Written by Ricardo Villadiego on March 06, 2019
Making the Shift from Cyber Reactive to Cyber Resilient
The cybersecurity landscape is changing - make sure your organization is keeping up.
The evolution of IT has greatly outpaced that of cybersecurity. For this reason, organizations need to embrace cybersecurity innovation – before it’s too late. While security hasn’t stood still, it hasn’t progressed quickly enough to fully address today’s digital and gig economy realities, such as:
- Traditional security controls that were designed to protect a static network boundary are ineffective, as that boundary no longer exists.
- Today’s workforce is mobile, multigenerational, and borderless, which complicates security measures and policy enforcement.
- The cadre of global, IT-driven services and partnerships have expanded geolocation requirements.
- Internet-connected smart devices have dissolved the network perimeter.
- IT assets sit on and/or off-premises, and in public and/or private clouds; as attack surfaces increase daily, it becomes more difficult for security teams to know where to focus.
While it’s impossible to protect everything, solutions and strategies are available to empower organizations to from being cyber reactive to cyber resilient. Focusing on the following three areas will have an immediate, tangible impact on the road toward cyber resilience:
- Reduce the Attack Surface: This involves invisible workloads, employing fine-grained microsegmentation, mapping the digital footprint, understanding vulnerabilities, and much more.
- Secure User Access: Tap into the concept of Zero Trust, where trust must be proven before access is granted. The key is to focus on identity and context, multidimensional user profile verification, and granting access privileges based on defined factors.
- Neutralizing Adversaries: Accept that you’re not immune from attack and work to keep environments as clear of threats as possible. Suggested strategies include monitoring, advanced threat detection/removal, stopping threats that bypass preventative controls, analytics and machine learning techniques, and more.
In a recent Forbes article, I dove deeper into these steps and how to implement them in your organization’s security strategy. Click here to read the full article.