October was Cybersecurity Awareness Month, and the overarching theme for this year was “Do Your Part. #BeCyberSmart.” The objective behind this message was to encourage organisations to take ownership in protecting their employees, customers and stakeholders. But this is much easier said than done. The disruption this year has made cybersecurity more complex than ever.
Before 2020, organisations were already investing in new applications, technologies and cloud-native solutions to optimise operations, gain competitive advantage and maximise growth. Due to the pandemic, these digital transformation initiatives have greatly accelerated to support a distributed workforce and remote business operations. Businesses have rapidly moved additional workloads to the cloud, deployed new technologies, and reconfigured their corporate networks. As a result, some processes needed to be deprioritised, and they are now facing an expanded attack surface and a greater volume of exposed vulnerabilities.
Security teams have been under significant pressure this year to secure a greatly expanded distributed workforce. This situation has been exacerbated due to previously existing challenges: a widening cybersecurity skills gap, increasing complexities and limited visibility into their entire fragmented estate. Compounding this is the inherent truth that organisations are working with ineffective and inefficient security operations. With a 34% increase year on year in vulnerabilities, and a 72% year-on-year increase in new ransomware samples (source: Vulnerability Threat Trends Mid-Year Report, Skybox Security, July 2020), simply working faster is not the answer. However, for security teams to work smarter, they need insight to make informed decisions and prioritise accordingly.
However, security teams currently lack the contextual data that’s necessary to effectively reduce the cyber exposure of the attack surface in the face of rapid change. Because of this, they are overly reliant on reactive security measures that are not designed to stay in front of the current volume of new incidents and vulnerabilities. And with the threat of severe fines hanging over their heads at a time of global economic uncertainty – the average cost of a data breach in 2020 is estimated to be US$3.86-million, with average cost of noncompliance estimated at $14.5-million (source: Ponemon Institute) – there is a clear impetus to change the status quo.
To #BeCyberSmart, organisations need to have network-wide context that allows the security function to #SeeAroundCorners and act proactively.
Security changes are being made blindly
Many security teams entering the challenge of the pandemic were faced with the daunting challenge of making many changes with an incredibly outdated and inefficient change-management process. In many cases, this entailed using Excel spreadsheets to submit and approve firewall changes. This manual approach lacks the governance of confirming that changes are reviewed, planned and approved correctly and does not include a closed-loop process to ensure that the implemented change matched the intent of the change request.
In the scramble to implement policy and rule changes quickly, many security teams lack the visibility into their network topology and configurations to accurately determine and implement the necessary changes to achieve the desired business goals. In their efforts to enable their distributed workforce and secure their perimeter, they could have actually been unknowingly introducing new risk.
The reality for many is that they’ve been blindly applying changes without proper assessment of impact on cyber exposure. In many cases, this leads to new vulnerabilities being exposed, and systemic risk being introduced across the organisation. This is particularly problematic considering 91% of enterprises (source: VMware, 2020) have reported an increase in cyberattacks over the course of the pandemic.
Change management needs context
Traditional approaches to change management – treating each change manually and on a case-by-case basis – are now unmanageable. With a limited number of human resources, and compressed change cycles, these changes bring about an increased level of risk. Limitations of manual-led processes have been known for years — 95% of all breaches are due to human error (source: IBM, 2014) — but the pandemic has put a finer point on this issue.
The “new normal” requires more agility and change than ever before. As such, organisations need to rethink their long-held practices. Where automation was once a nice-to-have, it is now a must-have. Where network visibility was once considered an aspiration, it is now a necessity. Where security teams could rely on antiquated change management capabilities, they now need to modernise.
To ensure security policy changes are adequately analysed and properly deployed without introducing new risks, organisations need context-aware change management that coalesces the decision-making process across enterprise security and network teams. To minimise systemic risk as traditional network perimeters vanish, organisations need to be able to gain complete visibility and understanding of their networks to effectively implement changes. This requires merging and analysing data sets from complex layers of security, networking and cloud technologies. To ensure policy changes are adequately analysed and properly deployed without introducing new risks, organisations need prescriptive analytics to quickly map and remediate vulnerabilities while making rule changes that approve overall security. This is only possible through the unification of vulnerability and security policy management capabilities.
Organisations that “do their part” and take these steps to implement context-aware change-management technologies and automated processes will not only protect their employees, customers and stakeholders, but they will experience significant direct business benefits. By taking a context-aware change-management approach, several of our customers reported that IT security teams improved change management efficiency by up to 80% with customised, automated workflows. Others were able to narrow their risk assessment window from days to minutes.
And these are just a few examples. Security teams that modernise their approach to change management will benefit in numerous ways including:
- Faster, better and more informed decisions
- Improved firewall performance
- Increased remediation effectiveness
- Reduced compliance risk
- Increased efficiencies across resources and technologies
Learn more about how you can #SeeAroundCorners and intelligently plan your response here.
About Skybox Security
At Skybox Security, we provide you with cybersecurity management solutions to help your organisation innovate rapidly and with confidence. We get to the root of cybersecurity issues, giving you better visibility, context and automation across a variety of use cases. By integrating data, delivering new insights and unifying processes, you’re able to control security without restricting operational agility. Skybox’s comprehensive solution unites different security perspectives into the big picture, minimises risk and empowers security programmes to move to the next level. With obstacles and complexities removed, you can stay informed, work smarter and drive your organisation forward, faster. To learn more about Skybox Security, contact us email@example.com.
- This promoted content was paid for by the party concerned