No company is immune to all sophisticated attacks. For example, anyone can face a problem from 0-day vulnerabilities or complex non-standard tools. To successfully repel an advanced attack and minimize negative consequences, prepare today for the challenges your cybersecurity team may face in the future.
Predicting a specific attack is, of course, impossible, so cyber security experts decided to analyze the experiences of other companies, representatives of various corporations were interviewed for the report IT Security Economics 2021. What the interviewees had in common is that they suffered from complex cyber incidents.
Here are the top 5 concerns reported by respondents:
- Insufficient visibility of infrastructure
Of course, without full infrastructure visibility, searching for and eliminating threats is nearly impossible. Even very complex incidents can go unnoticed by cyberadvocates for some time. Also, reacting without a full understanding of the situation can make things worse.
- Lack of coordination
Disparate teams taking action rather than coordinating first tend to increase the damage and complicate the investigation. Teams can also inadvertently disrupt each other (for example, information security might try to isolate the infected server from the network while IT is struggling to keep it available).
BUT: Check Point Software's report highlights the impact of cyber-crime around the world
Countermeasures. Develop a contingency plan in advance and appoint someone responsible for its implementation.
- Lack of qualified professionals
The market continues to suffer from a shortage of information security specialists, so it is not surprising that companies cite the lack of properly trained personnel capable of identifying threats and responding to critical incidents as a major challenge.
Countermeasures. If there is no in-house experience, bring in external teams to carry out incident response, continuous monitoring and threat prevention.
- Failure to identify real threats in the face of multiple signals
It's bad if your security system can't detect dangerous symptoms in the infrastructure, but not much better if it detects “too much”. Real threat alerts can get lost among thousands of disparate incidents, each of which wastes analyst attention and other valuable resources. In a complex network, this is a very real problem.
Countermeasures. Use a comprehensive cybersecurity framework with built-in technologies that help prioritize truly critical incidents.
- Insufficient visibility of malicious events or behavior
Cybercriminals are always creating new attack methods, tools and exploits. Without new information about cyber threats, security solutions cannot respond to the latest attacks or recognize intruders on the corporate network.
BUT: Angola is one of the 80 countries with the most cyber attacks in recent weeks
Countermeasures. Provide your security solutions and systems (if any) with essential, up-to-date threat information.
The IT Security Economics 2021 report contains a wealth of other useful information, such as data on average corporate losses caused by cyber incidents. You may download the full report here.
