2nd Edition

Tracking the trends and news for IT and IT Security

Paul

Why data-driven defense is key in cybersecurity

apple-touch-icon.png?v=5Why data-driven defense is key in cybersecurity>
Fast Company – Stu Sjouwerman
The success of and rapid growth in cybercrime is a testament to the fact that most organizations continue to be inefficient defenders. Letâs explore the top five reasons why businesses may be inefficient in their approach to cybersecurity:

1. OVERWHELMING NUMBER OF VULNERABILITIES AND ALERTS Burdened with security alerts, teams often fail to identify or prioritize risks correctly. Some even admit to turning a blind eye to security alerts when their plates get too full. 2. NOT ENOUGH FOCUS ON ROOT CAUSE ANALYSIS 1,200 cybersecurity professionals, 80% of respondents report suffering repeat attacks. Top root causes include phishing, social engineering, software vulnerabilities, human error, malicious insiders, leaked credentials, misconfigurations, and compromised supply chains. 3. TOO MANY PROJECTS AND PRIORITIES almost 50% of the more than 200 security professionals surveyed report moving focus to IT duties while 91% of IT workers surveyed felt pressured to compromise security. Compliance is another thing that provides a false sense of security. 4. THE SECURITY COMMUNICATION PROBLEM More than half of cybersecurity professionals surveyed cite a lack of soft skills like communications and leadership as one of the biggest skill gaps in the pool of professionals. 5. HUMANS ARE POOR AT RISK EVALUATION About 1.25 million people die from car accidents every year while the average annual deaths from an airplane rarely top 1,000, yet there are more people afraid of air travel than they are of using cars. Similarly, mosquitoes kill more people in one day than sharks do in 100 years; however, our human instinct makes us warier of sharks. The same rule applies to cybersecurity as well. BUSINESSES SHOULD ADOPT A DATA-DRIVEN DEFENSE APPROACH A data-driven approach means that the business enables the security function to make decisions based on factual data. There are three main elements of a data-driven defense approach: Focus on initial root causes Focus on the top exploit methods Focus on local threat intelligence
Link: https://www.fastcompany.com/90701936/why-data-driven-defense-is-key-in-cybersecurity

Categories:

Tags: