Watch the Low-Code/No-Code Summit on-demand sessions to learn how to successfully innovate and achieve efficiencies by upskilling and scaling citizen developers. Watch now.
As the number of cybersecurity incidents increases, critical infrastructure and global enterprises are increasingly being targeted by financially motivated cybercriminal gangs and even national threat actors. Today’s organizations face increasing threats and increasing risks due to a constantly evolving threat landscape.
New cryptojacking and ransomware programs last year increased by 75% and 42%respectively all while OT vulnerabilities jump 88%. In general, companies experience average 270 to attack in 2021, an increase of 31% compared to 2020.
It is clear that threats are growing at an unprecedented rate, forcing security teams to grapple with the seemingly endless challenges these risks pose. To address the business risk now at the forefront of conversations with cybersecurity boards, companies in both the public and private sectors have implemented cybersecurity frameworks such as NIST and MITER ATT&CK.
Cybersecurity frameworks are designed to help businesses and governments better understand, manage and mitigate their cybersecurity risks. Currently all 16 critical infrastructure sectorsincluding energy and manufacturing, using the NIST framework, while 80% of companies use MITER ATT&CK. A recent ThoughtLab study found that leading organizations often use more than one frame to meet global standards and improve cybersecurity outcomes.
While frameworks such as NIST and MITER ATT&CK provide a practical foundation for basic cybersecurity practices, organizations should view them as the beginning of their cybersecurity journey, not the final destination. To ensure they have a well-rounded and effective security program, companies need to build on the framework and move beyond a “check-the-box” mindset to achieve a continuous state of security.
Break the traditional reactive “scan and patch” approach
While frameworks such as NIST and MITER ATT&CK provide organizations with a starting point, these frameworks focus on reactive strategies that are no longer sufficient to keep up with the pace and scale of threats. For example, two of the five core pillars of the NIST cybersecurity framework focus on detect-and-response tactics, which occur after an attack. While the MITER ATT&CK framework is a guideline for classifying and describing cyberattacks and intrusions, the guidance it provides is also linked to an attack response tactic.
Reactive strategies outlined in cybersecurity frameworks that focus on scanning and patching are not just slow and laborious; in many cases, they also do not reflect the level of risk associated with a threat. This often results in valuable resources being wasted on false alarms.
While cybersecurity frameworks are voluntary guidelines for private sector organizations, federal agencies and government contractors are required to comply with NIST’s cybersecurity frameworks. This creates a strong focus for public sector organizations on achieving compliance rather than developing proactive strategies that will have a greater impact.
Proactively combat current cybersecurity threats
The threat landscape has evolved dramatically, while cybersecurity practices unfortunately lag behind. Traditional approaches are no longer enough to withstand a growing attack surface and increasing threats, so what’s the alternative? A recent study from ThoughLab sheds light about how a group of organizations are flipping the story, ignoring the reactive models of the past and shifting cybersecurity to a process of precise, continuous exposure and threat management that can identify and mitigate risk.
This proactive approach to cybersecurity includes regularly assessing the likelihood and impact of risks, performing advanced quantitative and scenario analysis, integrating cybersecurity into enterprise-wide risk management, and working with business leaders to proactively mitigate risk. A risk-based approach enables organizations to achieve greater cybersecurity proficiency by giving them the tools to identify, measure, prioritize and manage the threats they face.
Amid the current economic uncertainty, security leaders need a way to mitigate risk in a timely manner while ensuring they have tools that can quantify the economic impact of cybersecurity risks on the business. By quantifying risk through risk analysis, organizations can identify and prioritize threats and ultimately calculate the true return on investment of their cybersecurity strategies.
Risk-based cybersecurity has been proven to reduce breaches
By taking a proactive approach to defending against critical threats, organizations can effectively focus their remediation efforts on vulnerabilities that expose them to cyberattacks. According to recent research, 48% of organizations without breaches in 2021 a risk-based approach to their security programs.
In addition to cybersecurity frameworks, modern risk-based strategies enable organizations to build robust, modern cybersecurity programs that defend against today’s unpredictable threats, especially for security teams tasked with protecting complex environments.
Gidi Cohen is CEO and founder of Skybox Security.
Data decision makers
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including the technical people who do data work, can share data-related insights and innovation.
To read about advanced ideas and up-to-date information, best practices and the future of data and data technology, join DataDecisionMakers.
You might even consider contributing an article yourself!
Read more from DataDecisionMakers