- Even though breaches and attacks can still happen, investing in cybersecurity remains crucial for businesses.
- It’s about mitigating risks, protecting customer trust, preserving your reputation, and ensuring your business can continue without major disruptions.
I apologise if the title of this article sounds a little hopeless, perhaps even a little despairing. This was a question I posed on a couple of my social media profiles where I interact with many specialists in the field, LinkedIn and Twitter.
This wasn’t indicative of a looming existential crisis; rather it was prompted by the realisation that we, vendors and practitioners alike, are a very long way from consensus on this foundational consideration.
If we do not have a clear and widely agreed sense of the overarching goal we are trying to achieve, or indeed the motivations and stakeholders that we should address, then we are doomed forever to be firefighting at best, or even worse actively working at odds with the goals of our colleagues and our employers.
Securing the environment
If you ask the UK National Cyber Security Centre (NCSC), the official response is “Cybersecurity’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access – both online and at work – from theft or damage. It’s also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.
Cybersecurity is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it’s difficult to imagine how we’d function without them. From online banking and shopping, to email and social media, it’s more important than ever to take steps that can prevent cyber criminals from getting hold of our accounts, data, and devices”.
This all seems slightly myopic and isolated, surely the point of cybersecurity is something greater than some amorphous concept of device, service, and data protection! That is what we do, the greater question is why. Isn’t the goal we aspire to a loftier one? Shouldn’t it be?
So, what did the community response to this entirely open question look like? Well, first it certainly confirmed my feeling that we are far from consensus.
The responses ranged from mildly concerned for my well-being, to deep consideration for the question at hand, and of course, at least one person used ChatGPT to answer the question!
Some of the more incisive observations included “to go from uncertainty to a degree of certainty”, “To enable the business to achieve its mission effectively by minimising the impact from adversarial interference”, “To manage digital risk in a way that most positively impacts the business” and the amazingly concise “Mitigate risk – Increase survivability.”
These responses, while necessarily brief are getting much closer to the heart of the response.
For me, the point of cybersecurity is to create a secure and trustworthy digital environment, protecting individuals, businesses, and governments from the risks and threats associated with the use and misuse of technology.
Key considerations
Ultimately, cybersecurity empowers enterprises to embrace technology with resilience, secure their future, and thrive in the dynamic digital landscape.
When building a cybersecurity function, organisations must prioritise key considerations: assessment and management of risks, the establishment of a comprehensive security framework, and recruitment of skilled personnel.
The adoption of appropriate technologies, cultivation of employee awareness, development of robust incident response plans, continuous monitoring, and improvement of defences, and enabling effective collaboration and information sharing are also crucial.
This holistic approach ensures proactive protection, efficient response, and ongoing adaptation to the evolving threat landscape.
By investing in these pillars, organisations empower their workforce to become a line of defence, detect and respond to incidents effectively, and cultivate resilience.
Concrete steps for CISOs
Here are some concrete steps for CISOs to consider that help maximise the efficiency of a cybersecurity function aligned to business requirements:
- Tailor cybersecurity to business needs: Understand the unique risks, compliance requirements, and operational objectives of the organisation. Align cybersecurity efforts accordingly to ensure that security measures are relevant, effective, and proportional to the specific business context.
- Develop a risk-based approach: Prioritise cybersecurity efforts based on an accurate asset registry, and dynamic risk assessments of the potential impact on the business. Focus resources on identifying and protecting assets, systems, and processes that are essential for business operations, customer trust, and regulatory compliance.
- Foster collaboration between cybersecurity and business teams: Establish bi-directional communication channels between cybersecurity teams and business units. Encourage collaboration and involvement from stakeholders to understand their specific needs and integrate security seamlessly into their business processes.
- Implement automation and intelligent technologies: Leverage automation, artificial intelligence, and machine learning technologies to enhance the efficiency of cybersecurity operations. Automate routine tasks, streamline workflows and utilise intelligent analytics to identify threats, prioritize alerts, and respond swiftly.
- Clarify roles and responsibilities: Define cybersecurity-related roles and responsibilities within the cybersecurity function and across the organisation. Establish accountability for cybersecurity measures and ensure that individual employees understand their role in maintaining a secure environment. Encourage cybersecurity champions across business functions.
- Continuously monitor and measure performance: Implement monitoring systems and key performance indicators (KPIs) to track the effectiveness and efficiency of cybersecurity measures. Regularly review and assess performance data to identify areas for improvement and optimise resource allocation.
- Stay abreast of evolving threats and technologies: Maintain an up-to-date understanding of emerging cyber threats, trends, and technologies relevant to the business. Regularly assess the efficacy of existing security measures and adapt them as needed to address evolving risks and industry best practices.
- Invest in employee training and awareness: Equip employees with the knowledge and skills necessary to support cybersecurity efforts. Regularly provide training on safe practices, emerging threats, and incident response procedures to create a security-conscious workforce that actively contributes to the protection of business assets.
Proactive approach
These strategies help organisations to maximise the effectiveness of their cybersecurity function whilst ensuring that it remains closely aligned with business requirements. This enables optimal resource allocation, and a strong security posture supporting the overall success of the organisation.
Even though breaches and attacks can still happen, investing in cybersecurity remains crucial for businesses. It’s about mitigating risks, protecting customer trust, preserving your reputation, and ensuring your business can continue without major disruptions.
By demonstrating a commitment to proactive protection and responsible data management, you not only fulfil legal and ethical responsibilities but also gain a competitive edge in an ever-evolving digital landscape.
Remember, cybersecurity is an ongoing journey, so keep adapting and improving to stay ahead of the threats and safeguard what matters most.
- Rik Ferguson is the Vice President of Security Intelligence at Forescout.
You must be logged in to post a comment.