By Lucy Kerner
When it comes to cybersecurity, a lack of resources can be a bigger threat than the criminals who have their sights set on stealing organizations’ data, money, time, and reputation
Resources have always been a problem when it comes to cybersecurity. You are not always rewarded for doing security the way you are when you develop a new business application quickly. This usually leads to security teams being understaffed and overworked. At the same time, skilled cybersecurity professionals are in high demand, and there is significant turnover in cybersecurity positions.
With the Ponemon research estimating that the average total cost of a data breach is $3.86 million, preventing a cybersecurity incident in the first place is critical. But all is not lost. Solving the cybersecurity resource problem outright is not going to happen right away, but there are things that organizations can do beyond adding more security bodies. Here’s how to strengthen your cybersecurity position.
1. Establish internal security training and certification programs
Savvy organizations realize that true cybersecurity requires a cultural shift. Essentially, some level of cybersecurity must be part of each employee’s responsibility. That’s not to say that your marketing director will be on the security front lines, of course, but every employee should take part in security education and certification programs. And that doesn’t mean that you can just create a PowerPoint presentation that you force employees to sit through so they can check off a box; it means developing meaningful and relevant programs that engage employees and help them understand the cybersecurity threat and their roles in mitigating it. Think about “lunch and learns,” mock breaches, and even escape rooms.
2. Encourage security cross-pollination
If security is everyone’s job, then security resources should not be limited to the IT department. Think about ways security can cross-pollinate within the organization. Just as security is infiltrating the development arena through the growing DevSecOps movement, security resources could be integrated into other areas, as well. This will not only develop company-wide understanding of security issues, but it will also encourage cross-collaboration and the opportunity to build security into processes, products, and services from the ground up.
3. Take a hard look at your security tooling
Many organizations have security tools they don’t really need or that are out of date and can’t support new technologies such as cloud, containers, or Kubernetes. This wastes time and money. For example, many companies are running legacy security tools designed to protect systems that are no longer used.
Companies also often have too many tools to keep track of, leading to redundant tooling and the inability to manage the growing number of tools. Also, many companies aren’t making full use of security tools that are already built into existing systems, such as the operating system, container platform, or security tooling provided by the cloud provider. A thorough inventory of existing security tooling will reveal what’s needed (and not needed) to address current security concerns.
4. Put a consistent automation strategy in place
With so many moving parts in place, no human or group of humans could ever fill every security hole. Indeed, as IT environments and the world around us become more complex, so do the security events facing IT teams. A consistent automation strategy can help organizations more effectively mitigate risks by reducing human errors, remediate issues, respond quickly to security alerts, and develop repeatable security and compliance workflows.
It’s important to note, however, that automation isn’t one product or even a collection of products. Organizations should look for an approach that overlays a consistent automation strategy across app dev, infrastructure, security operations, and so on. In fact, Ponemon’s Cost of a Data Breach Report noted that organizations with fully deployed automation—versus those with no automation deployed—realize a savings of $3.58 million in average total cost of a data breach.
Is the cybersecurity resource problem unsolvable?
It’s true that, realistically, the resource problem can’t be completely solved, but it’s a problem that you can effectively address and manage with proactive planning, strategic technology implementation, and widespread, ongoing, and engaging security awareness training and collaboration. •
Lucy Kerner, Security Evangelist and Strategist, Red Hat