Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Op-Ed: The blame game

There is a prevalent industry-wide disagreement regarding the effectiveness of cyber security measures in place.

user iconRichard Sorosina
Tue, 19 Sep 2023
Op-Ed: The blame game
expand image

Organisations often feel they need more appropriate solutions, while cyber security vendors believe there is a need for more resources to implement and maximise those solutions effectively. Additionally, boards and executives express scepticism about the usefulness of the solutions, as they either need help to grasp their organisation’s true cyber security posture or feel that their return on investment remains inadequately reflected.

The truth of the matter is it’s a combination of all of this. However, we need to stop playing the blame game and get down to business.

What’s clear is this disconnect among stakeholders highlights the urgent need for improved communication and a clearer understanding of cyber security’s value and impact at all levels within the organisation.

============
============

The reality is organisations are soon to be put under scrutiny as the Australian Critical Infrastructure Risk Management Program (CIRMP) rules – which came into effect with the aim of uplifting core security practices relating to the management of key critical infrastructure assets – will require organisations in the specified sectors to put in place a written risk management program identifying and managing “material risks” or “hazards” that could have a “relevant impact” on a critical infrastructure asset. They then have one year to implement the program and provide an annual board-approved report to the government.

With that in mind, improving cyber resilience should be top of mind for all stakeholders, and we should make better use of our time by not placing blame. Rather, you should take the right steps to drive action within your organisation. Our common goal is to improve the organisation’s cyber security posture, determine the correct solutions to invest in, and implement them effectively to not only comply with new regulations and avoid costly missteps but to ultimately protect your organisation.

Take a risk-based approach

To enhance your organisation’s cyber security posture, start by evaluating your existing security measures and ensuring they align with your business risk. Identify critical assets and determine what is most vulnerable and important to your organisation, allowing you to focus on preventing potential vulnerabilities effectively.

Organisations can achieve a significant security uplift by prioritising patching critical vulnerabilities based on the risks they pose to the business.

Having the right tools to measure and reduce assets at risk will also enable CISOs to demonstrate how the security strategy is improving their organisation’s overall security stance and provide the board and business executives with clarity to align the security strategy with business objectives.

This proactive and risk-based approach will strengthen your cyber security resilience and safeguard your organisation against potential threats.

Consolidation is the way forward

Organisations strive to optimise their cyber security tools but often face challenges due to limited resources, skills, and time to effectively manage them all. Small to medium enterprises, on average, handle around eight to 10 security tools, while large enterprises juggle an overwhelming 40 to 60 tools. It is immediately clear that this approach can quickly become unmanageable, and the market has started realising that.

By adopting a consolidated approach, which sets to integrate core capabilities into a smaller number of security platforms, organisations can tap into a number of advantages beyond simply reducing the total tool count, for example, moving from 40 to a more practical four.

First, it creates efficient security workflows that provide a comprehensive view of the environment, working from a single source of truth. This makes detecting and mitigating risks easier, as all necessary information is centralised. Additionally, automating tasks across the tech stack becomes more feasible within a consolidated toolset and leads to better management. This means tasks that traditionally consumed a significant amount of time can now be automated, freeing up the IT or security team to engage in other critical security tasks.

These benefits ultimately contribute to an improved return on investment (ROI). With streamlined workflows and the ability to automate tasks, security efforts become more effective and efficient. This, therefore, maximises the value of the organisation’s cyber security investments and, in turn, supports critical conversations with the board.

Take the case of our client Illion as an example. Facing the complexity of a vast toolset and a workforce of remote employees, it successfully streamlined its set-up, leading to a consolidated approach that yielded substantial ROI. Illion achieved comprehensive visibility into its asset management – something that was previously unattainable – and integrated vulnerability scanning capabilities that helped it identify, prioritise and patch critical vulnerabilities based on risk. By automating this process alone, it moved from days of manual effort into hours.

Since there isn’t a one-size-fits-all “superpower” security tool available, organisations may also want to consider partnering with a managed security service provider (MSSP) to address their specific security needs effectively.

MSSPs can bridge the complexity of managing and maintaining security tools that often demand specialised skills. This is particularly relevant as the consolidation trend extends to service providers. Engaging an MSSP offers organisations the opportunity to augment their team by filling the resource and skill gaps required to harness consolidated capabilities effectively, without the need for direct investment and management. This is becoming increasingly prevalent as MSSPs shift towards offering services built on consolidated platforms, as they move away from the older model of multiple unintegrated security capabilities packaged in a black-box approach.

These strategies should all serve as a clear call to move beyond the blame game. It’s time to get to work and for organisations to take the first steps to embrace these proactive measures to enhance their cyber security posture.


By Richard Sorosina, chief technical security officer for ANZ at Qualys

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.