Apr 24 2020

The 5 Functions of an Effective Cybersecurity Strategy

A comprehensive defense must address current concerns and account for next-generation threats.

Cybersecurity threats are on the rise. From phishing attacks to third-party vendor compromises and connected device vulnerabilities, there’s a growing need for cybersecurity strategies capable of both meeting current challenges and defending organizations from the next generation of cyberthreats. 

But that’s not happening. In fact, 77 percent of companies surveyed say they have no cybersecurity incident response plan in place.

So what’s the disconnect? The growing skills gap forms part of the problem: If companies can’t find the IT talent they need, effective strategy isn’t on the table. But many organizations also face the issue of missing cybersecurity roadmaps. While widely adopted strategy standards such as the five-function model from the National Institute of Standards and Technology help define the scope of security efforts, integrating and deploying this model at scale is easier said than done.

In this practical primer, we’ll break down each functional piece and offer actionable tips to drive cybersecurity strategy development.

DISCOVER: Find how how to protect your organization.

1. Identify Vulnerabilities in the Business

If you can’t see it, you can’t secure it. 

The first function in a comprehensive security strategy focuses on identifying key strengths and weaknesses across existing physical and digital assets, current cybersecurity policies and third-party services. Effective identification forms the basis of any successful cybersecurity strategy; with solution depth and breadth rapidly increasing, it’s possible to overspend without reducing IT risk.

To solve this identity crisis, start with perspective: Poll frontline staff, C-suite executives and IT professionals alike about their concerns to find common problems. Network visibility solutions are vital here too, so that businesses have eyes on what’s happening inside their tech stacks.

Then, prioritize key threats: Where is your business most vulnerable? Where are defenses working? Finally, procure solutions that match identified threats to streamline spending.

2. Protect the Organization's Network

The NIST protection factor “outlines appropriate safeguards to ensure delivery of critical infrastructure services.”

In effect, this is a precursor process: Businesses are laying the groundwork of successful cybersecurity strategies by ensuring basic policies and procedures reduce overall risk. In practice, protection starts with tools such as identity and access management (IAM) and adaptive multifactor authentication (MFA).

Effective protection also includes employees; with 73 percent of organizations now reporting more frequent insider attacks, it’s essential to educate and train staff in basic protection processes.

MORE FROM BIZTECH: How businesses can protect themselves in the future of work.

3. Detect Threats in Real Time

According to Tech Republic, the average cost of a phishing attack is now $832,500. The caveat? Prevention accounts for just 18 percent of this cost; recovery and remediation make up the bulk of post-incident budgets.

As a result, it’s critical for companies to move threat detection and prevention higher up on their priority list. By leveraging advanced malware protection tools that operate in real time to continuously monitor for threats, it’s possible to catch malicious code in the act of compromise — then sandbox, analyze and remove it ASAP.

4. Respond to Cyberattacks Effectively

Effective response includes key mitigation activities, managing communication and monitoring key outcomes.

Here, the right tools make all the difference. While your specific needs will vary based on identified risks, protection priorities and detection frameworks, common cybersecurity strategy toolsets typically deliver:

  • Advanced threat response. A proper threat response solution helps organizations aggregate and automate threat intelligence data to cut through the noise and deliver effective defense.
  • Evolved endpoint security. By combining cloud and system-based endpoint controls, companies can effectively manage local desktops, remote connections and mobile devices.
  • Enhanced network control. Software-defined network segmentation both increases visibility and improves transparency to enhance total control.

MORE FROM BIZTECH: Is your workforce new to remote work? Here's how the network can be protected.

5. Recover from Cyberattacks Quickly

Effective security strategies must go beyond threats in situ to help organizations recover from attacks and better respond to risks moving forward.

As a result, it’s critical to evaluate defensive outcomes by both identifying and reporting key metrics. According to Cisco’s 2020 CISO Benchmark Study, Securing What’s Now and What’s Next, top metrics include:

  • Time to detect
  • Time to patch
  • Time to contain
  • Time to remediate

To streamline metric measurement and reporting, it’s now critical for companies to deploy built-in enterprise security frameworks across intelligent, evolving IT environments.

NIST’s five-function model lays the foundation for a solid cybersecurity strategy, but it’s not enough in isolation. To deliver on cybersecurity potential, enterprises must prioritize practical implementation to deliver strategy at scale.

Brought to you by:

AndreyPopov/Getty Images