersecurity, is “might work” good enough?
In a recent conversation, someone asked whether a one-size-fits-all cybersecurity strategy would work, adding, “Why wouldn’t most all organizations of the same size and type just adopt the same set of products and processes?”
Admittedly, this line of thinking caught our attention. Why not indeed?
The reality is, while the set of standards for one business sector will narrow down the selection somewhat, no two organizations are exactly alike. As Motorola’s CISO Richard Rushing recently wrote, “Every organization is different and therefore needs a different security program.” In an interview with The Cipher Brief, James N. Miller, Former Under Secretary of Defense for Policy, noted, “What we all need is a tailored deterrence.”
It’s also important to be aware of the natural temptation to fall into the marketing traps that come at us daily. The “keys to success” or “simple steps” that are packaged up for us (and everyone else) often buy us more trouble in the end.
5 Tips for Building Your Cyber Strategy
A good cyber strategy fits your organization’s needs, given the budget and resources you have, and pulls in methods from a variety of resources. If you have a smaller organization without certified internal staff, a single source partner might be a good option, but be vigilant in ensuring that they’re compliant in all areas. I’m finding that many vendor-partners are behind by months and sometimes years on their approach to this challenge. And keep in mind, nefarious actors are relentless.
As you start building your adaptive cyber strategy, here are some questions and approaches to consider:
- What can we do to better educate our staff about cybersecurity?
Employees are the weakest link in your security chain, and increasingly, we see that the majority of breaches are traced back to employee behavior. Consider Wombat Security Technologies (a division of Proofpoint) to provide interactive, engaging and measurable cybersecurity awareness training for employees. Wombat’s platform integrates software-based interactive training, mock cyberattacks, reporting and administrative capabilities into one easy-to-use system.
- How can we better protect against bad websites and email attacks?
More than 90% of targeted attacks start with email, and these security threats are always evolving. Email protection solutions can provide multiple layers of security to stop malware and non-malware threats, such as email fraud. They can also control all aspects of inbound and outbound email to detect and block threats and prevent confidential information from getting into the wrong hands. Some features to look for include:
- Advanced email filtering, control and visibility
- Impostor email threat protection
- Internal mail defense
- Email continuity
- How can we prevent malware attacks on servers, desktops and other mobile devices?
The key to effective endpoint protection lies in the ability to dynamically detect malicious behavior across all attack vectors and respond intelligently at machine speed, all through a single, easy-to-manage platform. If the attack is file-less, legacy and next-generation AV will leave you defenseless. Nextgen endpoint protection solutions like SentinelOne defeat advanced threats across all significant attack vectors.
- Is there any way to get better at predicting where the next attack will come from?
This is an area we believe is critical for building a smart cyber strategy. By improving your ability to assess and predict where your biggest vulnerabilities are, you can allocate limited resources more effectively and efficiency. Fortunately, technological innovations are making it easier to do this.
For example, our technology combines advanced machine learning with automatically mined deep web and dark web information to provide proactive, actionable cyber threat intelligence. This approach rapidly accelerates the collection of data to analyze and then uses machine learning to identify potential threats.
- With the shortage of qualified cybersecurity experts, how do we monitor and protect our environment?
As security regulations continue to grow more complex, it will take more of your time and resources to demonstrate compliance. Many Security Operation Centers (SOCs) helpdesks can tend to the basic mechanics of IT security systems. But they often don’t have people with adequate experience to deal with the daily threats faced by most businesses.
This lack of professional expertise in the cybersecurity domain has become painfully evident. Just look at the number of large and well-resourced operations that have been unable to recognize cyber breaches until weeks and months after the intrusion. Regardless of the size of your organization, make sure you are working with a partner that offers a fully managed and professionally staffed SOC.