Every time you add a new technology to your infrastructure, you create a new target for an attacker. The pandemic accelerated the adoption of cloud computing across all industries and, as a result, significantly expanded organizations’ attack surfaces. Add in a patchwork of custom and off-the-shelf software solutions, and today’s enterprise IT infrastructure is more complex—and more difficult to secure—than ever before.
This complexity is increasingly being exploited by cyber criminals. The 2022 Verizon Data Breach Investigations Report (DBIR) found that ransomware increased by more than 13% from 2020 to 2021. The FBI reported a 7% increase in complaints of suspected internet crime over the same timeframe, with reported losses exceeding $6.9 billion. In addition, cyber criminals continue to exploit weak supply chains, poor security configurations, and subpar cyber hygiene practices.
To improve your risk posture, you must continuously adapt your security approach to reduce complexity and fill talent gaps—both of which can arise when new technologies are added to your infrastructure. Tools alone are not the answer.
How to Plan in Advance of Complexity
Before you migrate to a multi-cloud platform or make a significant change to your IT stack, you can take steps to reduce complexity and reduce your attack surface.
Align teams on business outcomes. If you don’t have a defined set of goals in advance, things can get very messy very quickly. But teams need to agree on what those goals should be. You'll need to cross-collaborate to develop a strategy—and put in place oversight—before implementing big changes or deployments to your IT environment. In addition to security and IT, be sure to bring in other stakeholders from across multiple functions early—expecting that each will have different business priorities—to find alignment and map the IT infrastructure journey.
Define normal. You can’t protect what you don’t know you have. Once you have aligned your business outcomes, start with an audit of your current infrastructure. Pull together a list of all your hardware, software, and cloud assets. With this comprehensive view of your environment, identify and understand what is “normal” behavior. Once that information is assessed, you will be able to better identify anomalous behavior more accurately as new technology is introduced into your environment.
Conduct a risk assessment. Organizations need to conduct and formally review their risk assessment when they plan to adopt new technologies or make significant changes to their IT stack. Some events that might trigger the need to review risk include onboarding a new SaaS solution, migrating a database from on premises to cloud, or adding new on-premises servers to a network. You'll need to understand how adding or removing technologies can impact your cybersecurity posture.
How to fill the talent gap
According to (ISC)², a nonprofit organization that specializes in training and certifications for cybersecurity professionals, the need for cybersecurity professionals increased by 30% in 2021. Talent shortages increase risk and complexity; when a new technology is introduced, a talent gap can lead to system misconfigurations and other human errors that can give a foothold to attackers. To reduce complexity, you'll have to fill this gap.
Outsource for improved skill set access. At the start of the pandemic, a lot of organizations had to move to the cloud to keep their businesses running. They lacked in-house subject-matter experts to manage these products, however, and weren’t sure how to securely use them. To make a quick pivot to support your business, be okay with supplementing your staff with outside expertise. Explore vendors that can help bridge that skills gap while you either up-level your team or get them specialized training or additional resources.
Consider SOCaaS. A greater attack surface means increased security alerts. While many Fortune 50 corporations have built their own in-house security operation centers (SOCs), few midsized organizations have the budget or tools to do the same. Instead, they are turning to SOC-as-a-service (SOCaaS). SOCaaS can provide a high level of human expertise around security-alert data, which tools alone can’t provide—identifying and responding to active threats for a company's specific environment. These dedicated, 24-7 security teams can parse through intelligence, apply the analytics, sort real incidents from the noise, and prioritize responses.
Embrace automation. Threat actors use automation to commit their attacks. In response, you need to automate your detection and response capabilities to stay ahead of the threat. Security automation can help organizations be more productive and efficient, especially as the cybersecurity industry is facing a staffing shortage. To best optimize your current staff, you need some degree of automation to manage low-effort, repetitious, or persistent processes. This will help your staff to avoid alert fatigue and focus on more valuable tasks.
Invest in professional development. Finally, to help your team stay ahead of the latest technologies and adversarial attack methods, invest—and keep investing—in their professional development. Fortunately, the cybersecurity industry offers a large number of cybersecurity certification and training programs, including those from (ISC)², the SANS Institute, ISACA, and ISSA. Set goals through KPIs or other performance-related methods and provide company support (whether monetary or allowing for necessary time away from the office) to help team members make this industry education a priority.
Enterprise IT infrastructure is constantly evolving to adapt to changing business needs. To stay ahead of complexity, your company and your team will have to evolve too.
Keep learning
Get up to speed on unstructured data security with TechBeacon's Guide. Plus: Get the Forrester Wave for Unstructured Data Security Flatforms, Q2 2021.
Join this discussion about how to break the Ground Hog Day repetition with better data management capabilities.
Learn how to accelerate your analytics securely into the cloud in this Webinar.
Find out more about cloud security and privacy, and selecting the right encryption and key management in TechBeacon's Guide.
Learn to appreciate the art of data protection and go behind the privacy shield in this Webinar.
Dive into the new laws with TechBeacon's guide to GDPR and CCPA.
