R.I.P rip and replace: making the most of your existing cybersecurityBy David Stark,
Recently, global organisations have been in recovery mode, determined to regain their trading positions and working hard to stay afloat in the face of increased cashflow pressures – and this has had a direct effect on their security.
Overnight, huge sections of the workforce switched to full-time homeworking to keep the business going, but this put a strain on the security department’s visibility and control over their estate. However, although organisations’ security capabilities have been stretched and, in some instances, severely tested, organisations have also learnt a lot about the value of agility and how to respond quickly to the unexpected in this time.
Now they need to use that knowledge and those new skills as part of their ‘bounce back’, to recover this lost security posture. It’s critical because cyber risk isn’t just an existential risk, it’s a real risk to your business - and a data loss or breach will affect your brand, trading position and, potentially, your organisation’s survival.
Resist the impulse to take control
Given the circumstances, it’s only natural organisations would want to take back control as a reaction to the immediate security risks they’re facing. It’s even possible that organisations will react so strongly they’ll think they need to rebuild their security entirely, looking at a rip and replace strategy. There’s also likely to be an intense impulse, in the face of the more complex threat landscape, to start taking on more and to secure everything inhouse.
I’d caution against going with these impulses. Focusing too much on your immediate worries, might mean you don’t invest in what you need to improve your longer-term security standing.
And rapidly moving everything inhouse could easily overwhelm your organisation at an already challenging time, stretching scarce skills and resources even further.
Instead, focus on building flexibility and agility to prepare your organisation for whatever’s around the corner, and start by exploring how you can strengthen your cybersecurity using what you already have.
Maximise the value of your existing investments
Too often, organisations fall into a trap of feeling like they’re improving their security by buying the ‘latest and greatest’ solution out there. It’s not uncommon for large organisations to have over 50 security tools in their estate. But they’re rarely getting the most out of their acquisitions, and the ‘best ever’ technology ends up falling into disrepute. In reality, taking on more solutions means an increased need for scarce skills, meaning you’re competing for talent in the market. More solutions also come with the risk that you could just end up with more alerts, higher costs, and no guarantee that your existing measures are any safer than before.
A more effective strategy to minimise your longer-term risk is to review your business outcomes in relation to your critical assets in the light of what’s happened over the last 18 months. The next step is to look at your existing security architecture and controls, identifying your priorities in terms of what to strengthen and what gaps you have to address. You can then apply that revised approach to any business projects currently inflight or under consideration to make sure that these changes are factored in. Your security ‘by design’ approach will be informed by this new flexibility and responsiveness to the business’ needs. Instead of bolting it on afterwards, you embed the policy, visibility and control you want into your architecture at the start of every project. By considering and adopting security from the outset, as opposed to buying reactively, you’ll get longer-term value from your cybersecurity investments.
Security is a team game
Having reassessed what you’ve got, you can move on to identifying gaps in your security – whether that’s around your people, processes or technology. Due to the current shortage of skilled cybersecurity workers globally, very few organisations have the inhouse skills to manage their security to the levels they want without external support.
A renewed impetus around co-management is emerging, where organisations are turning to like-minded security partners to co-manage and defend their ecosystem. It’s a straightforward way to make the most of your existing investments and create the bandwidth within your own teams to introduce new capabilities – even if you don’t have the skills to do it yourself.
As we often say, security these days is a team game, and being afraid to look for partners to help fill your security gaps will be a mistake. Co-management can increase your agility and responsiveness, and also guide your investment into the right resources. A trusted and experienced adviser can give you a sense of your risk profile and where you need to focus your energy.
An experienced partner
Here at BT, we’re both a practitioner and a service partner, so we understand both sides of the story. We do everything for ourselves and deal with over 6,000 cyberattacks every day. We understand the depth and complexity of the issues you’re facing and deal routinely with a wide variety of incidents most individual organisations will never have seen before.
If you’d like to find out more about how our longstanding experience could help shape your organisation’s cybersecurity strategy, please get in touch.