Has Cybersecurity Become Too Reactive in this Day and Age?

Cybersecurity Too Reactive?

Cybersecurity today has become far too reactive. The constant innovation of hackers has meant that defenses are made up of a patchwork of web application firewalls, end-point protection, data-loss protection, and more. This can lead to a combination of end-point protections that don’t function well as a whole.

cybersecurity leadership

John Davis, CSO of Palo Alto Networks’ federal division, suggested that too many firms have given in to the hackers by resigning themselves to this reactionary approach. They accept that the hackers will access their network and therefore focus their time and resources on minimizing the damage. “Some of our industry has given up on the ability to prevent and is focused primarily on detection and response, which means, with a mindset like that, it means you’re always involved in cleaning up aisle nine, as some people like to say.”

Instead, he urges companies to adopt a more forward-thinking approach, an enterprise-wide culture that starts from the top. “Look at the headlines—breach after breach after breach. And so, these issues today are becoming CEO and boardroom issues. They are not dealt with strictly in the environment of the IT world.”

A recent Economist Intelligence Unit (EIU) survey (sponsored by VMWare) found that nearly half of C-suite respondents felt that cybersecurity measures were a hindrance to critical functions, delayed product launches, and stifled innovation. Given that average costs for each lost or stolen record containing sensitive and confidential data hit $158 this year, it seems counterintuitive to adopt a reactionary security policy that drains time, money, and resources.

Jim Payne at Ring Central argues that this culture leads management to becoming apathetic and resentful of cybersecurity spending, fuelling a reactive culture rather than a proactive one. By allocating your cybersecurity budget to plan ahead, you allow IT executives to prioritize against the greatest threats and deploy next generation defenses before potential breaches are exposed.

Effective planning and prioritization also gives IT a fighting chance of deploying flexible, adaptive solutions versus asking management to allocate budget for cybersecurity that will be outmoded by the time it is deployed,” says Payne.

Another study performed by the EIU found that a proactive, enterprise-wide cybersecurity strategy could reduce the growth of cyber attacks and breaches by 53% over comparable firms.

cyber reaction

Board engagement is key to this strategy succeeding: only the C-suite has the influence and resources to effect a truly efficient and effective transformation of cybersecurity policy. Jeffrey Ritter, author of Achieving Digital Trust, states that, “Boards become actively involved in security when they realize that security drives revenues and customer loyalty… If partners or customers are not confident about how secure your business is, they will decide to not do business with you.”

As well as changing policy from within, there are measures that can be taken to find bugs that you miss, such as “bug bounty” programs—offering rewards to ethical hackers for discovering flaws before they can be taken advantage of.

This isn’t a change that can be made overnight. It takes time and effort to develop good security governance across an entire organization. However, with a forward-thinking and education-driven security policy, you can expect to see significant savings and a reduction in cybersecurity breaches. It is critical that this culture is adopted and driven from the top down, or the reactive and unreliable approach may start to creep back in.

Sponsored series courtesy of Ring Central 

By Josh Hamilton

Amazon's Varies Revenue Segments

Amazon’s Varies Revenue Segments

Amazon Revenue Amazon has become the largest retailer worldwide, however it is projected to make up less than 5% of U.S. retail sales by the end of 2020. While most people are already familiar with ...
Kaylamatthews

What You Need to Know – IoT and Real-Time Operating Systems

Real-Time Operating Systems A real-time operating system, or real-time OS, appears to execute tasks while using a single processing core simultaneously.  However, what's really happening is that the tasks' response time is so fast that ...
Steve Prentice

Cloud-Based Financial Software Reinforces the 80/20 Rule of Business Management

Cloud-Based Financial Software Sponsored by Sage 50cloud Small businesses are known for being innovative and customer-focused in a way that their larger competitors cannot. This transforms into a significant advantage. In fact, the ability for ...
Matt Holleran

Cloud Platforms, Marketplaces, and Startups

Cloud Platforms, Marketplaces, and Startups One of the most exciting recent developments in the cloud software business is the proliferation of partner ecosystems, with large public and late-stage private cloud companies creating their own marketplaces ...
Data Issues DBMS

Advantages of Database Management Systems (DBMS)

What Is A Database Management System (DBMS)? (Updated: 04,22,2020) A Database Management System, or DBMS, allows its users to create, read, delete and update data within a database. The management system works as an interface between ...
Yuri Sagalov

IT Culture Clash Where Employees Use Multiple Devices To Collaborate

Employees use multiple devices to collaborate It used to be that company IT decision makers could simply dictate the software that business units would use. However, in today’s business the IT culture clash where employees ...