Between the Twitter, T-Mobile and JD Sports cyberattacks, more than 240 million customers had their personal data hijacked — all before the end of January. The fallout, which has been hard to watch, caused organizations to hit the gas on their security initiatives.
Based on our latest digital transformation survey, IT leaders are planning on doing just that.
Here, we break down the cybersecurity findings from our annual Insight-commissioned Foundry report, “The Path to Digital Transformation: Where Leaders Stand in 2023” — what real business leaders are prioritizing when it comes to security, and strategies to help your organization lock down a safer future.
Cybersecurity priority #1: Threat detection
49% of business leaders are focusing on improving detection of emerging threats (e.g., ransomware), putting this priority at the top of the cybersecurity list overall. Cybercriminals aren’t just working faster than ever — they’re also more patient, sometimes lurking in environments for months to compromise storage, backups, and beyond. With this vexing alternative to smash-and-grab attacks so commonplace now, it makes sense why threat detection has become so critical.
Ways to improve threat detection
When thinking about your threat detection strategy, ask yourself the following questions across key categories:
- Comprehensive coverage: Are we monitoring all assets, including software, hardware, network and cloud infrastructure to detect potential threats across all systems?
- Integration: Does our threat detection strategy integrate well with other security tools and controls (such as firewalls and intrusion prevention systems)? Have we connected the dots to other critical areas such as incident response?
- Speed: Can we process large amounts of data quickly/in real time? Are we taking advantage of automation, Machine Learning/Artificial Intelligence (ML/AI) or other advanced technologies for faster, more accurate threat detection?
- Regular updates: How are we keeping our threat detection strategy up to date with the latest security intelligence and software updates? Can our current threat detection methods stand up against evolving threats? Companies that consider these traits in their threat detection strategy will be well positioned to combat ransomware and reduce the risk of security incidents this year and beyond.
Cybersecurity priority #2: Threat response
Ranking at #2 on the list of top focus areas, 48% of business leaders said they want to improve their organization’s threat response and remediation capabilities.
Even with strong threat detection protocols in place, a well-known cybersecurity mantra persists across industries: It’s not if we get hacked, but when. So it makes sense why taking swift and effective action in the event of a breach is the second most-cited priority this year.
Ways to improve threat response
Threat response strategies that will go the distance this year will:
- Promote preparation. A well-prepared response plan outlines key steps in case of a breach, defining roles and responsibilities for team members. Regular testing helps keep teams prepared and saves time, effort and resources in the long run.
- Document — and evangelize. A strong threat response plan doesn’t just detail the procedures and protocols to take in case of an incident — it should also be a playbook that’s well understood and accessible by teams.
- Prioritize speed. Fast incident response is crucial in minimizing the damage from an attack. Automated response systems and tools that leverage AI and ML can be instrumental in speeding response times. And don’t forget the power of programmatic security: Strong threat detection plays a huge role in enabling that swift response — proactive threat hunting and real-time monitoring across all systems included.
- Foster collaboration. A strong threat response strategy will include collaboration between security teams, operations, IT, legal, compliance, HR and marketing in the event of a cyberattack. A clear communication plan for sharing information between teams is crucial in a threat response scenario.
- Work at scale. A threat response plan should be able to address different types and levels of threats across the business. Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) can help facilitate faster response at scale. There are even platforms that combine both SIEM and SOAR into one solution.
- Test regularly. A major mindset shift improving cybersecurity is looking at the program through a business continuity lens. Always be assessing your threat response plan for gaps or weaknesses (on a clearly defined cadence), and make changes as needed. Ongoing testing can look like phishing simulations, penetration testing and red team exercises.
Cybersecurity priority #3: Awareness training
42% of business leaders said they want to improve security awareness and training at their organization.
A 2022 study by SlashNext found that more than 255 million phishing attacks had occurred in a six-month timeframe — a 61% jump from the previous year. In Verizon’s 2022 Data Breach Investigation Report, 82% of breaches involved the human element (social attacks, errors and misuse).
Simply put, the bad guys are getting better — and organizations can no longer skimp on upleveling their good guys.
Ways to improve security awareness training
A strong awareness training program should be created, vetted, and regularly assessed by multiple stakeholders, including information security, internal communications, human resources, and legal. In addition, make sure your awareness program is:
- Interactive: Trainings should be engaging and relevant to employees’ roles and everyday workflows, using real-life scenarios and case studies to demonstrate the impact of poor cybersecurity practices.
- Ongoing: Offer regular trainings to ensure employees are up to date with the latest threats and best practices. Some organizations even require mandatory trainings with post-module tests to drive participation and recall.
- Measurable: Measurable goals and objectives should be baked into the awareness program, as well as ways to gauge effectiveness. This can include employee surveys, training completion rates and security breach analyses to determine improvements in the successful prevention of attacks.
- All-inclusive: Make sure your program covers a wide range of topics, including password security, social engineering, phishing and data protection, among others.
Here’s to a more secure future.
Cybersecurity may have been about protecting computers and systems long ago. Today, it’s about protecting society. And it’s a fight we’re all in together; our research report this year sheds light on what business leaders are working to address every day — priorities your organization is likely thinking about, too.