security posture / cybersecurity landscape / binary eye / locks / keyholes / firewall / gears

5 methods to enhance safety hygiene and posture administration

Posted on

As administration guru Peter Drucker famously stated: ‘You possibly can’t handle what you may’t measure.’ That is actually true in terms of safety hygiene and posture administration. Organizations should know what belongings are deployed on the exterior/inside assault floor, perceive the state of those belongings, establish exposures, prioritize remediation actions based mostly on threat, and work with IT operations on steady threat mitigation.

That is made more difficult because the assault floor grows bigger and extra advanced every day, demanding new necessities for knowledge assortment, processing, and evaluation together with course of automation. Sadly, these modifications aren’t actually occurring—or at the least not shortly sufficient. Safety professionals proceed to method safety hygiene and posture administration utilizing level instruments, aggregating knowledge into static spreadsheets, counting on handbook processes, and dealing haphazardly with their IT operations colleagues.

Oh, and whereas defenders muddle by way of to maintain up with safety hygiene and posture administration necessities, cyber-adversaries use automated instruments and division of labor, subcontracting points of assault campaigns to specialists.

That is an alarming state of affairs, however luckily safety professionals acknowledge the gravity of the present safety hygiene and posture administration mismatch. Based on ESG analysis, 80% of organizations plan to extend spending on safety hygiene and posture administration this 12 months.

It is price noting that ESG’s knowledge was collected earlier than the Log4j vulnerabilities and the Russian invasion of Ukraine, so it’s extremely seemingly that they will be much more funding in safety hygiene and posture administration. By way of funding areas, infosec professionals inform ESG they’ll spend on knowledge safety instruments, cyber-risk quantification, cloud safety posture administration (CSPM), safety asset administration, and exterior assault floor administration (ASM), amongst others.

As a part of this analysis challenge, ESG additionally requested safety professionals to establish actions that might most enhance their organizations’ safety hygiene and posture administration. Listed here are the highest responses:

  • Performing steady safety management validation to find gaps in current safety instruments (38%). That is particularly helpful when organizations can consider their safety defenses and processes in opposition to attacker ways, methods, and procedures (TTPs) together with frameworks like MITER ATT&CK. ESG is seeing robust progress in steady testing instruments (ex. AttackIQ, Cymulate, Randori, SafeBreach, XMCyber, and so on.) and curiosity in cloud-based cyber-ranges (CloudRange, Cyberbit, Fifth Area, SimSpace, and so on.) for this very purpose.
  • Automating processes related to safety hygiene and posture administration (36%). Good thought as safety hygiene and posture administration relies upon upon too many individuals, instruments, and knowledge sources. However earlier than organizations automate safety hygiene and posture administration processes, they have to be certain that the processes themselves are sound. Bear in mind Invoice Gates’s well-known statement that “automation utilized to an inefficient operation will enlarge the inefficiency.” In different phrases, efficient safety hygiene and posture administration course of automation could take some time.
  • Deploying a devoted instrument for safety/IT asset administration that may interoperate and pull knowledge from different current programs (35%). Assume Axonius, Balbix, JupiterOne, or Sevco right here. Safety professionals need one place to view and analyze ALL asset knowledge. This alone may enhance safety hygiene and posture administration effectivity.
  • Rising workers devoted to safety hygiene and posture administration (31%). Robust to do given the worldwide cybersecurity abilities scarcity. As a substitute for extra hiring, main CISOs I’ve spoken to are making a devoted safety hygiene and posture administration funds and dealing with their CIO counterparts to enhance collaboration between safety and IT operations groups.
  • Taking a extra adversarial/offensive method to cybersecurity so we will modify our defenses as countermeasures to fashionable assault TTPs (29%). Generally known as a ‘risk knowledgeable protection,’ this includes operationalizing the MITER ATT&CK framework, adopting steady testing, growing ‘purple staff’ capabilities, and so on. In fact, this may require coaching, creating processes round steady testing, and investments in cyberthreat intelligence.

These and different ideas deserve consideration as quickly as attainable. In any case, the rising assault floor will not defend itself.

Copyright © 2022 Koderspot, Inc.