In this latest Thought Leadership piece, Jos Akkermans, Field CTO of EMEA, Xalient sets out guidelines for organisations to thrive in the current marketplace
Cybersec Europe saw over 7,000 visitors this year, marking a 14% increase compared to the previous year. There were certainly a lot of conversations around navigating the complexities of multiple vendor tools and knowing where to start.
In fact, recent Gartner studies highlight that eight out of ten (81%) organisations say they have experienced regret over a recent “As-A-Service” expansion purchase. That’s because a greater number of options means organisations have more products and technologies to choose from as well as a growing and diversifying set of use cases. This often leads to uncertainty, indecision, bad choices, and paralysis in action.
All the while, cyberthreats continue to evolve at pace with increased DDoS and cyber attacks leading to ransomware, vishing, malware and supply chain attacks. Additionally, hackers are leveraging AI in increasingly sophisticated ways to enhance their attacks. Identity threats are also increasing and recent research from cybersecurity vendor CrowdStrike highlighted that 35% of cloud incidents are down to account abuse.
So how do you not only survive but thrive in this environment?
The survival rule of threes
Our advice is to work on the ‘Cybersecurity Survival Rule of Threes’ which is often applied as a survival tactic in the wilderness.
The Survival Rule of Threes is a guideline that helps explorers prioritise survival needs in extreme situations. You can go three minutes without air, three hours without shelter, three days without water and three weeks without food. Maintaining morale and having a survival plan can make a significant difference in the wilderness – in fact, it can be the difference between life and death.
In today’s complex security world, where it is hard to see the forest for the trees with so many vendors competing for a share of your budget, applying the same principles can help you navigate and survive the complex vendor landscape. Here the ‘Cybersecurity Survival Rule of Threes’ is around planning, prioritising and collaboration. Organisations need to first plan and prepare the foundations. They must then prioritise based on what’s important to the business. Thirdly, collaboration is crucial to ensure all parties are consulted, involved and everyone understands the end goal.
Rule 1 – Plan for success
To avoid being overwhelmed by noise and new products, make sure that you plan for success by putting in the initial controls and a strong foundation before you start implementing any new technology. This includes knowing what you have, because if you don’t know it exists you can’t protect it. Start with discovery and asset management, move onto fundamental protection such as anti-ransomware and backup, endpoint protection and patch and vulnerability management as well as zero trust network access. Additionally, have you thought about access control and privileged access management, and detection and response capabilities? Having a solid security baseline will help you to develop, grow and mature your security environment.
Rule 2 – Prioritise based on organisational goals
Once the foundations are in place, you can start to prioritise based on organisational goals, ensuring you are only implementing technology that you absolutely need. This also includes making sure you understand your security maturity and the importance of strong governance. What policies and processes do you need to support your environment? Do you understand the relationship between risk and compliance? Governance aligns security efforts with business objectives, ensuring that cybersecurity is not just a technical concern but a core part of the organisational strategy. Do you have identity governance and administration policy documents and procedures in place and have you ensured that technology implementations are aligned with organisational goals? Governance helps to foster a culture of security awareness and adaption, ensuring that policies evolve with new threats and technologies.
Once the basic controls and governance are in place you can start to consider strategic security enhancements. These can be initiatives such as implementing a zero trust network architecture (ZTNA) or secure networking and network segmentation. Cloud security posture management will be important as you move more workloads into the cloud as well as security automation and orchestration (SOAR).
Rule 3 – Collaborate both internally and externally
Collaboration is an absolute necessity throughout. Don’t reinvent the wheel, but work with both internal and external stakeholders. Effective prioritisation and collaboration are essential for successful cybersecurity initiatives, ensuring that efforts are aligned with organisational objectives and resources are utilised efficiently. Often teams are unaware of each other’s needs and activities and this can lead to gaps in security.
Collaborating with external partners is also essential. Partners bring specialised knowledge and experience, which can help organisations implement effective security measures and stay ahead of emerging threats.
However, this isn’t just about surviving but also thriving, and to achieve this you always need to think two steps ahead. How can you ensure that your environment is future-proofed? Organisations should plan for ongoing enhancements and continuous improvements and not settle for a minimum viable product. This is where AI and machine learning, DevSecOps and clear cybersecurity metrics and KPIs really help. Likewise, a well-defined roadmap helps organisations prioritise actions, allocate resources effectively and achieve long-term security goals.
Make sure you are headed in the right direction
Ultimately if you don’t know where you are going, more than likely, you will end up somewhere you didn’t want to be.
Survival can be summed up in three words. Never give up. It takes time. A security initiative could be a two-year programme, so don’t necessarily expect it to be ready in three weeks. Insight leads to improvement – the more you know about your tools and environment the better-informed decisions you will make about new technologies. Insight and a clear roadmap will deliver more predictability in the future.
Security projects are not easy. They are often under-resourced, have unrealistic time frames, and there is an overreliance on technology with poor stakeholder engagement. It is therefore important to adopt a zero trust mindset and never trust, always verify. Assume you have been breached and operate with the assumption of adversary presence. This is why collaboration should never be underestimated. Remember it is impossible to have all the knowledge alone – collaborate with peers, with teams, and with analyst organisations. Lean on the knowledge of specialist companies to ensure rapid improvement so you can accelerate implementations and not only survive but thrive in today’s complex threat landscape.
