Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week, we cover the important factors and thoughts that go into building a blend of proactive and reactive cybersecurity strategy.
A 2018 study by Ponemon Institute on global megatrends in cybersecurity over the next three years reveals that CISOs will face a greater risk and number of cyber breaches, such as ransomware, according to 67 percent of respondents. Further, 60 percent of respondents believe that the attacks against government and commercial enterprises will become worse and lead to a cyber war.
Whether it’s 2018, 2008, or 2028, enterprises always face the same question: Is my business completely safe from cyberattacks?
The short answer would be, no business is completely safe from cyberattacks.
With the advent of new and more stringent privacy regulations, enterprises have begun to realise the gravity of data thefts and subsequent threats, but are apparently yet to invest adequately in a resilient cybersecurity strategy. When building a cybersecurity strategy, an enterprise can take two approaches—proactive and reactive. Let’s understand why.
For the most part, prevention is better than cure. Cyber criminals are constantly changing their attack strategies, so it’s important for businesses to detect and preempt attacks before they happen. A proactive strategy typically involves assessing incidents and warding off any potential vulnerable points before they can be exploited.
Proactive measures could involve continuous risk assessments, employing stringent access management policies for business applications, disaster recovery, vulnerability testing, and more. Similarly, enterprises can take the time to educate their workforce about the best cybersecurity practices, such as responding to malicious emails, spam files, or warning signs that are important factors at the prevention end of the spectrum.
Reactive measures are crucial, too. Performing perform a cause-effect analysis after an attack will help strengthen the weaknesses that allowed the attacks in the first place. Also, with the GDPR and other security legislation in place, organisations are required to report breaches as and when they happen, and take steps to mitigate and minimise the risks that come with these breaches. Hence, it’s equally important to contain a breach.
Containment involves establishing certain reactive security controls, such as streamlined incident management and a business continuity process for real-time threat monitoring and mitigation. Other reactive measures include timely patching of software and hardware, continuous monitoring of events, security and compliance auditing, and more.
For more on proactive and reactive cybersecurity practices, here are some good reads from across the internet:
1. Active, proactive or reactive: Assessing your cyber security posture
An organization’s security posture indicates how robustly they are equipped to avoid, detect, and repel cyber threats based on current information security infrastructure and practices.
2. Don’t overlook these business resilience plan essentials
Business resilience planning requires preventive and proactive protections across power supply, systems, cybersecurity, and backup procedures. Staff planning is important as well.
3. Cybersecurity Transformation: From Reactive To Proactive To Predictive
Cybersecurity program transformation is not only about making material changes to capabilities that ensure the protection and continuity of information assets, it’s also about a transformation in thinking that makes better use of capabilities already in place.
4. Why CIOs need to be proactive not reactive to cybersecurity threats
Security executives urge firms not to lose focus on prevention. They advise developing a holistic plan for IT and business units to fight cybersecurity together.
5. The most important attributes of a cybersecurity platform
Information security professionals want coverage across major threat vectors, central management, and technologies for prevention, detection, and response in any security platform.
While proactive strategies will help enterprises stay on top of attacks by gaining granular visibility of incidents happening across their networks and endpoints in real time, reactive measures will help strengthen their security perimeters and build a more resilient security infrastructure based on past oversights.
It would be ideal for enterprises to blend proactive and reactive approaches to build an effective cybersecurity strategy. With well thought-out security procedures, controls, and solutions in place, enterprises will have better chances of preempting and containing disasters and risks in the event of an attack.
If you wish to learn more about the nuances of building a proactive and reactive cybersecurity strategy for 2019, register for our upcoming webinar series here.