Welcome to our “Understanding Cybersecurity” series of blogs! This series is focused on providing explanations of cybersecurity terms and concepts in layman’s terms. We want to demystify the world of cybersecurity, one topic at a time. Our team believes that a unified cybersecurity community is the best way to defeat cybercrime. One of the main issues we run into when speaking with organizations is the lack of a common vocabulary when it comes to cybersecurity. This series should help act as a reference point for both technical and non-technical readers.
A rising tide lifts all boats – but those stuck on land can be caught unprepared. The current accessibility of technological advancement has created opportunities for smaller organizations to access the same resources as major enterprises. However, this explosion of progress has created a critical security gap as many organizations rapidly transform their IT operations with a focus on cost containment rather than security. 2020 and 2021 have kickstarted some of the most rushed technology transformations in history for small business and local government. The mandated shift to remote operations acted as a catalyst for massive overhauls but left many organizations exposed with these new avenues into their network.
Cybersecurity is no longer a niche concept in the world of business and government. Managed cybersecurity services, cyber insurance, dedicated incident response teams, and even cybersecurity concierge services are all expanding into the small business and local government sectors. One of the largest shifts observed by our team in recent years, even pre-Covid, was a trend towards Software-as-a-Service applications and hosted infrastructure in the cloud. These types of changes act as force multipliers for small organizations while reducing some costs and risks associated with legacy systems. These developments (along with the many others observed in the past decade) have shifted the conventional security model into a focus on endpoints and user account security. Dedicated internal cybersecurity teams and/or outsourced cybersecurity managed services have become an absolute necessity for organizations of all sizes and industries.
Executive Cybersecurity Buy-In is Critical
As a managed cybersecurity firm, we work tirelessly to accurately gauge the risk posture associated with many organizations. With the rapid pace of change, modern cybersecurity trends can sometimes flip conventional practices on their head. These changes can be difficult to convey when trying to communicate the risk posture of an organization to executive business and financial leadership. In fact, according to Gartner, Inc., they highlighted a “security-savvy board of directors” (Gartner Top Security and Risk Trends 2021) as one of their highlighted trends for 2021. This observation closely matches our team’s experiences regarding leadership.
“Security-savvy” leadership is better at understanding the threats and performing financially responsible risk management. In our experience, an organization is more vulnerable when leadership lacks the common vocabulary and prerequisite knowledge regarding key security concepts. While very few management roles should be expected to understand the nuances of a cybersecurity risk management plan, cybercrime has reached a point that warrants serious financial consideration. Directors that possess cybersecurity know-how are often more likely to lead their organization in the right direction and reduce the risk of a critical cyber incident – all while saving resources by streamlining controls.
This undertaking doesn’t need to be completed solo. We have observed a sharp increase in security consultation requests over the past year. Outsourced cybersecurity services and third-party executive cybersecurity consultation is steadily on the rise as organizations find it more and more difficult to properly obtain the knowledge, resources, and solutions internally.
Security Management is Key
A well-founded cybersecurity concept is the idea of Defense-in-Depth. We have previously discussed this topic in other posts, but essentially this is the idea of properly layering cybersecurity controls in ways that provide redundancy and layers of security. This concept can be viewed through a multitude of different lenses, but we want to focus on the 2021 trends of defense-in-depth regarding endpoints and identity management.
The endpoints of an environment are the workstations, servers, mobile devices, and other “end-to-end” devices within a network. Generally, these are a prime target for attackers due to the fact that user machines and servers fall under this category. When considering a defense-in-depth strategy for an organization’s endpoints, planning usually offers a distinct lack of redundancy and coverage. Anti-virus is the most common defensive solution on most endpoints, but this protection is only one small stopgap against the daunting array of attack techniques. Modern solutions for endpoint security are generally managed by specialized staff and systems that have the ability to prevent, monitor, and remediate cybersecurity incidents. Security solutions and services such as Managed Endpoint Detection and Response (live monitoring and central remediation), SIEM/SOC services (device logs monitored by a live staff), and Application Whitelisting software have enabled a truly redundant suite of cybersecurity controls for a significantly more affordable price.
Authentication and Identity Management is not a strictly “new” trend in cybersecurity, but the renewed importance of properly monitoring account usage has led to a revolution in available offerings for organizations of all sizes. Previously reserved for enterprise, our team has observed a sharp spike in the acquisition of advanced solutions such as managed Single-Sign-On and third-party access monitoring. By keeping the costs realistic and countering ever-increasing attack trends, the risk/benefit analysis is steadily shifting in favor of identity management services. One of the primary benefits to this trend is the unusual nature of simultaneously improving the end user experience while increasing security – a rare occurrence.
Co-Managed Cybersecurity – Outsourced Cybersecurity is not Exclusive
As public and private organizations grow accustomed to the realities of cybersecurity management, many realize that outsourced cybersecurity can work alongside existing staff to augment capabilities. Our team is always quick to emphasize the cohesive nature of co-managed cybersecurity services. By filling gaps in the cybersecurity skillset and solutions within an organization, third-party cybersecurity firms can enable a team to refocus on core objectives.
The past several years have presented unpredictable challenges to all organizations. The trends within cybersecurity and the swarm of cybercriminal activity only served to add to the stress of a world-wide shift in operations. Both public and private leadership have a duty to properly observe trends and take action where possible. When unsure of next steps, engage an experienced consultant. Research, consultation, and action are the best remedies to the multitude of cybersecurity challenges facing the nation’s government and businesses.
Panetta, K. (2021, April 5). Gartner Top Security and Risk Trends for 2021. Smarter With Gartner. https://www.gartner.com/smarterwithgartner/gartner-top-security-and-risk-trends-for-2021/.