This post is also available in: 日本語 (Japanese)
I think we can all breathe a sigh of relief that we made it to the end of 2021. From a cybersecurity perspective, this year was a doozy. We had to deal with one cyber incident after another, across an expanding digital attack surface that, thanks to accelerated cloud migrations, IoT adoption and desktop digitalization, grew at a pace that served only to exacerbate the complexity of responding. With Apache log4j rounding out the year with a festive bang!
Unfortunately, the risk of cyberattack is constantly changing due to ongoing business transformations, so there doesn’t appear to be any slowdown on the near horizon.
Now the obvious question is, what more can be done to gain a greater degree of control over this situation? In 2022, the most critical investment of time and effort would be to adopt a proactive cybersecurity strategy focused on understanding the most credible threats to your business, and to develop preparedness and sustainable cyber resilience for your organization. This strategy is predicated on having visibility, both into the most relevant cyber risks and into how your business is exposed to those risks while it transforms.
Having a clear view of the most credible cyberthreats to your organization and a strategy for addressing them is how you can justify to your key stakeholders the deployment of holistic controls that are proportionate to the real-world threats facing your environment. This allows you to genuinely improve the organization’s security posture and resilience.
Threat intelligence exists to support informed decision making. Here are some of the steps you can take:
It’s important to realize this is not a one-time exercise. Instead, this needs to establish the capability to continuously monitor and evaluate your dynamic business’ digital ecosystems, as well as the evolving threats. Therefore, it is imperative to embed this in a repeatable way, i.e. via policy and process (and ideally automation) throughout your system’s lifecycle. Adopting a threat-intel informed approach for both “change” and “run” initiatives can be the game changer here.
This threat-intel informed approach fuses research, empirical data and expertise to build out a holistic, strategic view of your organization’s threat landscape.
You need a compelling business case to receive funding and support for your security programs from key stakeholders, including your Board of Directors. Reactionary and ambiguous reports don’t resonate; there's no room for panic. Too much technical detail also doesn’t work, as it takes too long to digest. Instead, try outlining the full potential set of business consequences and the cost associated with an inefficient and ineffective cyber defense to highlight the risks facing your organization in a language your stakeholders understand. Showcasing how you're helping the Board and key stakeholders understand the “why” behind your plan will help you get them on your side.
This approach enables you to clearly demonstrate how the investments proposed establish sustained security and resilience, pivoting from consequence limitation to the business benefits realization of an enhanced security posture. Here are some of the steps you can take to build a business case:
These steps will enable you to build alignment and trust at the highest level of your organization and obtain the resources needed for your strategic planning.
Even though we cannot promise to make 2022 an uneventful year from a cyberattack perspective, let us help you get control over the chaos and adopt a proactive posture.
With Unit 42, you can perform comprehensive assessments and communicate to key stakeholders the preparedness of your organization – knowing what potential threats are lurking across your environment and how ready you are to stop dangers such as ransomware.
At the same time, you can conduct simulations to continually test your plans, taking what you learn to transform your threat detection, response, containment and remediation procedures on an ongoing basis – based on real world threats and real life scenarios. You will have a higher confidence as a result.
And in the case of an incident, you can make our incident response (IR) experts an extension of your team, available on speed dial, with a Unit 42 Retainer. You can also repurpose retainer IR hours towards any other Unit 42 Cyber Risk Management services to help you become more proactive.
If you are experiencing an active breach, or think you may have been impacted by an incident, please contact Unit 42 to connect with a team member. The Unit 42 Incident Response team is available 24/7/365. You can also take preventative steps by requesting a Proactive Assessment.
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.