Cisco Switzerland Technology Blog

We need to change the way we think about cybersecurity

Wednesday, 28 March 2018

Cyber crime is estimated to reach $2 trillion by 2019. That’s $2 trillion made at the expense of legitimate businesses, not to mention all the financial losses hackers cause in their path of destruction. For many companies, it feels like they will forever be on the losing team. They don’t have enough time, budget or people to address all the security challenges they face. And those challenges are growing every day.

Companies have to comply with new and old regulations, answer to a board of directors and meet customer demands. They have to securely enable new technology, such as the Internet of Things. They also have to support new ways of working, such as allowing employees to use their own devices or work remotely.

Despite that, many companies are still attempting to tackle new challenges using the same old strategies. Gone are the days when just buying a new box would fix most security problems.


Building a strong security posture

Figures from the Cisco 2018 Annual Cybersecurity Report (ACR) show that only 26% of security breaches could be stopped by technology alone. The majority of solutions requires a combination of robust technology, strong processes and qualified people. Complex challenges require more than strong barriers; they require a strong overall security posture.

“So what’s the difference?” you may ask. Over the years, companies have been mostly focusing on stopping threats before they happen, by investing in defence technology such as antivirus software and firewalls. They were not preparing for the worst-case scenario, which is now omnipresent.

As networks extend beyond traditional perimeters, and as hackers become more adept in disguising their attacks, companies need to shift their attention to breach detection and response. In many cases, organisations are still unable to see when they have been breached.

This change in perspective doesn’t mean that companies should not invest in protection and assume defeat; it just means having a contingency plan for when those initial barriers fail. Most likely, it will happen at some point.

Building a stronger IT security posture requires that companies change the way they invest in cybersecurity. Here are a few steps to keep up with evolving threats:

Think about security from the start

security should be a part of any technological process in a company from the start, and not added on as an afterthought. We are at a time when companies are constantly adopting new technologies, yet only thinking security when something goes wrong. If you think about security first, you will likely enjoy all the benefits of new technology without compromising your network or slowing down your growth.

Move away from a best-of-breed approach

Research published on the Cisco 2018 ACR shows that the more vendors a company has, the more complex it is to manage security. Despite that, 72% of companies still prefer a best-of-breed approach. For 29% of companies that choose this approach, the reason is price: they believe it is more cost effective to buy this way. However, the total cost of ownership of an integrated approach is likely to be lower. When including other costs such as the resources needed to manage security, an integrated approach has an advantage. In addition to that, it is less complex to manage and potentially more effective.

Improve your detection and response times

Invest in technology and processes that can help you detect and respond to cyber attacks when they happen. It includes solutions such as advanced malware protection and network visibility  Threat intelligence can also help you continuously improve your defences to avoid recurring threats. Having an integrated architecture, where products exchange information, helps apply this intelligence faster across the entire network, thus reducing response times. Solutions from multiple vendors may not allow this type of integration.

Have an incident response plan

Do you have the skills to deal with a major cyber attack? Can you quickly determine the scope of the attack and what systems have been affected? What is your plan to inform customers about data leaks? Is your PR and legal teams prepared to react fast in the event of a breach? Knowing the answers to these questions before an attack happens will help you respond faster and minimise the damage to your company’s finances and reputation. On the technical side, incident response services  can help your team in their time of need.

A breach can happen to anyone. It is how a company reacts that counts. We have seen many examples of companies who managed to keep their reputations intact by being transparent and taking control of the situation. On the other hand, companies that have no strategy in place are more likely to make bad decisions and suffer the most. This is why having a strong security posture can make all the difference in the outcome of an attack.

Leave a comment