Cybersecurity is becoming a hot topic for organizations that are quickly adopting modern technologies and moving into the digital space.
Organizations operating in the growing digital environment are facing increasing complexities in managing technology-savvy employees, customers, and regulators while defending their technology platforms and data against cybercriminals.
Accelerating requirements and available capabilities imposes an unprecedented burden on organizations in terms of adapting to rapidly changing digital conditions. This is not about a single, revolutionary technology, but a convergence of humanity’s entire conduct of activity with a significant digital dependency, in such a short period of time relative to the previous century.
From a security perspective, each new service that society moves into the digital space creates more risk for organizations to manage. Cybersecurity professionals and programs are scrambling to keep up as businesses employ improving technology to accelerate their growth. Compounding this challenge are the realities around recruiting from a talent pool where supply is lower than the demand and ongoing efforts needed to retain existing talent. This dose of reality makes it difficult for organizations to keep pace and maintain a strong security posture.
The good news is that the technology that is enabling digital acceleration (e.g., cloud) for businesses is now on the verge of enabling security in an equally impactful way. This paper explores the areas where smart cybersecurity is being employed, and how it is enabling organizations to secure their business like never before.
The burdens we share
There are several reasons why security teams and organizations struggle to optimize their security posture. Below are several of the challenges all organizations face in the current environment:
Many solutions can be overly complex to operate in an optimized and meaningful way. Not being able to properly configure and operate a solution often leads to organizations turning to expensive vendor professional services or adding gap-filling technologies, which can lead to technology sprawl and increased costs.
Adding technologies to fill visibility gaps need to be carefully considered. Will the organization be able to acquire the people and skills necessary to operate the solution, and does the solution create other issues as a result? Are costs being considered when looking to layer on a new solution?
As technology redundancy and overlap grow in an organization so do the associated costs to manage them. Attempts to rationalize technologies and remove duplication become difficult as other business demands take priority. The cycle continues, which then drives inefficiencies we cannot afford and can create blind spots in your security pogram
Acquiring skilled cybersecurity professionals is a challenge in terms of attracting, equipping, and sustaining strong talent across a variety of technologies. Many factors are driving the security resource shortage including a lack of trained professionals, surging demand, a lack of historical business investment, staff burnout due to understaffing,
increasing volume and sophistication of threats, and new challenges presented by more automation and remote work.
Security teams spend too much time chasing alerts resulting in dead-ends. This is often a result of sensors not being configured properly or alerting thresholds set too wide. Chasing low priority, non-correlated, alerts distracts and beleaguers teams increasing the risk of breach and staff turnover.
The burdens described above are widely shared and experienced in the field of cybersecurity. Organizations are quickly realizing that no one vendor or solution corners the market in terms of eliminating all risk.
However, with a risk-based approach to security programming one can gain a significant security advantage by employing strong technologies (e.g., Microsoft Security Solutions), strong processes (e.g., incident management), and strong talent (e.g., qualified on the tools).
What can organizations do?
Modern cloud platforms, AI, and intelligence-enabled solutions are helping organizations gain confidence and further reduce risk by embracing the ease and reach of security in the contemporary IT environment. This convergence is enabling unprecedented levels of cybersecurity capabilities. This paper goes on to outline how emerging technologies are changing the paradigm and how smart processes can alleviate burdens without high cost and complexities.
Emerging capabilities can help
A practical approach to reduce burden
We often find organizations take a short-term tactical approach when delivering security capabilities. This is typically driven based on reactions to breaches, audits, vendor, or professional services advice, etc. There is a significant risk to this approach in terms of overall effectiveness, cost, staffing, and can lead to a decrease in security posture.
BDO proposes the following approach to enabling an organization’s security posture.
The first step is to address if you have the access and reach to effectively investigate and act on any security issue brought to your attention. BDO prepares your environment in this regard to help ensure that the information required to track threats is available, accessible, and timely.
The highest fidelity, most integrated technology sets are prioritized to help provide maximum visibility across the widest possible aperture. We prioritize integrated technologies such as cloud platforms, EDR, and solutions that incorporate threat intelligence filtering.
In order to help ensure quality, sustainability and good organizational outcomes, one of the critical areas is the requirement for internal process. With high-quality alerts available, the organization needs to be able to act. For example, without a documented and understood security incident response process, organizations may find themselves taking longer to contain and recover.
Once the fundamentals are firmly in place, BDO expands the security aperture to add additional surveillance layers
such as applications, business logic, or insider threat. We deploy custom use cases to illuminate threats across all of your attack surfaces, which can maximize the organization’s visibility into security events.
BDO continuously assesses the market along with its tech stack to help provide maximum effectiveness, efficiency, and value for our clients. Sustainment is a core aspect of maintaining a valid security posture, and right-sized skilling, and tooling. Defense in depth is critical to the success of any security program, so knowing when to re-configure vs. replace a technology based on the market and your specific position is critical.
Drastic improvement is within reach and starting to happen. Smarter technologies are completely upending the industry’s approach to security. Modern security programs are changing faster than ever and the use of contemporary technologies alongside a smart approach and experienced advisors such as BDO are helping to increase the pace of change and improvement, for those who are embracing it.
Key Contacts
Rocco Galletto, Partner and National Cybersecurity Leader
Rob Philpotts, Director and Lead, Cyber Threat Management and Response
This piece was originally developed by BDO USA. All rights reserved.