Blindly throwing technology at the problem rather than appropriately investing in the development of a security team is one of the biggest mistakes an organization can make.
Whether it is a small business or a large enterprise, confronting a ransomware attack head-on is daunting. However, once the rush to secure and get systems up and running is over, the organization must deal with the mess that has been left behind. It’s never a question of if, but when, a company will be attacked. And, with threat actors turning to ransomware as an easy payout, the chances of an organization being hit by ransomware are higher than ever. If ransomware is unavoidable, how can businesses decrease the impact and minimize the damage?
It’s tough to estimate the cost of a breach, and there’s no one-size-fits-all approach. However, regaining control quickly hinges on one key factor: a well-crafted cyber-incident response plan. Previously agreed-upon activities that need to be tracked, such as license fees and burn rates, should be baked into this plan, as well as a project manager to track vendor statements of work, track time, and keep things organized in general. Having someone who can measure these seemingly little aspects gives a significantly more realistic picture of the total cost of an attack, which is frequently much more than organizations realize. It’s also vital to look at costs in terms of short-term and long-term costs.
Organizations often spend a lot of money on endpoint detection and response (EDR) solutions while overlooking monitoring and investing in high-quality security leadership and human expertise.
Here a few other costly mistakes organizations should avoid:
Ignoring the Fundamentals
Some of the most basic errors can be the most costly. According to IBM research’s “Cost of a Data Breach 2021” report, a breach life cycle of fewer than 200 days costs US$1 million less than a life cycle of more than 200 days, thus even minor changes can save a lot of money. Businesses should focus on best practises first, such as log management and retention, before moving on. Vulnerability management failures, unfortunately, are the most common cause of breaches. Vulnerability management appears to be difficult, yet it may be disastrous if ignored.
Lack of clear lines of accountability, responsibility, and reporting
CIOs and other IT leaders will almost always prioritize business operations objectives over security, so having a good ambassador who can effectively articulate security requirements to senior leaders is essential. This way, the team isn’t in the dark during crucial leadership discussions.
If a tool provides alerts, teams should ensure that they are followed up on. Ignoring these alerts, as obvious as it may seem, is usually the start of significant problems.
Outside of the stated incident response strategy and security staff, there are a few key areas of investment that executive leaders should prioritize.
They should begin with network segmentation. Organizations today have a myriad of attack vectors, including cellphones, laptops, and IoT devices, among others. However, businesses can save millions of dollars by ensuring that an attacker can only compromise one device at a time, rather than moving freely through an environment.
As part of the security maturity process, they should conduct tabletop exercises. These are necessary to ensure that team members understand what to do, how to do it and when to do it so that they are not caught off guard when the fire alarms sound.
For more such updates follow us on Google News ITsecuritywire News