Steve Durbin, Chief Executive, Information Security Forum
With inflationary pressures mounting and downturn fears hovering, it’s natural for organizations to scale back on their overall spending, including cybersecurity. After consecutive years of double-digit growth, cybersecurity spending appears to be slowing down mainly because CISOs are struggling to secure budgetary approvals. What’s more, this is happening at a time where cyberattacks and data breaches are reaching new highs and cybersecurity teams are feeling overwhelmed and overburdened with work.
Budget restrictions are never good for cybersecurity.
When security leaders are forced to apply brakes on their security budgets and plans, organizations invariably become more vulnerable to attack, unable to defend themselves adequately against emerging and evolving threats. Every industry goes through cycles of economic hardship and financial constraint. This is why it’s necessary for security leaders to adapt to circumstances, act with pragmatism and leverage economic adversity as an opportunity to fine-tune defenses and strengthen the organization’s cyber resilience.
Listed below are some best practices and recommendations that can help organizations get the most out of their cybersecurity even during a downturn:
1. Identify, Evaluate And Prioritize Threats
Just as doctors review patient profiles to diagnose problems and recommend therapies, security teams must conduct a thorough risk assessment to identify the biggest risks a business faces. Next, they must prioritize vulnerabilities and attack vectors based on severity and impact to the business and determine whether the organization already has protections in place to mitigate those risks. It’s also advisable to adopt threat modeling techniques to model real-world scenarios and assess exposure to identified risks.
2. Establish Visibility
Implement robust monitoring systems that help provide in-depth observability into the entire IT estate, real-time traffic patterns, user actions and third-party activities within the supply chain. Regularly and proactively analyze user, application, and data from security systems to identify anomalies, unusual patterns, and potential risks. Train employees and key suppliers to be aware of social engineering and phishing scams, identify and report suspicious content and alert security teams where necessary. Human instinct is one of the least invoked security defenses that organizations can tap, and it literally costs nothing.
3. Adjust and Communicate Risk Appetite
Communicate risks clearly to key stakeholders and policy makers, explain what’s at stake and agree on an acceptable threshold (level of downtime, consumer reaction, financial impact, etc.). Ensure that employees and key supply chain partners are made fully aware of the organization’s risk tolerance and appetite. Review risk appetite at regular intervals as this can vary based on factors such as the threat landscape, market conditions, and the overall company strategy.
4. Foster Agility
Every organization faces threats that are unique and bad actors’ capabilities are constantly evolving. It is therefore necessary that organizations continuously monitor and adjust security policies and tactics. Consider leveraging AI-based security tools that can adjust dynamically, operate autonomously, and reduce dependence on human resources for decision making. Security teams must also be transparent with employees, improve their awareness and understanding of emerging risks and encourage them to adapt and find creative solutions to these challenges.
5. Collaborate And Learn From Others
Cybercriminals are known to collaborate and share tactics with each other. Defenders and security teams must do the same. Engage with peers, supply chain partners and business associates to understand the challenges they are facing and the solutions they are implementing. Join industry networks, attend conference events and webinars, share learnings and exchange threat intelligence and best practices.
6. Be Ready With Incident Response Plans
When your shields are down, it’s always a good idea to prepare the organization for a worst-case scenario. Establish a dedicated team for incident response management, define clear roles and responsibilities, develop playbooks that address the most common types of incidents, have a communication plan in place that outlines key procedures and contacts and finally ensure that you practice the incident response plan to best familiarize people; review it with your team at regular intervals to help streamline processes.
History shows that whenever economies become volatile, cybercrime escalates. This is because threat actors and adversaries are inherently opportunistic. To counterbalance this threat, organizations must zero-in on the top risks, practice agility, transparency, and collaboration across their entire ecosystem; boost security awareness and aptitude in employees and have a contingent plan ready for any emergency. If organizations can follow these best practices diligently, they will surely emerge more resilient post any economic downturn.
Image by rawpixel.com on Freepik