Risk Management Today’s Cyber Defense Challenges: Complexity and a False Sense of Security
In an era where companies face increasing cyber threats, adhering to industry standard frameworks and guidelines is essential for organizations looking to minimize their risk exposure. However, deploying more security solutions is often not the best approach to greater protection against cyber threats, despite what companies and businesses may believe. In fact, investing in more security tools can lead to cybersecurity issues due to the complexity of enterprise environments and create a false sense of security within the organization.
The Dilemma of Industry Guideline Adherence
Industry standards, including guidelines such as ISO/IEC 27001 or PCI DSS 4.0, help inform businesses of practical advice on what security controls to establish to reduce risk exposure. But organizations who adhere strictly to these guidelines may end up thinking that just deploying more security solutions will provide better protection against threats. However, this is not the case, as Gartner estimates that annual global spending on IT security and risk management solutions will exceed $189.7 billion in 2023, yet breaches continue to occur.
Instead of reducing the risk of a cyber attack, purchasing more security tools only complicates things by adding to the complexity of enterprise systems. For instance, the remote work trends have created visibility and control challenges for IT and security teams. Additionally, the wide mix of business and security applications, networks, hardware, operating system (OS) versions and patches makes it challenging for IT and security teams to maintain and patch apps, exposing the organization to known vulnerabilities.
The Reality of a Complex Environment
The move towards remote work has exposed the complexities organizations face in maintaining secure infrastructure. For example, while many enterprise devices use Microsoft® Windows® OS, 80% of devices use Windows 10, but with 14 different versions and over 800 builds and patches present. Additionally, reports indicate there are 67 applications installed on an average enterprise device, and 10% of those devices have more than 100 applications installed–revealing greater complexity in app maintenance and patching. It takes, on average, 149-158 days for small/large organizations to patch. Unfortunately, deploying more security controls does not guarantee adequate protection from cyber threats.
The False Sense of Security
Enterprises often believe that purchasing more solutions will address potential security threats, but this merely leads to a false sense of security. The more security controls that are deployed on an endpoint, the more vulnerable it becomes if it doesn’t run as intended. Common decay, unintentional deletion, or malicious actions can negatively impact the security controls and endpoint management tools in place. For instance, data shows that around 25-30% of devices had unhealthy security controls, indicating that merely deploying more security controls is insufficient. The important thing is to ensure that security controls always function as intended.
Furthermore, remote access applications have become lifelines to enterprises, and mobile workers require secure, hassle-free access for corporate resources that can reside anywhere. Thus, ensuring the integrity of these critical tools becomes a priority. More than 30% of devices are found to be missing these applications, or are at a lower required version level, thus exposing the company network to security threats.
Cyber Resilience as a Solution
Organizations need to look to cyber resilience as a solution to face cyber threats, providing the ability to anticipate, withstand, recover from, and adapt to adverse conditions. Cyber resilience is now essential as traditional security measures are no longer enough to protect systems’ integrity and networks from compromise. Cyber resilience strategies involve maintaining a trusted connection to endpoints, maintaining granular control over endpoint hardware, applications, and data on the device, and carrying out repairs if misconfigurations occur. These strategies include monitoring network connectivity status, honing network access policies, and enforcing secure, reliable network access that ensures employees can keep working securely.
Conclusion
While industry guidelines can help organizations maintain effective cybersecurity, the move to remote work has added a layer of complexity that companies must navigate. Deploying more security solutions too often leads to greater complexity instead of greater risk management. Instead, organizations must invest in cyber resilience strategies to anticipate and adapt to adverse conditions and establish improved, secure network access policies.
Torsten George is a cybersecurity veteran with over 27 years of experience and co-author of the ‘Zero Trust Privilege For Dummies’ book. He is currently a cybersecurity evangelist at Absolute Software, where he helps organizations establish resilient security controls on endpoints. He is an internationally recognized IT security expert, author, and speaker.
<< photo by Tima Miroshnichenko >>
You might want to read !
- The Power of AI in Cybersecurity Recovery
- NATO Cyber Defense Center Expands with 4 New Membership Additions
- Why the reluctance to report ransomware attacks is hindering the fight against cyberattacks
- “Brazilian Hackers Launch Large-Scale Attack on 30+ Portuguese Banks”
- Examination of the Security Risks of the Expo Framework: A Case Study of OAuth Vulnerabilities and Account Takeovers