Stories about data breaches have been appearing increasingly since the pandemic, and some people could think it’s just a hyperbole driven by the media. The threat landscape had escalated even before Covid-19, and now, with a dispersed workforce, attacks are getting more extensive and damaging.
CISOs and security teams face challenges that have increased in complexity. Protecting what was under direct control within the company’s perimeter was tough. But today, cyber professionals have to deal with endpoints that are employees’ personal property, networks that are managed by legally separate entities, a growing shadow IT, which still is an existential threat to operations, and ultimately, the relevance and longevity of the IT stack.
A recent Delinea study found more than half (53 per cent) of respondents from the UAE and KSA believe their overall security strategy is ‘in the doldrums’ and requires a re-invigoration of cyber security across the organisation, with only 16 per cent stating they can keep pace with the threat landscape. Across the Gulf and beyond, attack volumes soared during the Covid-19 crisis, with sources from police departments to government agencies raising flags and reporting alarming digital onslaughts on individuals and businesses. A now-famous ransomware report from this year shows that 59 per cent of UAE organisations were hit with an attack, at an average recovery cost of more than $1 million. Throw in that this was up from 38 per cent the previous year, and you can see that the meme of “the threat landscape is getting worse” is no myth.
Action stations
There is work to do, starting with risk awareness about compromised privileged access, as many costly, headline-grabbing attacks start with simple credentials theft. Effective privileged access management (PAM) solutions help with advanced behavioural analyses that monitor and respond to suspicious behaviour of human and non-human entities across the network and just-in-time access controls that implement least-privilege and zero-trust principles. Delinea’s survey showed that almost 70 per cent of decision-makers were going to increase their IT budgets and staffing levels this year but that the resources were aimed at inefficient areas. Asked to name the most significant obstacles they saw to robust, future-proof cybersecurity, almost half of respondents listed staff shortages, and more than 30 per cent decried budget shortfalls as substantial roadblocks. Additionally, about one-third voiced concern over a lack of executive support for investments in future-proof cybersecurity.
Many organisations focus their energies and budgets on procuring single-purpose tools and sticking with short-term strategies that maintain an environment that accommodates duplicates of existing solutions and the retention of ineffective legacy tools. This avoidable complexity ties up resources as security personnel must devote much time to making single-purpose security tools work together coherently.
If the past couple of years has taught us anything, it should be that adequate preparation for the future is worth it. Sustainable investment in cybersecurity now may make all the difference in the coming years. In contrast, short-term measures and stop-gap solutions reduce risk only temporarily, without adding value, and increasing technical debt.
Choose wisely
In the world of hybrid work and quick fixes that led to patchwork technology environments, it has never been more important to integrate new solutions neatly into existing technologies, leveraging modern security approaches that keep pace with the evolution of the threat actor. Blanket buying sprees that seek to cure all ills with a single procurement project are not always the right answer. Organisations should take a breath and sketch out their risk profile first, defining what assets each employee needs to access to complete their tasks. Through this exercise, they can establish where their most significant risks lie so procurement can be more strategic, focusing on solutions that integrate and enable automation and orchestration, leading to a cohesive., seamless environment.
Such an environment makes cybersecurity “invisible” to the end-users as it’s embedded into everyone’s workflows without hampering productivity. It also takes time-consuming, manual tasks out of the busy hands of IT teams while giving them greater visibility and control.
Our study clearly shows that automation is a crucial part of cybersecurity, as 50 per cent of respondents said they used it to integrate privileged access management, and 29 per cent are planning more automation in the next 12 to 18 months. Living in a region where security skills gaps continue to hamper progress, if an organisation is fortunate enough to have assembled a team with the knowledge to deliver a safe environment, they should not burden those talented individuals with humdrum duties. These teams will add much greater value as dedicated threat hunters, savvy risk managers, or even instigators of policy. With this in mind, automation is perhaps the surest step to getting regional security strategies out of the doldrums and up to global standards.
If you liked reading this, you might like our other stories
Cybersecurity Myths That Are Harming Your Business
The 9 Cs Of Cybersecurity For The Modern Business
