Cybersecurity attacks remain a key threat to organizations of all sizes, and the reality of today’s threat landscape demands significant financial and time investments. Unsurprisingly, cybersecurity threats have increased by another 17 percent this year and the cost of breaches continue to rise.
Organizations surveyed in our 2020 Security Study reported an average of 514 attacks per organization per year and spent approximately $1.1 million in direct dollars addressing cyberattacks. Respondents also acknowledged the organizational costs of these attacks impact many areas across the business, including IT, marketing, legal, governance, regulatory, sales, customer experience, administration and finance.
Though it may seem like attacks are inevitable, there are many steps an organization can take to help prevent and defend against attacks and return to a trusted state following a breach. Our team of CDW Canada experts offer the following solutions to help organizations mitigate attacks.
Review your third-party ecosystem
Relationships with third-party partners put companies at risk of serious breaches, as nearly all organizations allow their third-party partners access to propriety data. Organizations should have a clear understanding of the data accessed by third parties and ensure effective technology controls are in place to ensure partners only have access to the data they require. Organizations can consider deploying an identity access management process to ensure that vendors who require access to systems and data can be authenticated and granularly identified. Performing routine threat risk assessments and periodic questionnaires can also provide better visibility into the security of your partners. Organizations can also consider limiting the number of third-party vendors they work with, as well as performing annual check-ins to ensure service level agreements and policies remain up to date.
Adopt AI/ML cybersecurity tools
AI/ML tools for cybersecurity analysis and SOAR can help increase security effectiveness but using these tools can prove challenging. Organizations need to understand why they are making an investment in these tools and that the adoption of these tools does not necessarily reduce the need for cybersecurity expertise. If adopting AI/ML tools, it’s important for organizations to include skill set requirements for AI/ML in their staffing plans, and carefully consider the current state and capabilities of AI\ML tools before adoption.
Be aware of who and what is on your network
It’s imperative to have controls in place that provide visibility into who is accessing services and data, and what actions are being taken. Applications such as EDR and/or EMM (enterprise mobility management solutions) are great tools as they provide a space for creating user policies, provisioning, patching, monitoring and locking/wiping devices. Organizations that have bring-your-own-device (BYOD) policy should restrict unpatched devices or devices beyond their end of life and ensure all employee security policies are updated. Proper employee training regarding the importance of security controls (updating passwords, etc.) can also help mitigate attacks.
Have a recovery plan
Reducing the amount of time an organization spends recovering to a trusted state and normal operations is critical for reducing the cost of breach. Organizations should develop a comprehensive recovery plan that includes metrics for recovery time objectives and recover point objectives. Backups should be properly stored and segregated from the rest of the network, and organizations can adopt log management and forensic tools to help pinpoint when the organization was compromised. It’s important to actively rehearse recovery situations and measure recovery time and recovery point metrics to compare with objectives.
As the threat landscape continues to evolve, it is critical for organizations to shift their strategy from protection to detection and response. By implementing these practices, organizations can help improve their preparedness and confidence in their ability to detect and respond to attacks.
Talk to a CDW expert today to learn more about how your organization can mitigate cybersecurity attacks.
Download our full study for more information and recommendations.